PDA

View Full Version : SSH Remote Login Not Working Anymore!


kisong
29th December 2005, 15:57
For several months, I was able to login to my ssh account without any problems. I changed the default port to xxxx (do not want to reveal this port for security reasons).

Anyways, a couple days ago, I restarted my server, and now, I am unable to login to the SSH server. I am 100% sure I am connecting to the right port and ip address. I am also sure that the port is open to connections. I know this because I can go to to a port scanning site and it says that the ssh port is open.

I checked the sshd_config settings and the correct port is open.

What other settings should I check?

till
29th December 2005, 16:16
If you run "netsat -tap", is your sshd daemon listed there, listening on your custom port?

kisong
29th December 2005, 16:22
it shows the following:

tcp 0 0 *:xxxx <--this is my custom port *:* LISTEN 1928/sshd

Is that right?
If you run "netsat -tap", is your sshd daemon listed there, listening on your custom port?

falko
29th December 2005, 16:30
Does your firewall maybe block that port?

kisong
29th December 2005, 16:56
To the best of my knowledge, it looks like the port is open and there is no firewall that is blocking that port.

Is there a way for me to verify this?

Does your firewall maybe block that port?

falko
29th December 2005, 18:53
To the best of my knowledge, it looks like the port is open and there is no firewall that is blocking that port.

Is there a way for me to verify this?
Please post the output of iptables -L

kisong
30th December 2005, 21:45
PAROLE tcp --anywhere anywhere tcp dpt:ssh


That's not the whole output, but I think this should suffice.

Please post the output of iptables -L

kisong
30th December 2005, 21:54
SOLVED. I added the xxxx SSH port to be opened within ISPConfig.

How did this setting get changed? Removed? Destroyed?

Does this happen every time the server is restarted?

PAROLE tcp --anywhere anywhere tcp dpt:ssh


That's not the whole output, but I think this should suffice.

falko
31st December 2005, 00:36
SOLVED. I added the xxxx SSH port to be opened within ISPConfig.

How did this setting get changed? Removed? Destroyed?
What do you mean with that? You changed the SSH port, but you cannot expect the firewall to recognize that and adjust itself to the new port...

Does this happen every time the server is restarted?
If you've enabled the ISPConfig firewall, it will be started whenever the server boots (of course, with the settings you specified in the web interface). Just make sure that your system doesn't start a second firewall that interferes with the ISPConfig firewall.

kisong
3rd January 2006, 16:34
The reason I said this is because prior to restarting the server, the port was set to xxxx and the firewall for ISPConfig was set to the same port (again, I'm hiding the actual port number for security reasons).

Before restarting the server, I was able to login with no problems.

The problem started when I restarted the server. Somehow, ISPConfig lost the firewall settings I set and replaced it with a default firewall setting.

Does that make sense?

What do you mean with that? You changed the SSH port, but you cannot expect the firewall to recognize that and adjust itself to the new port...


If you've enabled the ISPConfig firewall, it will be started whenever the server boots (of course, with the settings you specified in the web interface). Just make sure that your system doesn't start a second firewall that interferes with the ISPConfig firewall.

falko
3rd January 2006, 18:26
The reason I said this is because prior to restarting the server, the port was set to xxxx and the firewall for ISPConfig was set to the same port (again, I'm hiding the actual port number for security reasons).

Before restarting the server, I was able to login with no problems.

The problem started when I restarted the server. Somehow, ISPConfig lost the firewall settings I set and replaced it with a default firewall setting.

Does that make sense?
ISPConfig writes all allowed ports to /etc/Bastille/bastille-firewall.cfg. They don't get lost when you restart your server. But I can imagine the following: you have a second firewall on your server that you did not disable properly, and whenever you restart your server, this firewall tries to start and interferes with ISPConfig's firewall...