“Hey, I’m unable to connect via PuTTY. How to fix this PuTTY fatal error?”
We often get support requests like this from server/VPS users as part of our white label technical support for Web, VPS, and Datacenter providers.
A PuTTY fatal error occurs when users are unable to access the server.
Today, we’ll go through the top 3 reasons for this error, and how we fix them.
What are the possible causes and fixes of PuTTY fatal error?
We have seen many reasons for connection refused error when connecting via SSH in PuTTY.
Today, we will discuss the top 3 reasons in detail.
- IP not enabled in the firewall
- Delay in DNS propagation
- Blacklisted IP
Read on to know more about these causes and how we fix them.
IP not enabled in the firewall
In Windows PCs, the firewall may block outgoing SSH connections.
To verify this, we ask the customer to disable the Windows firewall and retry connecting.
We recommend these steps for disabling the firewall.
- Click on Start and select Settings.
- Open Update and Security > Windows Security.
- Open Firewall and network protection.
- Select preferred network type and disable Windows Defender Firewall.
If the customer is able to connect successfully, then we ask them to add an SSH rule.
Our customers use the steps for adding the rule:
- On Start >> Administrative tools >> Windows Firewall with Advanced Security.
- Then, go to Outbound Rule >> New Rule
- Click on Custom and on the next page select All Programs.
- Now, at Protocol & Ports wizard. Select the protocol type to the Any and click next.
- Next, select any IP address option in “which local IP address does this rule apply to?“.
- Select these IP addresses option in “which remote IP address does this rule apply to?“.
- Click on the Add button and enter the IP Address and click OK and Next.
- Select Allow the connection option and click Next.
- On the Profile Page, select all three options. Domain, Private, and Public.
- Click Next Button.
- In the Last step, We need to provide the Name of this Rule.
- Click on the Finish button.
This should fix the problem.
Delay in DNS propagation
When you have modified the domain settings like pointing to a new name server or host, there might be some propagation delay.
Propagation delay depends on the TTL value. TTL (Time To Live) value is used to speed up the website load time by caching a copy of DNS records for a period of time, mostly up to 48 hours.
In some cases, after migration, there will be a delay to reflect the change due to a high TTL value. If so, the domain might still be pointing to the old IP causing connection refused error.
If your domain was recently migrated, you may need to check with your hosting provider to see if your DNS has not fully propagated.
At Bobcares to avoid such situations by keeping the TTL value to less than 5 mins.
Most Linux servers will have security software such as Fail2Ban and LFD that detects repeated login failures and blocks the connecting IP. This is done to prevent brute force attacks.
There are cases where even legitimate users of the server are blocked by anti-brute force tools.
It happens when the Email tool, FTP tool, or SSH tool has the wrong login details saved in them, and the tool repeatedly tries to log in to the server resulting in repeated login failures.
So, one among the first things we do to investigate PuTTY errors is to check the firewall log to see if the customer’s IP is blocked, and why.
If so, we reset the login details for them, and remove the IP from the blacklist.
If you feel your IP may be blocked at the server, contact your hosting provider to get it delisted.
[Need assistance in fixing PuTTY Fatal Error? – We’ll help you]
Today we’ve seen how Firewall configuration, DNS propagation, and IP blacklisting can cause PuTTY fatal error, and how our Support Engineers help VPS/Server users fix it as part of our White label technical support services.