Skip to content
Fix These Errors
ssh: connect to host ... port 22: Connection timed out

ssh: connect to host ... port 22: Connection timed out

DodaTech 3 min read

The Connection timed out SSH error means the server never responded. Fix it with ping, check firewall rules, and review cloud security group inbound policies.

What It Means

A timeout is different from a refusal. The server didn’t actively reject your connection — it just didn’t answer. This usually means a firewall or network filter between your client and the server is silently dropping the packets, or the server is completely unreachable.

Why It Happens

  • A firewall (local, network, or cloud security group) is dropping traffic to port 22.
  • The server is powered off, crashed, or disconnected from the network.
  • An intermediate router, VPN, or NAT gateway is misconfigured.
  • The server is on a different network (wrong IP or DNS resolution).
  • Your local machine is behind a restrictive outbound firewall.
  • The SSH server is bound to a private IP but you’re connecting from outside the network.

How to Fix It

1. Check basic connectivity with ping 

ping -c 4 hostname

If ping fails (no response, 100% packet loss), the server is likely offline or unreachable at the network layer. If ping succeeds but SSH times out, a firewall is blocking port 22 specifically.

2. Test the port directly with telnet 

telnet hostname 22

If telnet hangs or times out, the port is blocked. If it connects (shows SSH version string like SSH-2.0-OpenSSH), the issue is on the client side — possibly a local firewall or SSH configuration.

3. Use nmap to test port state 

nmap -p 22 hostname

Output shows open, filtered (firewall drop), or closed (no service). filtered means a firewall is blocking your probe.

4. Check local firewall rules 

sudo ufw status
sudo iptables -L -n

Ensure your local firewall isn’t blocking outbound SSH. Look for rules that drop traffic on port 22.

5. Check cloud provider security groups

If the server is on AWS, GCP, or Azure, check the security group / firewall rules in the cloud console. Ensure an inbound rule allows TCP on port 22 from your IP address (or 0.0.0.0/0 if you need universal access).

6. Verify the SSH service is running

If you have out-of-band access (VPS console, iDRAC, IPMI), log in and check:

sudo systemctl status sshd
sudo ss -tlnp | grep :22

The service must be running and listening on the correct interface.

7. Try a different network

If you’re on a restrictive network (corporate VPN, public Wi-Fi), try from a different connection (e.g., mobile hotspot). This isolates whether your current network is blocking SSH.

Why does ping work but SSH times out?
Ping uses ICMP, which is a different protocol from TCP. A firewall can allow ICMP (ping) while blocking TCP port 22. This is common on cloud servers where ICMP is open for diagnostic purposes but SSH is restricted to specific IPs.
What ports should I check if SSH is on a non-standard port?
If the server uses a custom SSH port (e.g., 2222), test with telnet hostname 2222 and connect with ssh -p 2222 user@hostname. Make sure the firewall allows the custom port, not just port 22.
Could a VPN cause SSH timeouts?
Yes. VPNs can add routing complexity, MTU issues, or firewall rules that interfere with SSH. Try disconnecting from the VPN and connecting directly. If that works, the VPN is the problem — check its routing table and split-tunnel configuration.
Previous Exception in thread 'main' java.lang.StackOverflowError Next Your branch is behind 'origin/main' by X commits

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Fix These Errors