Table of Contents
Advertisement
In this article I will share different commands and methods to Test SSH connection in Linux and Unix with real time practical examples.
Method 1: Use timeout with bash utility to test SSH connection
/usr/bin/timeout
utility is installed by default in most distros which is part of coreutils
rpm in Linux
Check if coreutils
is installed on your server
# rpm -q coreutilscoreutils-8.22-24.el7.x86_64
We can use bash
utility with timeout
to test SSH connection by checking port 22
status.
If you are using a different port for 22
then you can replace it in the below syntax
Syntax:
# timeout <value> bash -c "</dev/tcp/<server>/<port>"
Here server2
is my target host, I will execute the command with a timeout value of 5s
on port 22
[root@server1 ~]# timeout 5 bash -c "</dev/tcp/server2/22"
If the exit status is 0
, it means test ssh connection was successful
[root@server1 ~]# echo $?0
Or if you get "connection refused" with non-zero exit status then test SSH connection has failed
Advertisement
[root@server1 ~]# timeout 5 bash -c "</dev/tcp/server2/22"bash: connect: Connection refusedbash: /dev/tcp/10.10.10.10/22: Connection refused[root@server1 ~]# echo $?1
Shell Script Example
We can use this tool in a shell script to test SSH connection over port 22
# cat /tmp/check_connectivity.sh#!/bin/bashserver=10.10.10.10 # server IPport=22 # portconnect_timeout=5 # Connection timeouttimeout $connect_timeout bash -c "</dev/tcp/$server/$port"if [ $? == 0 ];then echo "SSH Connection to $server over port $port is possible"else echo "SSH connection to $server over port $port is not possible"fi
Method 2: Use nmap to test SSH connection
/usr/bin/nmap
is provided bynmap
rpm.nmap
is widely used to check port status so we can usenmap
to checkport 22
status on target hostnmap
is not installed by default in most distros and you must install it before using it- On RHEL/CentOS environment use yum or
dnf
to installnmap
# yum -y install nmap
Syntax:
# nmap <server> -PN -p ssh | egrep 'open|closed|filtered'
Here,
-PnTreat all hosts as online -- skip host discovery-p sshOnly scan the default SSH portopenmeans that an application on the target machine is listening for connections/packets on that portclosedports have no application listening on them, though they could open up at any timefilteredmeans that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed.
Here server2
is my target host and we are looking for nmap
port status
[root@server1 ~]# nmap server2 -Pn -p ssh | egrep -io 'open|closed|filtered'closed[root@server1 ~]# nmap server2 -Pn -p ssh | egrep -io 'open|closed|filtered'open
Shell script Example
We can use this command in our shell script to test SSH connection over port 22
[root@server1 ~]# cat /tmp/check_connectivity.sh#!/bin/bashserver=10.10.10.10 # server IPport=22 # portconnect_timeout=5 # Connection timeoutstatus=`nmap $server -Pn -p $port | egrep -io 'open|closed|filtered'`if [ $status == "open" ];then echo "SSH Connection to $server over port $port is possible"elif [ $status == "filtered" ]; then echo "SSH Connection to $server over port $port is possible but blocked by firewall"elif [ $status == "closed" ]; then echo "SSH connection to $server over port $port is not possible"else echo "Unable to get port $port status from $server"fi
Method 3: Use netcat or nc to test SSH connection
- In my earlier article I had shared the steps to use
nc
andncat
to transfer files between Linux server. - We can also use
nc
andncat
utility to check port status from target hosts and test SSH connection nc
andncat
is provided bynmap-ncat
rpm
To check if nmap-ncat
is installed on your server
# rpm -q nmap-ncatnmap-ncat-6.40-19.el7.x86_64
Syntax:
# nc --wait <value> <server> <port> < /dev/null &> /dev/null
Here we have defined a connection timeout period of 5 second
which you can change based on your environment
Advertisement
Check the exit status of nc
command in this command. For 0 exit status
we know that port 22
is open and SSH connection will be successful.
