Connection logs for troubleshooting "target machine actively refused connection" on Transfer Family SFTP


I am trying to troubleshoot an SFTP connection: I'm getting the error message "target machine actively refused connection". Is there somewhere I can find server logs with details about why the connection was refused. The Cloudwatch logs for transfer family seem to start only after successful login.

Other connections seem to work fine, so it seems client related; Just trying to figure out what the client is doing that is causing the connection to be rejected.

asked 2 months ago28 views
1 Answer

"target machine actively refused connection" usually indicates a port/firewall issue. Is the client coming from a different IP space than other connections. If you have a Security Group configured for a VPC server, it could cause what you are seeing. Also, double check this client is connecting to port 22.

answered 2 months ago
  • That doesn't seem likely to me. While troubleshooting, we set the security group to accept traffic from In additional, from previous experience with security group issues, I would expect a timeout while establishing the connection, rather than the server rejecting it.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions