Were getting emails about sshd failing on several of our servers, this started shortly after upcp ran. Anyone else having same?
Last edited:
We did try a restart of sshd but it didn't fix the problem, its occurring on a few boxes. However ssh is not failing as we can login at any time and on two boxes we have left top -s running during the ssh failure emails. Interestingly the cpanel service email contains a line giving the number of restarts attempted and this matches the number of emails received, so the first email said ssh failed with one restart attempted and the 27th email says restarts attempted 27 etc.
The logs contain the same info the email does, ie ;
The logs contain the same info the email does, ie ;
I've also started receiving these email since last night 
but SSH is working fine
I've restarted the ssh service using "service sshd restart" and it restarts fine, in cpanel I get this error:
Here is the email I receive:
but SSH is working fine I've restarted the ssh service using "service sshd restart" and it restarts fine, in cpanel I get this error:
I restarted the server and also tried "/scripts/upcp --force" but made no difference.
Here is the email I receive:
I also love the my server is "automagically" restarted and not "automatically", sounds like there is magic involved
I am having the same problem since last nights update.
I am also getting "The security token is missing from your request." error when refreshing a WHM Login or WebMial Login.
I am also getting "The security token is missing from your request." error when refreshing a WHM Login or WebMial Login.
Another one with the same issue. Started getting sshd FAILED texts in the middle of the night, likely after upcp ran.
sshd is running fine. Disabled monitoring in the meantime.
additional info:
It's reporting the failure with the primary IP, but we run sshd on a single IP that is not the primary server IP. We also moved it from port 22. If this is related to anyone else's issues. csf+lfd is also on this server, therefore controlling access to sshd via the ip and port.
sshd is running fine. Disabled monitoring in the meantime.
additional info:
It's reporting the failure with the primary IP, but we run sshd on a single IP that is not the primary server IP. We also moved it from port 22. If this is related to anyone else's issues. csf+lfd is also on this server, therefore controlling access to sshd via the ip and port.
Last edited:
Can you please try adding this line above any deny rules in WHM Home »Security Center »Host Access Control to see if whitelisting Local connections resolves this issue.
sshd LOCAL allow
sshd 127.0.0.1 allow
If LOCAL is not whitelisted the ssh connection in the chksrvd test will fail because localhost will not be able to connect to the ssh server if you have an 'sshd ALL deny' rule in Host Access Control.
Please then wait 5 minutes to allow for chksrvd checks to re-run, and then check the 'Server Status' page to verify the sshd check ran successfully.
Please let us know if this resolves your issue.
Thanks!
sshd LOCAL allow
sshd 127.0.0.1 allow
If LOCAL is not whitelisted the ssh connection in the chksrvd test will fail because localhost will not be able to connect to the ssh server if you have an 'sshd ALL deny' rule in Host Access Control.
Please then wait 5 minutes to allow for chksrvd checks to re-run, and then check the 'Server Status' page to verify the sshd check ran successfully.
Please let us know if this resolves your issue.
Thanks!
Last edited:
Previously chksrvd ssh check only checked for sshd in the process list. In 11.38 cPanel is now attempting to make a connection to the sshd service to ensure that the service is up. Because of this if you have an deny all statement in your host access control without whitelisting local connections, host access control is blocking the chksrvd sshd check in some cases.
If the above fix did not work for you can you please open a ticket using the ticket link in my signature and post your ticket number here so we can investigate this issue further. In your support ticket make sure to reference this forum thread.
Thanks,
If the above fix did not work for you can you please open a ticket using the ticket link in my signature and post your ticket number here so we can investigate this issue further. In your support ticket make sure to reference this forum thread.
Thanks,
Last edited:
OK, fixed thanks to cpanel tech Juan-Carlos Newton. Make sure to add to /etc/hosts.allow:
sshd : 127.0.0.1 : allow
sshd : local : allow
sshd : 127.0.0.1 : allow
sshd : local : allow