For several months, I was able to login to my ssh account without any problems. I changed the default port to xxxx (do not want to reveal this port for security reasons). Anyways, a couple days ago, I restarted my server, and now, I am unable to login to the SSH server. I am 100% sure I am connecting to the right port and ip address. I am also sure that the port is open to connections. I know this because I can go to to a port scanning site and it says that the ssh port is open. I checked the sshd_config settings and the correct port is open. What other settings should I check?
To the best of my knowledge, it looks like the port is open and there is no firewall that is blocking that port. Is there a way for me to verify this?
PAROLE tcp --anywhere anywhere tcp dpt:ssh That's not the whole output, but I think this should suffice.
Solved!! SOLVED. I added the xxxx SSH port to be opened within ISPConfig. How did this setting get changed? Removed? Destroyed? Does this happen every time the server is restarted?
What do you mean with that? You changed the SSH port, but you cannot expect the firewall to recognize that and adjust itself to the new port... If you've enabled the ISPConfig firewall, it will be started whenever the server boots (of course, with the settings you specified in the web interface). Just make sure that your system doesn't start a second firewall that interferes with the ISPConfig firewall.
The reason I said this is because prior to restarting the server, the port was set to xxxx and the firewall for ISPConfig was set to the same port (again, I'm hiding the actual port number for security reasons). Before restarting the server, I was able to login with no problems. The problem started when I restarted the server. Somehow, ISPConfig lost the firewall settings I set and replaced it with a default firewall setting. Does that make sense?
ISPConfig writes all allowed ports to /etc/Bastille/bastille-firewall.cfg. They don't get lost when you restart your server. But I can imagine the following: you have a second firewall on your server that you did not disable properly, and whenever you restart your server, this firewall tries to start and interferes with ISPConfig's firewall...