Shulou(Shulou.com)05/31 Report--

This article shows you what the troubleshooting steps are when the cloud server cannot connect remotely. The content is concise and easy to understand, which will definitely brighten your eyes. I hope you can gain something through the detailed introduction of this article.

In the daily work of operation and maintenance engineers, it is often necessary to log in to the server for application deployment and maintenance, and configuration modification is a very routine operation. However, in the daily operation and maintenance work, we often encounter a "Waterloo". When there is no remote connection to the server, we need to be calm and patiently analyze the crux of the error report in order to better locate and eliminate the problem.

Check CPU load, bandwidth, and memory usage

Confirm if the CPU load is too high

If the CPU load is too high in a certain period of time, the remote connection may fail. It is recommended that you query whether the program or instance resources do not meet the existing requirements.

If the CPU load is not too high, proceed to the next step.

Confirm whether the public network bandwidth is insufficient

The lack of remote connection may be caused by insufficient public network bandwidth. The specific troubleshooting methods are as follows:

Log in to the ECS Management console.

Find the instance and click manage to go to the instance details page to view the network monitoring data.

Check whether the server bandwidth is "1k" or "0k". If you do not purchase public network bandwidth when purchasing an instance, and then upgrade the public network bandwidth, and do not choose to renew the bandwidth when you renew the instance, the bandwidth will become "1k".

Confirm that there is not enough memory

After the remote connection enters the user's password to log in, the desktop cannot be displayed and exited directly, and there is no error message. This situation may be caused by insufficient memory on the server, so you need to check the memory usage of the server. The specific operations are as follows:

Log in to the Linux instance using the console remote connection feature.

Check the memory usage and confirm that there is not enough memory before processing.

Client troubleshooting

When the client cannot log in normally, first use different SSH clients to test the login based on the same account information. If you can log in normally, it is judged that it is the client configuration problem, and you need to check and analyze the client configuration or the operation of the software. For information about how to log in to the Linux instance using the SSH client, you can see remote connection to the Linux instance.

Step 1: log in to the instance using the management terminal

No matter what causes the instance to be unable to connect remotely, please try to connect with the remote connection feature provided by Aliyun first, make sure that the instance is still responding, and then troubleshoot by reason.

Record the CVM management console, click the instance in the left navigation bar, and then click remote connection on the right side of the target instance.

"when connecting for the first time or forgetting the connection password, click modify the remote connection password and change the remote connection password."

Then connect to the instance with a remote connection password.

Step 2: check whether the client's local network is abnormal

Confirm if there is a failure in which the user cannot connect to the external network locally.

If it exists, check the network card driver and reinstall it if there is an exception. Log in to the instance using the management terminal, check the / etc/hosts.deny file to see if there is an intercepted IP, and if so, delete the IP configuration.

If it does not exist, proceed to the next step.

Step 3: restart the instance

While ensuring that the login password is correct, confirm that the password has been reset before. Check whether the instance is not restarted after resetting the instance password. If there is a record of password modification of the instance, but there is no record of restarting the instance, please refer to the following steps to restart the instance:

Log in to the ECS management console and click the instance in the left navigation bar.

Select the corresponding region at the top of the page, click more on the right side of the target instance, click "instance status"-> restart, and then click OK.

Intermediate network

The intermediate network includes network check and port check.

Network check

If you cannot connect to the Linux instance remotely, you need to check whether the network is working properly.

Compare and test the computer connections of different network segments or different operators in other network environments to determine whether it is a local network problem or a server-side problem. If it is a local network problem or operator problem, please contact your local IT personnel or operator to resolve it. If there is an exception in the Nic driver, reinstall. Proceed to the next check after troubleshooting the local network.

Use the ping command on the client to test network connectivity to the instance.

1) when the network is abnormal, see how to crawl packets for troubleshooting when the network is abnormal.

2) when there is ping packet loss or ping failure, please refer to the link test method for troubleshooting when using the ping command to lose packets or fail.

3) if intermittent packet loss occurs and the network of the ECS instance is in an unstable state, please see using the ping command to test the IP address intermittent packet loss of the ECS instance to solve the problem.

4) if the system kernel does not disable ping, use the ping command to test the ECS server and find that the network is blocked. Please see the solution that there is no solution to disable PING but PING in the ECS of the Linux system.

Port check

After the network check is normal, further check to see if the port is normal.

1. Log in to the instance using the administrative terminal, execute the following command, and edit the SSH configuration file.

Vi / etc/ssh/sshd_config2. Find the line "# port 22" and check whether the default port 22 has been modified and whether the previous "#" has been deleted. If not, you can delete the previous "#", then change 22 to a different port, and then save and exit.

Note: the range of ports that can be used by service listeners is 0 to 65535. Misconfiguration of listening ports will cause remote desktop service monitoring to fail.

3. Restart the SSH service by executing the following command.

/ etc/init.d/sshd restart description: you can also execute the service sshd restart command to restart the SSH service.

4. Use the Web server that comes with Python to create a temporary listening port for testing.

Python-m SimpleHTTPServer [$Port]

5. If the modified port number is not released in the ECS security group rule, you need to add the modified port number to the ECS security group rule.

Description: Port 22 is released by default in the security group rules of ECS. After you modify the port of the remote desktop, you need to release the modified port number in the security group rule.

6. Through the port obtained in the previous step, refer to the following command to test the port to determine whether the port is normal.

Telnet [$IP] [$Port]

Description:

-[$IP] refers to the IP address of the Linux instance.

-[$Port] refers to the SSH port number of the Linux instance.

The system displays something like this, such as executing the telnet 192.168.0.1 22 command. Normally, the system will return the software version number of the SSH in the server.

Security group check

Check the security group configuration to see if remotely connected ports are allowed.

See query security group rules to view security group rules. If the remote connection port is not configured, see setting the corresponding security group policy configuration after SSH service is enabled in the Linux instance.

Confirm whether there is an ECS instance that cannot ping. After troubleshooting the Iptables and Nic IP configuration problems and rolling back the system, it is still unable to ping. If the default public network rule of the ECS instance security group is deleted, you need to reconfigure the public network rule of the ECS instance security group. If it does not exist, proceed to the next step.

The above is what are the troubleshooting steps that the CVM cannot connect remotely. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.