How can I connect a Linux computer via ssh / openssh to a Ubuntu Touch phone when it says "ssh: connect to host 192. ... port 22: Connection refused"?

Moem

Have you seen this manual?
https://docs.ubports.com/en/latest/userguide/advanceduse/ssh.html

Anna

@moem said in How can I connect a Linux computer via ssh / openssh to a Ubuntu Touch phone?:

Have you seen this manual?
https://docs.ubports.com/en/latest/userguide/advanceduse/ssh.html

That's exactly what I was hoping for. Great, thanks!

Moem

Hurray! I'm glad I could help.

Anna

Hmm, I followed the instructions in detail (except I did not generate a new key but used an existing one) twice, but all I get is "ssh: connect to host 192.XXX.XXX.XX port 22: Connection refused"

Any ideas?

AppLee

Hi @anna

Did you restart the SSH service on the phone? (a reboot might help)
You can also use UT Tweak Tools to allow SSH as an alternative to the command line.

Also be sure that ssh uses the correct private key or to specify the key manually
ssh -i <your_private_key> phablet@<ip_address>

Anna

@applee said in How can I connect a Linux computer via ssh / openssh to a Ubuntu Touch phone?:

Also be sure that ssh uses the correct private key or to specify the key manually
ssh -i <your_private_key> phablet@<ip_address>

Yes, I restarted ssh (service ssh restart) several times and also the phone after that did not do the trick.

This is what I tried (on my computer AND then also on the UT phone) after reading your advice -- am I doing anything wrong?

ssh -i /home/anna/.ssh/id_rsa phablet@192.XXX.XXX.XX

Still "port 22: Connection refused"

(Apart from that, I did the following:
-service ssh start (and that android command, but the linux command seems to work on UT)
-sudo ufw disable
-checked in sshd_config if Port 22 is correct)

Anna

At some point, for lack of better ideas, I changed the port from 22 to some random port 4XXX -- and now it works. I have no idea why.

However, it only works with when the firewall is disabled.
sudo ufw allow 4XXX
and
sudo ufw allow from 192.XXX.XXX.XX
has not changed that. Once I enable ufw, there's no connection.

Ideas anyone?

arubislander

@anna said in How can I connect a Linux computer via ssh / openssh to a Ubuntu Touch phone when it says "ssh: connect to host 192. ... port 22: Connection refused"?:

At some point, for lack of better ideas, I changed the port from 22 to some random port 4XXX -- and now it works. I have no idea why.

However, it only works with when the firewall is disabled.
sudo ufw allow 4XXX
and
sudo ufw allow from 192.XXX.XXX.XX
has not changed that. Once I enable ufw, there's no connection.

Ideas anyone?

The ufw firewall is on your laptop or on your mobile device?

mschmids

@anna or concerning port 22 it could be also a e.g. port or otherwise setting in the router.

Anna

On both, arubislander. On the computer ufw is constantly enabled, which is no problem, but on the mobile device I have to disable ufw for a ssh connection despite having defined the rules "sudo ufw allow 4XXX" and "sudo ufw allow from 192.XXX.XXX.XX".

Hm, don't know what a "e.g. port" is. From what I can see, the router software tells me there are no open ports at all, but that only concerns the outside world, I guess. If the router is blocking anything within my network, I cannot find the settings. But I would have moved ssh from port 22 to an unusual port anyway, so it's fine that 22 does not work.

I was just curious why, but in fact it's not important. It's similar with ufw: I'd like to know why it is that I have to disable ufw every time I want to access the phone from the computer via ssh and I'd rather not have to do it, but everything works without finding a solution. So it's a luxury problem, I suppose.

mschmids

@anna was merely meant as a general consideration, with the router in between the two devices. My FritzBox 7590 for instance has a setting in WLAN->Safety, to enable communication between devices, which I had to tick, to ssh from laptop to mobile. Admittedly a bit off topic, since in your case 4XXX is no issue vs. 22.

Bolly

@Anna , I did not have any problems with the SSH setup with VollaPhone22 running as the only system. I have never touched ufw. For what it's worth.

I have always followed the official documentation.
https://docs.ubports.com/en/latest/userguide/advanceduse/ssh.html

arubislander

@anna said in How can I connect a Linux computer via ssh / openssh to a Ubuntu Touch phone when it says "ssh: connect to host 192. ... port 22: Connection refused"?:

On both, arubislander. On the computer ufw is constantly enabled, which is no problem, but on the mobile device I have to disable ufw for a ssh connection despite having defined the rules "sudo ufw allow 4XXX" and "sudo ufw allow from 192.XXX.XXX.XX".

Thank you for taking the time to answer. I was not aware one could enable ufw on Ubuntu Touch. And I wonder if that might not be the the source of your troubles. How did you get ufw working on your device?

Anna

@arubislander Well, you can just use the commands "sudo ufw enable", "disable", "status" etc. However, I'm not sure it is enabled by default and - in case it's not - if one is supposed to enable it. As I then realised, it also blocks the browser and dekko; it was impossible to go online with ufw enabled. So in the end I switched it off for good. EDIT: Only later I read in this forum that 1. things are complicated with the ufw and 2. the firewall is inactive since all ports are closed by default. And indeed, according to nmap, all 65355 ports are closed, except for the one specified for ssh (only as long as ssh is running).

arubislander

@anna That is as I expected. Although I hadn't realized that ufw was installed by default. But it does make sense that it is disabled by default.
Ubuntu Touch aims to be a consumer ready mobile OS. Firewall administration is considered an advanced feature, which the typical user is not expected to need to deal with. And even then there would need to be some form of graphical settings page to simplify administration of the firewall at the very least.
Furthermore, it is not really that ports are blocked by default on Ubuntu Touch, rather that there are no services running on the phone by default that are listening on any ports. This is the reason nmap flags the ports as closed.
This is also the reason why it is good practice to only enable ssh temporarily, and also only when your device is connected to a trusted network. In this case having a firewall would not make ssh usage more secure.