Ubuntu 24.04 LTS – enabling UFW blocks SSH access – Fix & Prevention

📖 ~1 min read

Table of contents

1. Symptom & Impact
2. Environment & Reproduction
3. Root Cause Analysis
4. Quick Triage
5. Step-by-Step Diagnosis
6. Solution – Primary Fix
7. Solution – Alternative Approaches
8. Verification & Acceptance Criteria
9. Rollback Plan
10. Prevention & Hardening
11. Related Errors & Cross-Refs
12. References & Further Reading

Symptom & Impact

Remote SSH access is lost immediately after firewall activation.

Environment & Reproduction

Happens when UFW is enabled without explicit SSH allow rules.

sudo ufw enable

Root Cause Analysis

Default deny incoming policy blocks TCP/22 before exception is configured.

Quick Triage

Use console access to inspect active UFW status and ruleset.

sudo ufw status verbose
sudo ufw status numbered

Step-by-Step Diagnosis

Confirm deny policy and missing SSH rule in firewall table.

sudo iptables -S | head -n 40
sudo ufw status numbered

Solution – Primary Fix

Allow SSH first, then reload UFW and verify active rules.

sudo ufw allow OpenSSH
sudo ufw reload
sudo ufw status verbose

Solution – Alternative Approaches

Allow custom SSH port if daemon listens on non-default port.

sudo ufw allow 2222/tcp

Verification & Acceptance Criteria

Remote SSH succeeds while firewall remains enabled with least privilege policy.

sudo ufw status verbose
ssh -p 22 user@server

Rollback Plan

Disable UFW temporarily to restore emergency access.

sudo ufw disable

Prevention & Hardening

Always stage allow rules before enabling firewall on remote systems.

Related Errors & Cross-Refs

May be mistaken for sshd failures or network routing issues.

Related tutorial: View the step-by-step tutorial for Ubuntu 24.04 LTS.

View all Ubuntu 24.04 LTS tutorials on the Tutorials Hub →

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Ubuntu UFW operational runbooks and remote access safety guidance.