Troubleshooting GitLab SSH Port 2222 Connection Refused Error on Ubuntu VPS


19 views

After configuring GitLab CE on Ubuntu 14.04 LTS with custom SSH port 2222, users encounter connection issues when attempting SSH operations. The error manifests as:

ssh: connect to host gitlab.myserver.com port 2222: Connection refused

First, verify these critical configuration elements in /etc/gitlab/gitlab.rb:

# SSH configuration
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['gitlab_shell_git_timeout'] = 800

# Ensure SSH service is enabled
gitlab_rails['gitlab_shell_enabled'] = true

Execute these commands to verify service status:

# Check GitLab SSH service
sudo gitlab-ctl status gitlab-shell

# Verify listening ports
sudo netstat -tulpn | grep :2222

# Alternative port check
sudo lsof -i :2222

For Ubuntu's UFW firewall, ensure proper rules:

# Check existing rules
sudo ufw status verbose

# Add rule if missing
sudo ufw allow 2222/tcp
sudo ufw reload

Check /etc/ssh/sshd_config for conflicts:

# Ensure no other service uses port 2222
Port 22
#Port 2222  # Comment out if present

Run these diagnostic commands:

# Check GitLab configuration
sudo gitlab-rake gitlab:check SANITIZE=true

# Tail logs for real-time debugging
sudo gitlab-ctl tail gitlab-shell

When all else fails, perform full reconfiguration:

# Rebuild configuration
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

Test SSH connectivity directly:

ssh -T -p 2222 git@gitlab.myserver.com
# Expected response: Welcome to GitLab, @username!

When setting up GitLab CE on Ubuntu 14.04 with a custom SSH port (2222), you might encounter connection refusal errors despite proper configuration. The key symptoms are:

  • Web interface accessible via HTTPS
  • SSH operations fail with "Connection refused"
  • No process listening on port 2222
  • Firewall rules properly configured

First, let's verify the critical configuration files:

# /etc/gitlab/gitlab.rb relevant sections
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['gitlab_shell_git_timeout'] = 800
gitlab_shell['ssh_port'] = 2222

After modifying the configuration, always run:

sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

GitLab Shell uses an internal SSH wrapper. Check its status:

sudo gitlab-ctl status | grep ssh
# Expected output: gitlab-shell: run

If gitlab-shell isn't running:

sudo gitlab-ctl start gitlab-shell

Perform these diagnostic checks:

# Check listening ports
ss -tulnp | grep 2222

# Verify iptables rules
sudo iptables -L -n -v | grep 2222

# Test connectivity locally
nc -zv 127.0.0.1 2222

Try these solutions in order:

# 1. Full service restart
sudo gitlab-ctl restart

# 2. Rebuild authorized_keys
sudo gitlab-rake gitlab:shell:setup

# 3. Check SELinux (if applicable)
sudo setsebool -P gitlab_shell_use_ssh_port on

For complex setups, consider running SSH in a container:

# docker-compose.yml snippet
gitlab-ssh:
  image: sameersbn/ssh:2.1-1
  ports:
    - "2222:22"
  volumes:
    - /etc/ssh:/etc/ssh:ro
    - /etc/passwd:/etc/passwd:ro
    - /etc/shadow:/etc/shadow:ro
    - /etc/group:/etc/group:ro
  restart: always

After implementing fixes, verify with:

# Check GitLab health
sudo gitlab-rake gitlab:check SANITIZE=true

# Test SSH connectivity
ssh -T -p 2222 git@localhost

# View logs for troubleshooting
sudo tail -f /var/log/gitlab/gitlab-shell/gitlab-shell.log