cannot login via ssh after installation

Discussion in 'Installation/Configuration' started by sone, Aug 15, 2005.

  1. sone

    sone New Member

    hello!

    i'm in trouble! i have no idea anymore how to solve the problem - but i can login to the server with a repair-system... i would be really happy if someone could give me a hint why the server is not booting correctly, or which files i could/should edit to solve the problem!

    i've installed ISPConfig after I had installed debian sarge. i used this perfect installation instructions. everything was working fine...
    but after i did a restart of my vps i'm not able to log in via ssh anymore :eek:

    the server is starting and the last thing i'm able to do is to write the password.
    the last thing the server is telling me:
    "System bootup in progress - please wait"

    afterwards nothing happens anymore... it's not possible to ping the server...

    i thought that maybe it's a quota related problem... because the only step i did not managed to do was to end the instructions related to quoata:

    quotacheck -avugm
    quotaon -avug

    i was thinking (have to stop this...) that i could do it after finishing the installation, because i'm on a VPS where i'm not able to use "mount" while running the server - if i have to do everything again :( i know now i have to reboot instead...

    besides of that, i installed the Courier-IMAP/Courier-POP3 first, and then i removed "courier-imap courier-imap-ssl courier-pop courier-pop-ssl" again, and i repeated the instructions "Postfix/POP3/IMAP" .... after doing "ehlo localhost" everything seems to be fine...

    looking foreward...

    sone
     
  2. falko

    falko Super Moderator Howtoforge Staff

    :confused: Maybe it has to do with your network settings? Go into the repair system and have a look at these.
     
  3. Tribal-Dolphin

    Tribal-Dolphin New Member

    Hello,
    You have to modifiy the sshd configuration by editing /etc/ssh/sshd_config.
    Replace this line
    Code:
    PasswordAuthentication no
    by this one
    Code:
    PasswordAuthentication yes
    then restart ssh (/etc/init.d/ssh restart).
    For me it works, I hope for you too !
     
  4. sone

    sone New Member

    hello!

    i have changed the sshd_config as mentioned but without success...

    the sshd_config of the repairsystem is the same as of the "normal"-system.

    of course it eventually has to do with the network settings. but i do not know which exactly could be responsible for the failure. any hints??
    i tried to change the hosts file. the format seems to be simple, but i'm confused because in the net there are really different explanations and formats... at least it looks like...

    here is my host file:

    ---

    127.0.0.1 qualia localhost localhost.localdomain
    85.119.152.64 qualia quale.de qualia.quale.de

    ---

    and here are the last few words my server is telling me at login - then nothing happens...:

    ---

    RSA key fingerprint is .....
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '85.119.152.64' (RSA) to the list of known hosts.

    ---

    maybe the configuration of the setup of the ISPConfig and/or the openssl key genaration has something to do with it?

    i think i will reinstall and redo everthing, following the perfect setup instructions again. einmal ist keinmal ;) while repeating may i will learn something...
     
  5. fastcooler

    fastcooler New Member

    Hi All,

    I have the same problem as Sone, but I haven't find any solution....Anyone may help me please?

    Same configuration as Sone:

    Debian Sarge 3.1
    VPS based on Virtuozzo

    I have also installed using Perfect Install Tutorial, but I can't install Quotas too.

    Thanks,
    Best Regards
    Mark
     
  6. falko

    falko Super Moderator Howtoforge Staff

    Do you get any error messages?
     
  7. fastcooler

    fastcooler New Member

    Hi Falko,

    no, I didn't receive any error message during installation....

    Installation ends and I get a message where i read that ISP Config server is starting.

    After some seconds PUTTY lost SSH connection and I can't SSH access anymore: I have to restore backup...

    Thanks
    Mark
     
  8. falko

    falko Super Moderator Howtoforge Staff

    Hm, maybe because of $go_info["server"]["network_config"] in /home/admispconfig/ispconfig/lib/config.inc.php.
    You could use a rescue CD and set that variable to 0. Or you do it (before you install ISPConfig) in the file install_ispconfig/config.inc.php.tmp.
     
  9. fastcooler

    fastcooler New Member

    Dear Falko,

    I'm trying your trick now...I'm installing again...I'll let you know in minutes...I hope that this can solve!

    Thanks!
    Mark
     
  10. fastcooler

    fastcooler New Member

    Dear Falko,

    It solved!!!!!

    MANY THANKS !!!!!

    Now I can play with ISPConfig and use it !

    Best Regards
    Mark
     
  11. jopa123

    jopa123 New Member

    Same issue

    Hello,

    I seem to be having this same issue as well as a few others.

    I setup per the FC4 perfect setup tute. The only difference is I had to add the Madwifi drivers for my Atheros chipset wireless card. I know wireless is not the way to go for a server, but this is more of a learning box than a working server.

    I could then ssh into the box, surf the net, etc. and everything was fine.

    Then I installed Ispconfig, The setup seemed to go fine including quota and RSA license.
    The only "issue" I had was when it asked for the domain. I have a domain pointed to this server but without Ispconfig up and running, it wouldn't searched and couldn't find it. I entered the external IP address.

    After the setup, I had to reset some Madwifi (ifcfg_ath0) settings but now I can surf the net and ping the other boxes on the network from the Linux box. I can also get to the Ispconfig admin panel through https://192.168.2.26:81.

    However, I cannot ssh, telnet or even ping the Linux box either from the network or externally. Port 22 is open on the router for that ip, I've triple checked and even rebooted the router.

    Per this thread, I checked the password authentication settings in the /etc/ssh/sshd_config and home/admispconfig/ispconfig/lib/config.inc.php files and they are already set to "yes" and "0" respectively.

