📖 ~1 min read
Table of contents
Symptom & Impact
Remote SSH access fails after firewall changes, risking operational lockout.
Environment & Reproduction
Ubuntu 24.04 server with ufw enabled and default deny incoming policy.
Root Cause Analysis
Missing allow rule for SSH port, wrong interface scope, or IPv6 rule not configured.
Quick Triage
Use console access to run sudo ufw status verbose and verify OpenSSH profile allowance.
Step-by-Step Diagnosis
Inspect UFW logs in journalctl and /var/log/ufw.log for denied packets. Confirm sshd listens on expected port.
Solution – Primary Fix
Add explicit allow rule for SSH (default or custom port), then reload ufw and retest from trusted source.
Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.
Solution – Alternative Approaches
Temporarily disable ufw from console for emergency access, then reapply a validated baseline ruleset.
Verification & Acceptance Criteria
SSH connects successfully from approved networks while unrelated ports remain blocked.
Rollback Plan
Restore previous ufw rules backup and revert custom port changes in sshd_config.
Prevention & Hardening
Always pre-create allow rules before enabling ufw and keep out-of-band console access available.
Related Errors & Cross-Refs
Connection timed out, ufw deny entries for tcp/22, sshd reachable locally only.
Related tutorial: View the step-by-step tutorial for Ubuntu 24.04 LTS.
View all Ubuntu 24.04 LTS tutorials on the Tutorials Hub →
Browse all common problems & solutions on the Tutorials Hub.
References & Further Reading
UFW manual, Ubuntu firewall docs, and OpenSSH hardening best practices.
Need Expert Help?
If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.
