1

This started happening recently. I can't connect to github using ssh. I can connect to other machines on my local network and I can use a different computer to connect to github using the same ethernet connection my desktop is failing at. How do I stop my connection from timing out and successfully connect to github?

Edit for clarity: I used github as my ssh target because I didn't know about any other public service accessable by ssh. I didn't want to get ddosed so github was my only choice. The root of the problem is that I can't access ANY ssh service over ANY port ANYwhere. I get the same ssh -Tvvv output regardless of the IP address (excluding localhost).

Diagnostics:

$ ssh -Tvvv github.com
OpenSSH_8.8p1, OpenSSL 1.1.1l  24 Aug 2021
debug1: Reading configuration data /home/dan/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/dan/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/dan/.ssh/known_hosts2'
debug2: resolving "github.com" port 22
debug3: resolve_host: lookup github.com:22
debug3: ssh_connect_direct: entering
debug1: Connecting to github.com [140.82.112.4] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: connect to address 140.82.112.4 port 22: Connection timed out
ssh: connect to host github.com port 22: Connection timed out

$ nmap -p 22 github.com
Starting Nmap 7.92 ( https://nmap.org ) at 2021-12-26 21:54 EST
Nmap scan report for github.com (140.82.112.4)
Host is up (0.015s latency).
rDNS record for 140.82.112.4: lb-140-82-112-4-iad.github.com

PORT   STATE    SERVICE
22/tcp filtered ssh

Nmap done: 1 IP address (1 host up) scanned in 0.26 seconds

$ screenfetch -n
 dan@dan-ms7d09
 OS: Manjaro 21.2.0 Qonos
 Kernel: x86_64 Linux 5.10.84-1-MANJARO
 Uptime: 17h 58m
 Packages: 1499
 Shell: zsh 5.8
 Resolution: 5760x1080
 DE: GNOME
 WM: i3
 GTK Theme: Adwaita [GTK2/3]
 Icon Theme: Adwaita
 Font: Cantarell 11
 Disk: 479G / 955G (53%)
 CPU: Intel Core i9-10850K @ 20x 5.2GHz [35.0°C]
 GPU: NVIDIA GeForce RTX 2060
 RAM: 9225MiB / 32002MiB
Improve this question
5
  • Can you connect to other ports on github, like 80 or 443? Did you check in your router if there isn't any block or port forwarding on the mac address of your system? Did you try to ssh from a different network (like public wifi or mobile hotspot)? Commented Dec 27, 2021 at 8:49
  • 1
    Does running ssh -o IPQoS=none -vvv github.com work? Commented Dec 27, 2021 at 15:38
  • @aviro github port 80,443 work. Router was factory reset before posting Commented Dec 27, 2021 at 19:14
  • @jsbillings no change Commented Dec 27, 2021 at 19:15
  • Why do you expect to be able to SSH into github.com? Commented Mar 6, 2023 at 20:43

3 Answers 3

Reset to default
0

There s several steps to troubleshoot the problem. first you must ensure that the name resolution is done correctly. To me, The 140.82.112.4 seems OK and is one of GitHub's IP addresses so the name resolution is correct.

But the state of filtered for port 22 on Github is the problem. According to nmap's Port Scanning Basics:

Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering. This slows down the scan dramatically.

So, there are several places to check for the problem:

First, You should ensure that there are no firewall rules on your machine that prevents the connection to this IP address and port number.

Second, Check if there is a firewall device on your local network that might prevent you from connecting to this address.

The third possibility is that your IP address is banned by the Github servers due to excessive attempts or other similar reasons. This might happen if you are using proxies or some kind of VPNs to connect to the internet. Shared IP addresses for VPN and Proxy Tools usually create such kinds of problems. My suggestion is to change your connection or IP address somehow. If you're on the ADSL connection, maybe restarting the ADSL modem would give you a new IP address. If you do not use a VPN or any kind of proxy, Try using one and see if it makes any difference.

Hope that it helps and wish you luck.

Improve this answer
1
  • q: ensure that there are no firewall rules on your machine. a: IPTables is already disabled. q: firewall device on your local network that might prevent you from connecting. a: Network firewall was already down. q: your IP address is banned by the Github servers. a: A different device on the same network has the same IP address in my house. I'm not IP banned. Also idk if I made this clear enough, I can't access ANY ssh server anywhere. Commented Dec 27, 2021 at 4:57
0

I struggled with this for a while before stumbling onto a help page buried under GitHub support:

https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over-the-https-port

Turns out my workplace had just the right magic combination of firewall/port protection to "almost" allow regular Git SSH access to GitHub, i.e. it worked "occasionally" but not reliably. ;-b

With this incantation in my $HOME/.ssh/config file, to use SSH Over HTTPS, I was suddenly able to access my GitHub repo from the command line via my SSH Key in GitHub:

Host github.com
User git
Hostname ssh.github.com
Port 443
PreferredAuthentications publickey
IdentityFile /home/XXX/.ssh/github_id_rsa
TCPKeepAlive yes     # not sure if truly needed
IdentitiesOnly yes   # not sure if truly needed
Improve this answer
0
0

FWIW I ran into this issue with MacOS Monterey 12.7.2.

I regenerated ssh keys (not sure if this was the critical bit) and changed ~/.ssh/config to have

Host github.com
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519
  UseKeychain no
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.