    I do not know how to check my "hosts"

    Any ideas? I am a definite rookie with Linux and would greatly appreciate any help.

    Oh yea, as for the other issue(s). I cannot boot to a rescue disc. The system seems to hang on the first blue screen (the check media screen?). It did this during install but I worked around it by changing to the default VESA video driver during "text" install. Can't do that with the rescue disc.

    Thanks for any input.
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post the ouput of:

    netstat -tap

    and:

    iptables -L
     
  13. jopa123

    jopa123 New Member

    Till,

    Thanks for the response. I'm at work right now but will check as soon as I get home. Approximately 6:00PM. US central time. (-6 GMT)
     
  14. jopa123

    jopa123 New Member

    Hey Till,
    Here ya go.

    tcp 0 0 *:imaps *:* LIST EN 2188/xinetd
    tcp 0 0 *:pop3s *:* LIST EN 2188/xinetd
    tcp 0 0 *:mysql *:* LIST EN 2282/mysqld
    tcp 0 0 *:pop3 *:* LIST EN 2188/xinetd
    tcp 0 0 *:imap *:* LIST EN 2188/xinetd
    tcp 0 0 *:sunrpc *:* LIST EN 1873/portmap
    tcp 0 0 *:x11 *:* LIST EN 3221/X
    tcp 0 0 *:51216 *:* LIST EN 1891/rpc.statd
    tcp 0 0 *:81 *:* LIST EN 2606/ispconfig_http
    tcp 0 0 192.168.2.26:domain *:* LIST EN 2895/named
    tcp 0 0 localhost.localdomai:domain *:* LIST EN 2895/named
    tcp 0 0 localhost.localdomain:ipp *:* LIST EN 2133/cupsd
    tcp 0 0 localhost.localdomain:5335 *:* LIST EN 2118/mDNSResponder
    tcp 0 0 *:smtp *:* LIST EN 7546/master
    tcp 0 0 localhost.localdomain:rndc *:* LIST EN 2895/named
    tcp 1 1 192.168.2.26:34624 mirror.hiwaay.net:http LAST _ACK -
    tcp 0 0 *:x11 *:* LIST EN 3221/X
    tcp 0 0 *:http *:* LIST EN 2798/httpd
    tcp 0 0 *:ftp *:* LIST EN 2912/proftpd: (acce
    tcp 0 0 *:ssh *:* LIST EN 2179/sshd
    tcp 0 0 *:https *:* LIST EN 2798/httpd

    and

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain INPUT (policy DROP)
    target prot opt source destination
    DROP tcp -- anywhere 127.0.0.0/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- anywhere anywhere
    DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_IN (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_OUT (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    ACCEPT all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere

    Chain PAROLE (9 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere

    Chain PUB_IN (4 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
    ACCEPT icmp -- anywhere anywhere icmp echo-reply
    ACCEPT icmp -- anywhere anywhere icmp time-exceeded
    ACCEPT icmp -- anywhere anywhere icmp echo-request
    PAROLE tcp -- anywhere anywhere tcp dpt:ftp
    PAROLE tcp -- anywhere anywhere tcp dpt:ssh
    PAROLE tcp -- anywhere anywhere tcp dpt:smtp
    PAROLE tcp -- anywhere anywhere tcp dpt:domain
    PAROLE tcp -- anywhere anywhere tcp dpt:http
    PAROLE tcp -- anywhere anywhere tcp dpt:81
    PAROLE tcp -- anywhere anywhere tcp dpt:pop3
    PAROLE tcp -- anywhere anywhere tcp dpt:https
    PAROLE tcp -- anywhere anywhere tcp dpt:10000
    ACCEPT udp -- anywhere anywhere udp dpt:domain
    DROP icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain PUB_OUT (4 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere


    I hope this helps. And I hope it's posted correctly. I don't know how to do screenshots.

    thanks again
     
  15. falko

    falko Super Moderator Howtoforge Staff

    Is SELinux disabled on the system?
     
  16. jopa123

    jopa123 New Member

    Not sure

    Falko,

    Not sure. I will check it when I get home.

    Just FYI, I never get to a "login" or "username" screen with ssh. I get a "Network error. Connection timed out" message. I don't know if that helps.

    thanks again
     
  17. martinfst

    martinfst Member Moderator

    Sounds like a network error. Bad cable? Mixing Full-Duplex and Half-Duplex? Mixing 10Mb and 100Mb? ISP blocking ports (though unlikely in this case)?
     
  18. jopa123

    jopa123 New Member

    Hey Falko,

    As far as I can tell SEKinux is turned off. I checked through the gui by hitting Desktop > System Settings > Security Level. On the firewall tab, it shows that the firewall is disabled. On the SELinux tab, there is no check mark in the "enable" box. There is a check mark in the "relabel on next reboot" box, tho.

    I also VI'd into the /etc/sysconfig/system-config-securitylevel file. There is nothing in there but the word 'disabled'. Other than notations, of course.


    martinfst,

    It can't be a bad cable since this is wireless. And it's highly unlikely that the ISP is blocking ports since ssh worked before the ISPconfig install.

    But you never know. I'm stumped.

    Thanks again for the help.
     
  19. falko

    falko Super Moderator Howtoforge Staff

    What's in /etc/sysconfig/selinux?
    Have you tried to reboot the system?
     
  20. jopa123

    jopa123 New Member

    Other than notations:

    SELINUX=disabled

    and

    SELINUXTYPE=targeted
     

Share This Page