Cannot access via ssh after reboot

General Discussion of atomic repo and development projects.

Ask for help here with anything else not covered by other forums.
tomkerswill
Forum User
Forum User
Posts: 40
Joined: Mon Mar 26, 2007 9:47 am

Cannot access via ssh after reboot

Unread post by tomkerswill »

Hi everyone,

This is probably something really stupid I'm doing wrong, but I was wondering if anyone can help. I ran asl 2 in fix mode (asl -f), and then rebooted my box. After a few minutes, everything comes up fine, and the sites are accessible. I also get several emails and security alerts from OSSEC, which is great, and suggests everything's working fine.

The only problem is, there's no ssh access. nmap reveals:

21/tcp open ftp
25/tcp open smtp
53/tcp open domain
80/tcp open http
106/tcp open pop3pw
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp open smtps
993/tcp open imaps
995/tcp open pop3s
8443/tcp open https-alt

I *can* access Plesk, but just can't get shell access at all. The only thing that occurs to me is that, in the configuration steps of asl, I didn't specify any whitelist hosts for whom OSSEC rules would not apply. Any advice would be gratefully received!

I'm sure I'll be able to reboot into rescue mode and gain ssh access that way, and that'll be pretty straightforward, so if anybody has any hints or suggestions as to what config files I could change to get ssh up again, that would be really appreciated,

Thanks in advance!

Tom
Highland
Forum Regular
Forum Regular
Posts: 674
Joined: Mon Apr 10, 2006 12:55 pm

Unread post by Highland »

Have you tried using Plesk's built in SSH client? Just a thought.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Unread post by scott »

Yeah you might have shunned yourself if you had a bad login. The default time is 600 seconds.

Theres a whitelist setting that is useful to keep that from happening from your management system(s).
tomkerswill
Forum User
Forum User
Posts: 40
Joined: Mon Mar 26, 2007 9:47 am

Unread post by tomkerswill »

Hi Highland,
Ah, thanks for the idea. Unfortunately I did try it :-( --- it's an interesting one, actually - if I click the SSH terminal client, I get a blank window (inside the Plesk frame)... I guess something's going wrong there, though I can't see the logs to find out what :-( --- everthing else on Plesk seems to work fine, just ironically not the SSH terminal... Ah well!
Tom
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Unread post by breun »

If the problem is that the SSH server is not accessible, then firing up Plesk's SSH client isn't going to help much.
Lemonbit Internet Dedicated Server Management
tomkerswill
Forum User
Forum User
Posts: 40
Joined: Mon Mar 26, 2007 9:47 am

Unread post by tomkerswill »

Scott - I don't think that's it, because I tried logging in afresh this morning (without doing anything beforehand), and got connection refused on port 22, even without any login attempts. Port 22 looks like it's closed.

Breun - yes, I suppose so, although since it's accessing it from 127.0.0.1 (I guess) rather than an outside network, the Plesk ssh client could conceivably have worked...

I think I'll reboot into rescue mode and try and work out what is going on from there... very strange - it's just ssh that's affected...
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Unread post by breun »

You can run commands on your server if you can setup cronjobs from Plesk. Might be a way to check/disable/start things.
Lemonbit Internet Dedicated Server Management
tomkerswill
Forum User
Forum User
Posts: 40
Joined: Mon Mar 26, 2007 9:47 am

Unread post by tomkerswill »

Ah, thanks Breun - that hadn't occurred to me! I like it... could definitely work!
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Unread post by scott »

yeah, works for the badguys too :P
tomkerswill
Forum User
Forum User
Posts: 40
Joined: Mon Mar 26, 2007 9:47 am

Unread post by tomkerswill »

Thanks for all the help. It turned out to be a dogey sshd_config in the end ... and so that cron trick worked brilliantly - I just copied in a new sshd_config using a cron command... all fine and dandy!
Cheers
Tom
Post Reply