[root@server1 ~]# nc --wait 5 server2 22 < /dev/null &> /dev/null[root@server1 ~]# echo $?0
For non-zero
exit status we know that SSH connection will fail for respective target host
[root@server1 ~]# nc --wait 5 server2 22 < /dev/null &> /dev/null[root@server1 ~]# echo $?1
Shell Script Example
We can use this command in our shell script example to automate the verification
# cat /tmp/check_connectivity.sh#!/bin/bashserver=10.10.10.10 # server IPport=22 # portconnect_timeout=5 # Connection timeoutnc --wait $connect_timeout $server $port < /dev/null &> /dev/nullif [ $? == 0 ];then echo "SSH Connection to $server over port $port is possible"else echo "SSH connection to $server over port $port is not possible"fi
Method 4: Use SSH to check SSH connection
- I know we are looking for SSH alternatives to check SSH connection but if you have a setup configured with password less connection then you can also use SSH for this verification
- We will use
ConnectTimeout
to make sure our SSH don't get stuck waiting for connection to become active StrictHostKeyChecking
is used to avoid any security and fingerprint prompt- If
BatchMode
isyes
then passphrase/password querying will be disabled
NOTE:
If you are not using password less authentication then this method will not be very helpful as the command will prompt for password and cannot be automated unless you use some hack use as sshpass
or expect script
Here we are using 'exit 0
' as the remote command to be called on successful SSH
[root@server1 ~]# ssh -q -o BatchMode=yes -o StrictHostKeyChecking=no -o ConnectTimeout=5 server2 'exit 0'[root@server1 ~]# echo $?0
While if the output exit status is non-zero
so we know the test SSH connection has failed
[root@server1 ~]# ssh -q -o BatchMode=yes -o StrictHostKeyChecking=no -o ConnectTimeout=5 server2 'exit 0'[root@server1 ~]# echo $?255
ALSO READ:
Advertisement
6 ssh authentication methods to secure connection using sshd_config
Shell Script Example
We can use this command in our existing shell script for automation purpose:
# cat /tmp/check_connectivity.sh#!/bin/bashserver=10.10.10.10 # server IPport=22 # portconnect_timeout=5 # Connection timeoutssh -q -o BatchMode=yes -o StrictHostKeyChecking=no -o ConnectTimeout=$connect_timeout $server 'exit 0'if [ $? == 0 ];then echo "SSH Connection to $server over port $port is possible"else echo "SSH connection to $server over port $port is not possible"fi
Method 5: Use telnet to test SSH connection
telnet
is another very handy tool to check port status/usr/bin/telnet
is provided by telnet rpm which is part of default repositories and you do not need any third party repository
Check if telnet
is installed
# rpm -q telnettelnet-0.17-65.el7_8.x86_64
Syntax:
# telnet <server> <port>
But since our end goal is to automate so we will tweak the syntax
# echo quit | telnet <server> <port> 2>/dev/null | egrep -qi Connected
Let us use this to test SSH connection in Linux. if we are able to grep for "Connected" then port 22
is reachable and SSH connection is possible
[root@server1 ~]# echo quit | telnet server2 22 2>/dev/null | egrep -qi Connected[root@server1 ~]# echo $?0
If we get a non-zero exit status
, this means that we were unable to grep "Connected" in the output hence SSH connection is not possible
[root@server1 ~]# echo quit | telnet server2 22 2>/dev/null | egrep -qi Connected[root@server1 ~]# echo $?1
Shell Script Example
We will use telnet
with our existing sample shell script to test SSH connection
# cat /tmp/check_connectivity.sh#!/bin/bashserver=10.10.10.10 # server IPport=22 # portconnect_timeout=5 # Connection timeoutecho quit | telnet $server $port 2>/dev/null | egrep -qi "Connected"if [ $? == 0 ];then echo "SSH Connection to $server over port $port is possible"else echo "SSH connection to $server over port $port is not possible"fi
Conclusion
In this tutorial guide we learned about different internal tools within Linux and Unix which can be used to test and verify SSH connection before actually attempting the SSH. We do not need to rely on additional third party tools for such verification. It is always a good idea to first check the network connectivity and port 22 availability before performing the SSH to avoid un-necessary wait time and timeout scenarios
Lastly I hope the commands from this article to test SSH connection on Linux and Unix was helpful. So, let me know your suggestions and feedback using the comment section.
References
I have used below external references for this tutorial guide
How to create a bash script to check the SSH connection?