Why when i want to ssh from jenkins to another server always Connection timed out?

Using Jenkins Ask a question
,
1

Here my script jenkins

stage('Deploy Image') {
            steps {
                script{
                    def commit_id = readFile('.git/commit-id').trim()

                    def remote = [:]
                    remote.name = APP_NAME
                    remote.host = APP_HOST
                    remote.allowAnyHosts = true
                    withCredentials([sshUserPrivateKey(credentialsId: APP_SSH, keyFileVariable: 'identity', usernameVariable: 'userName')]) {
                        remote.user = userName
                        remote.identityFile = identity

                        try{
                            sshCommand remote: remote, command: "su - ${APP_USER_SSH} -c 'docker stop ${APP_NAME} && docker rm ${APP_NAME}'"
                        }catch(e){
                            currentBuild.result = 'FAILURE'
                            echo "Error: ${e}"
                        }
                        sshCommand remote: remote, command: "su - ${APP_USER_SSH} -c 'docker run -itd {appName}
                        --network ${APP_NETWORK} \
                        "
                        sshCommand remote: remote, command: "su - ${APP_USER_SSH} -c 'docker image prune -a -f'"
                    }
                }
                
            }
        }

I got this err: Error: com.jcraft.jsch.JSchException: java.net.ConnectException: Connection timed out

This the stack trace:

hudson.remoting.ProxyException: java.net.ConnectException: Connection timed out
	at java.base/sun.nio.ch.Net.connect0(Native Method)
	at java.base/sun.nio.ch.Net.connect(Net.java:579)
	at java.base/sun.nio.ch.Net.connect(Net.java:568)
	at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:593)
	at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:327)
	at java.base/java.net.Socket.connect(Socket.java:633)
	at java.base/java.net.Socket.connect(Socket.java:583)
	at java.base/java.net.Socket.<init>(Socket.java:507)
	at java.base/java.net.Socket.<init>(Socket.java:287)
	at com.jcraft.jsch.Util.createSocket(Util.java:374)
Also:   org.jenkinsci.plugins.workflow.actions.ErrorAction$ErrorId: 5bba5833-628f-4fce-b860-cb5f6cb0358c
Caused: hudson.remoting.ProxyException: com.jcraft.jsch.JSchException: java.net.ConnectException: Connection timed out
	at com.jcraft.jsch.Util.createSocket(Util.java:378)
	at com.jcraft.jsch.Session.connect(Session.java:217)
	at com.jcraft.jsch.Session.connect(Session.java:187)
	at com.jcraft.jsch.Session$connect$1.call(Unknown Source)
	at org.hidetake.groovy.ssh.connection.ConnectionManager.connectInternal(ConnectionManager.groovy:107)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:98)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:352)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1034)
	at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.callCurrent(PogoMetaClassSite.java:68)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:193)
	at org.hidetake.groovy.ssh.connection.ConnectionManager$_connectInternal_closure1.doCall(ConnectionManager.groovy:85)
	at org.hidetake.groovy.ssh.connection.ConnectionManager$_connectInternal_closure1.doCall(ConnectionManager.groovy)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:98)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:264)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1034)
	at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:41)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)
	at org.hidetake.groovy.ssh.util.Utility.retry(Utility.groovy:52)
	at org.hidetake.groovy.ssh.util.Utility$retry.callStatic(Unknown Source)
	at org.hidetake.groovy.ssh.connection.ConnectionManager.connectInternal(ConnectionManager.groovy:83)
	at org.hidetake.groovy.ssh.connection.ConnectionManager.connectInternal(ConnectionManager.groovy)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSiteNoUnwrapNoCoerce.invoke(PogoMetaMethodSite.java:210)
	at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:59)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:169)
	at org.hidetake.groovy.ssh.connection.ConnectionManager.connect(ConnectionManager.groovy:59)
	at org.hidetake.groovy.ssh.connection.ConnectionManager$connect.call(Unknown Source)
	at org.hidetake.groovy.ssh.session.SessionTask.wetRun(SessionTask.groovy:61)
	at org.hidetake.groovy.ssh.session.SessionTask.call(SessionTask.groovy:48)
	at java_util_concurrent_Callable$call.call(Unknown Source)
	at org.hidetake.groovy.ssh.core.Service.run(Service.groovy:81)
	at org.hidetake.groovy.ssh.core.Service$run$0.call(Unknown Source)
	at org.jenkinsci.plugins.sshsteps.SSHService.executeCommand(SSHService.groovy:177)
	at org.jenkinsci.plugins.sshsteps.steps.CommandStep$Execution$CommandCallable.execute(CommandStep.java:84)
	at org.jenkinsci.plugins.sshsteps.util.SSHMasterToSlaveCallable.call(SSHMasterToSlaveCallable.java:32)
	at hudson.remoting.LocalChannel.call(LocalChannel.java:47)
	at org.jenkinsci.plugins.sshsteps.steps.CommandStep$Execution.run(CommandStep.java:72)
	at org.jenkinsci.plugins.sshsteps.util.SSHStepExecution.lambda$start$0(SSHStepExecution.java:84)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:833)
Finished: FAILURE
2

firewall?
Can you connect via ssh when you try that directly from a command line on the agent?

3

I can use, putty for ssh to my target server. But somehow my jenkins pipeline with right credential can’t to connect to target server, than i set for port 22 allowlist
for jenkins server

4

Do you have any example, to do that?

5

this config security firewall

Screenshot 2023-10-26 174932
Screenshot 2023-10-26 1749321954×78 5.74 KB

6

i just type this sudo ufw status numbered in my cloud linux ubuntu and as result is this: Status: inactive

7

Hello i was try to ssh -vvvv “my ip” then got this

root@"my_credential":/etc/ssh# ssh -vvvv "my_ip"
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "my_ip" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to "my_ip" ["my_ip"] port 22.

then i type telnet “my_ip” 22 and got connection time out

8

when i type systemctl status sshd i got this message


Nov 21 19:53:49 "my_credential" sshd[19551]: Connection reset by 218.92.0.27 port 16958 [preauth]

Nov 21 19:53:51 "my_credential" sshd[19657]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key

Nov 21 19:54:01 "my_credential" sshd[19657]: Received disconnect from 218.92.0.113 port 14147:11: [preauth]

Nov 21 19:54:01 "my_credential" sshd[19657]: Disconnected from 218.92.0.113 port 14147 [preauth]

Nov 21 19:55:01 "my_credential" sshd[19694]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key

Nov 21 19:55:02 "my_credential" sshd[19694]: Invalid user zabbix from 112.169.180.240 port 42772

Nov 21 19:55:02 "my_credential" sshd[19694]: Connection closed by invalid user zabbix 112.169.180.240 port 42772

[preauth]

Nov 21 19:55:04 "my_credential" sshd[19699]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key

Nov 21 19:55:06 "my_credential" sshd[19699]: Invalid user trojanuser from "my_ip" port 59058

Nov 21 19:55:07 "my_credential" sshd[19699]: Connection closed by invalid user trojanuser "my_ip" port 59058 [preauth]
9

After that question about the firewall, I just researched and got this way to fix my problem.

I got this article: https://www.skynats.com/blog/telnet-connection-refused-by-remote-host/ this tells me how to telnet to my target server then just type this ufw allow 22/tcp in the command line at your target server to allow port 22 ssh. Before that use need to go to this article:

https://learn.microsoft.com/en-us/answers/questions/1324429/how-to-fix-ssh-connection-timed-out-to-ip-with-por

to check are your ssh to target server has trouble. Then go to this article to fix your sshd https://repost.aws/knowledge-center/ec2-linux-resolve-ssh-connection-errors