SSH Remote Login Not Working Anymore!

Discussion in 'Server Operation' started by kisong, Dec 29, 2005.

  1. kisong

    kisong New Member

    For several months, I was able to login to my ssh account without any problems. I changed the default port to xxxx (do not want to reveal this port for security reasons).

    Anyways, a couple days ago, I restarted my server, and now, I am unable to login to the SSH server. I am 100% sure I am connecting to the right port and ip address. I am also sure that the port is open to connections. I know this because I can go to to a port scanning site and it says that the ssh port is open.

    I checked the sshd_config settings and the correct port is open.

    What other settings should I check?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you run "netsat -tap", is your sshd daemon listed there, listening on your custom port?
     
  3. kisong

    kisong New Member

    it shows the following:

    tcp 0 0 *:xxxx <--this is my custom port *:* LISTEN 1928/sshd

    Is that right?
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Does your firewall maybe block that port?
     
  5. kisong

    kisong New Member

    To the best of my knowledge, it looks like the port is open and there is no firewall that is blocking that port.

    Is there a way for me to verify this?

     
  6. falko

    falko Super Moderator Howtoforge Staff

    Please post the output of
    Code:
    iptables -L
     
  7. kisong

    kisong New Member

    PAROLE tcp --anywhere anywhere tcp dpt:ssh


    That's not the whole output, but I think this should suffice.

     
  8. kisong

    kisong New Member

    Solved!!

    SOLVED. I added the xxxx SSH port to be opened within ISPConfig.

    How did this setting get changed? Removed? Destroyed?

    Does this happen every time the server is restarted?

     
  9. falko

    falko Super Moderator Howtoforge Staff

    What do you mean with that? You changed the SSH port, but you cannot expect the firewall to recognize that and adjust itself to the new port...

    If you've enabled the ISPConfig firewall, it will be started whenever the server boots (of course, with the settings you specified in the web interface). Just make sure that your system doesn't start a second firewall that interferes with the ISPConfig firewall.
     
  10. kisong

    kisong New Member

    The reason I said this is because prior to restarting the server, the port was set to xxxx and the firewall for ISPConfig was set to the same port (again, I'm hiding the actual port number for security reasons).

    Before restarting the server, I was able to login with no problems.

    The problem started when I restarted the server. Somehow, ISPConfig lost the firewall settings I set and replaced it with a default firewall setting.

    Does that make sense?

     
  11. falko

    falko Super Moderator Howtoforge Staff

    ISPConfig writes all allowed ports to /etc/Bastille/bastille-firewall.cfg. They don't get lost when you restart your server. But I can imagine the following: you have a second firewall on your server that you did not disable properly, and whenever you restart your server, this firewall tries to start and interferes with ISPConfig's firewall...
     

Share This Page