Failed to start SSH server: listen tcp :22: bind: permission denied


I’m trying to get a Gitea instance working inside an Ubuntu 18.04 VM, running as guest in VMWare Player. My host machine is Windows 10.

The issue is that I’m unable to SSH from my host machine:

ssh -T -v git@
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug1: Connecting to [] port 22.
debug1: connect to address port 22: Connection refused
ssh: connect to host port 22: Connection refused

The gitea log file indicates that the SSL server is being denied permission to bind to port 22:

SSH server started on :22. Cipher list ([aes128-ctr aes192-ctr aes256-ctr arcfour256 arcfour128]), key exchange algorithms ([diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521]), MACs ([ hmac-sha2-256 hmac-sha1 hmac-sha1-96])
2019/05/29 14:13:32 [...a/modules/ssh/ssh.go:119 listen()] [E] Failed to start SSH server: listen tcp :22: bind: permission denied

I have followed the tutorial as closely as possible, although I did end up deviating slightly from the suggested supervisor configuration file. It looks to me like this file is expecting paths which were never created in previous steps:

command=/home/git/go/src/ web

Specifically: the gitea binary was moved to a global location previously in the tutorial, and I don’t think the source-code was ever installed using the binary-install instructions. Anyway, I believe this is not relevant to my issue, just mentioning for completeness.

Other things I should mention:

  • Using Gitea 1.7.0
  • All configuration points to ‘git’ user
  • I have added ‘git’ to sudoers, does not fix my issue

Googling around, it seems that it’s normal for a non-root user to be unable to bind to port 22. The instructions for allowing a user to bind to port 22 seem quite complex and it feels like that may be the wrong answer.

So, to put it simply: what is the recommended method to allow Gitea to listen on port 22? (or any other SSL port)?

Is the standard approach to use a different SSL socket to avoid this issue?

Ok, I ended up using an alternative SSL port instead of 22.

This lead to some minor issues in GitExtensions which is a bit finicky about non-standard SSL ports; the Connection Test function suggests that it’s not configured correctly, apparently because the test-remote-connection function ignores the port settings. However, if you just ignore this message, the actual git functions work correctly.

Anyway, at least everything is working now.