Troubleshooting GitLab SSH Port 2222 Connection Refused Error on Ubuntu VPS


6 views

After configuring GitLab CE on Ubuntu 14.04 LTS with custom SSH port 2222, users encounter connection issues when attempting SSH operations. The error manifests as:

ssh: connect to host gitlab.myserver.com port 2222: Connection refused

First, verify these critical configuration elements in /etc/gitlab/gitlab.rb:

# SSH configuration
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['gitlab_shell_git_timeout'] = 800

# Ensure SSH service is enabled
gitlab_rails['gitlab_shell_enabled'] = true

Execute these commands to verify service status:

# Check GitLab SSH service
sudo gitlab-ctl status gitlab-shell

# Verify listening ports
sudo netstat -tulpn | grep :2222

# Alternative port check
sudo lsof -i :2222

For Ubuntu's UFW firewall, ensure proper rules:

# Check existing rules
sudo ufw status verbose

# Add rule if missing
sudo ufw allow 2222/tcp
sudo ufw reload

Check /etc/ssh/sshd_config for conflicts:

# Ensure no other service uses port 2222
Port 22
#Port 2222  # Comment out if present

Run these diagnostic commands:

# Check GitLab configuration
sudo gitlab-rake gitlab:check SANITIZE=true

# Tail logs for real-time debugging
sudo gitlab-ctl tail gitlab-shell

When all else fails, perform full reconfiguration:

# Rebuild configuration
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

Test SSH connectivity directly:

ssh -T -p 2222 git@gitlab.myserver.com
# Expected response: Welcome to GitLab, @username!

When setting up GitLab CE on Ubuntu 14.04 with a custom SSH port (2222), you might encounter connection refusal errors despite proper configuration. The key symptoms are:

  • Web interface accessible via HTTPS
  • SSH operations fail with "Connection refused"
  • No process listening on port 2222
  • Firewall rules properly configured

First, let's verify the critical configuration files:

# /etc/gitlab/gitlab.rb relevant sections
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['gitlab_shell_git_timeout'] = 800
gitlab_shell['ssh_port'] = 2222

After modifying the configuration, always run:

sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

GitLab Shell uses an internal SSH wrapper. Check its status:

sudo gitlab-ctl status | grep ssh
# Expected output: gitlab-shell: run

If gitlab-shell isn't running:

sudo gitlab-ctl start gitlab-shell

Perform these diagnostic checks:

# Check listening ports
ss -tulnp | grep 2222

# Verify iptables rules
sudo iptables -L -n -v | grep 2222

# Test connectivity locally
nc -zv 127.0.0.1 2222

Try these solutions in order:

# 1. Full service restart
sudo gitlab-ctl restart

# 2. Rebuild authorized_keys
sudo gitlab-rake gitlab:shell:setup

# 3. Check SELinux (if applicable)
sudo setsebool -P gitlab_shell_use_ssh_port on

For complex setups, consider running SSH in a container:

# docker-compose.yml snippet
gitlab-ssh:
  image: sameersbn/ssh:2.1-1
  ports:
    - "2222:22"
  volumes:
    - /etc/ssh:/etc/ssh:ro
    - /etc/passwd:/etc/passwd:ro
    - /etc/shadow:/etc/shadow:ro
    - /etc/group:/etc/group:ro
  restart: always

After implementing fixes, verify with:

# Check GitLab health
sudo gitlab-rake gitlab:check SANITIZE=true

# Test SSH connectivity
ssh -T -p 2222 git@localhost

# View logs for troubleshooting
sudo tail -f /var/log/gitlab/gitlab-shell/gitlab-shell.log