I rebuilt my server using the Ubuntu 9.04/ISPConfig tute here: http://www.howtoforge.com/perfect-server-ubuntu-9.04-ispconfig-3 Everything looked great. I added some sites and all was fine. Then I shutdown the server and moved it to it's permanent location (still inside the network) and now I cannot log into ISPConfig, either through the internal ip address or the domain and the sites are not online. SSH works just fine, as does ftp. Here is the output netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:mysql *:* LISTEN 2289/mysqld tcp 0 0 *:ftp *:* LISTEN 2809/pure-ftpd (SER tcp 0 0 *:ssh *:* LISTEN 2188/sshd tcp 0 300 192.168.1.26:ssh 192.168.1.25:50371 ESTABLISHED 4413/sshd: shawn [p tcp6 0 0 [::]:imaps [::]:* LISTEN 2728/couriertcpd tcp6 0 0 [::]op3s [::]:* LISTEN 2766/couriertcpd tcp6 0 0 [::]op3 [::]:* LISTEN 2744/couriertcpd tcp6 0 0 [::]:imap2 [::]:* LISTEN 2701/couriertcpd tcp6 0 0 [::]:ftp [::]:* LISTEN 2809/pure-ftpd (SER tcp6 0 0 [::]:ssh [::]:* LISTEN 2188/sshd I searched the forums and only found that I should try: /etc/init.d/ispconfig_server restart Which only returned a "no such file or directory error
understood I realize that /etc/init.d/ispconfig_server restart is for ISPconfig 2 and not 3. But I don't know where/how to start or restart the service.
Similar problem after rebuild Rebuilt the server, yet again, this time with a new hard drive. Same distro, etc. Everything looked great. Created a site and it shows up internally and externally. Shut down the server and moved it into it's permanent location (within the network) and now I cannot log in to ISPConfig. 192.168.1.x:8080 shows "Oops, Firefox could not connect to 192.168.1.26:8080" Also, I cannot SSH into the server now. I get "Network error. Connection refused" I put the server back on my desk and cannot log in or SSH. The site is up and running, though. And I was able to log in and SSH before the reboot/move. I did some research and ran "grep". It shows that SSH (SSHD?) is running. I believe the port it is listening to is "*". Port 22 is open and forwarding to the right ip address on my router. Any thoughts? Thanks, as always.
Out of curiosity, what happens if you try to SSH into the machine from the machine itself? Or if you try to access the ISPConfig interface from the machine itself? In other words, what happens if you browse to http://192.168.1.x:8080 from the actual server that you're troubleshooting? And how about if you hop at the terminal and do something like Code: $ ssh 192.168.1.x Finally, have you told your router to reserve the forwarded IP address for your server's MAC address? If not, perhaps your router is assigning a different IP address than the one you've forwarded.
More info CB, Thanks for the response. I'll try it when I get home. Here's a little more info. The server is running fine and the site is up. I am able to log in to ISPConfig and SSH from outside the network. In other words: 24.182.x.x:8080 works and so does ssh into that ip address but 192.168.x.x:8080 does not work, nor does ssh from inside the network. Does this help? Thanks
That does help, thanks! That's interesting... it seems like a firewall issue, given that you're able to access the server from outside the firewall, but not inside. You meant that you're able to access ports 22 and 80 from outside the firewall, even after you moved the server to its permanent home, correct? In addition to testing HTTP and SSH from the server itself, can you explain a bit more about your network topology? Is this a "home PC" that's running ISPConfig, behind a cheap home router? Or you in a commercial building with a complex network setup?
Home network It's a home network with a Linksys E3000 router. Not cheap in my book, but certainly not commercial grade. You are correct, I can access those ports from outside the network as well as port 8080. The reason I do not think that it is a router issue is that I was able to login, ssh in, and see the site internally before I moved (and therefore rebooted) the machine. I even tried adding ALL : ALL into vhosts.allow thinking that this might help. Not able to try those commands at this time. I will as soon as I can. Thanks again for your time.
More info CB, I am able to ssh into the box from itself. When I did so, it told me that I had new mail in /var/mail/root. I checked this and it said that the properties of certain files had been changed. Among these were: awk dpkg dpkg-query GET ldd perl sudo wget lwp-request cron sshd Also: Users have been added to the passwd file var/lib/clamav:bin false and Groups have been added to the group file It also states that SSH and rkhunter configuration options should be the same SSH configuration option permitrootlogin :yes RKhunter configuration allow_ssh_root_user :no It then tells me to check /var/log/rkhunter.log When I do it looks like a virus scan has taken place and it didn't seem to find anything but tells me again that file properties have been changed for some files. Too many to list but mostly the same as listed above Wow, any thoughts?
File properties get also changed by normal Linux updates. So if you installed updates on your server with apt/yum/yast, then this might be the causee for the changed properties as well. Users and groups get regularily added, this is the case when you add a website in ispconfig or when you install software. For example the clamav user is the syste user of the clamav antivirus scanner. If rkhunter does not show that any rootkits are installed, then the system is most likely ok.
Till, Thanks. But I still can't ssh into the box or log in to ISPconfig from within my network. Any ideas?
Rebuilt the server AGAIN and I cannot still cannot ssh os log in. Netstat shows tcp6 0 0 [::]:ssh [::]:* LISTEN 2285/sshd iptables -L shows nothing that looks out of the ordinary. Of course, I don't really know. Chain input (policy accept) target prot opt source destination fail2ban ssh tcp - - anywhere anywhere multiports dport ssh Chain forward (policy accept) target prot opt source destination Chain output (policy accept) target prot opt source destination Chain fail2ban (1 reference) target prot opt source destination RETURn all -- all anywhere
So, with a new machine and not being able to log in, I suspected the router, which I had already checked. I rechecked the forwarding in the router and everything looks good. I did have a quick power outage so I thought it may have done something to the router. I rebooted both the router and the modem. I am able to ping the server. I was also able to ssh in all the way through the rebuild process. It is only after the final step of the perfect server setup and the subsequent reboot that I am unable to ssh or log in.
BTW, tested my ssh at this site: http://www.hq42.net/net_tools/test_ssh_server.php And it returned this: 242 is a legal value for a host number. 106 is a legal value for a class C net. 182 is a legal value for a class B net. 24 is a legal value for a class A net. [ Back to Networking Tools Page ]Back to the Networking Tools page [ Back to Home Page ]Back to the Home page [ Back to Test a SSH Server Page]Back to the Test a SSH Server page Service appears to be up, port 22 is open The server 24.182.x.x says: Connected to 24.182.x.x. Escape character is '^]'.
Falko, It looks to be empty. That is, all I see is: Chain input (policy accept) target prot opt source destination Chain forward (policy accept) target prot opt source destination Chain output (policy accept) target prot opt source destination
