The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Restarting SSH Daemon

Discussion in 'General Discussion' started by crshep, Jun 19, 2014.

  1. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    When ever I try to restart SSH I always get
    ------------------------------------------------------------------
    Restarting SSH Daemon

    Waiting for sshd to restart.....finished.

    sshd (/usr/sbin/sshd) running as root with PID 27400 (pidfile check method)

    sshd: [ != SSH]
    sshd has failed, please contact the sysadmin.
    --------------------------------------------------------------------

    I was told by the host it is probably becasue I changed the SSH port from 22 to another port.
    If this is true how to I fix it so it restarts with the NEW port I gave it since we all know keeping
    port 22 isn't a good idea.

    Thanks
    Charles
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Check to see if a custom ListenAddress entry exists in your /etc/ssh/sshd_config file that binds SSH to a specific IP address. If there is such an entry, it will prevent local connections to SSH over 127.0.0.1, and thus result in that failure message.

    Thank you.
     
  3. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    This is what I see in that file if this is the part your talking about. (I XXXX the port on purpose)

    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented. Uncommented options change a
    # default value.

    Port XXXX
    #AddressFamily any
    #ListenAddress 0.0.0.0
    #ListenAddress ::

    ---------------------------------------------------------------------

    Anyway you told me what would cause the result of the failure message so how would I fix it so it works?

    Thanks
    Charles
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    Is this what you mean? and thanks
    ------------------------------------------------------
    root@server1 [~]# grep ListenAddress /etc/ssh/sshd_config
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    root@server1 [~]#
    --------------------------------------------------------

    Charles
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  7. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    Yes on all my VPS's since I do not use port 22 I figure if you can get me to fix one the others will be easy to fix. :O)
    -------------------

    Restarting SSH Daemon

    Waiting for sshd to restart.....finished.

    sshd (/usr/sbin/sshd) running as root with PID 27400 (pidfile check method)

    sshd: [ != SSH]
    sshd has failed, please contact the sysadmin.
    --------------------------------------------------------

    Thanks
    Charles
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's not accurate that SSH will fail during restarts if you use a different port. Check to see if you have any rules in /etc/hosts.allow that could be denying localhost access to SSH to report it as running well. Please keep in mind that it looks like SSH is actually running fine, and it's just being incorrectly reported as failed.

    Thank you.
     
  9. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    my IP is in the /etc/hosts.allow as is cpanels IP's

    But I would like to note changing the port back to 22 the restart works fine. So I would say it does matter the port being used. It seems like any port other then 22 it fails.
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please open a support ticket so we can take a closer look. If that's the case, an internal case is necessary. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  11. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8
    Trevor Bordner says: June 22nd, 2014 at 07:41 AM
    Hello,

    Thanks for standing by while I've continued to look into this.

    After a bit more digging, I found that this is related to a known issue in the current cPanel release which happens when "sshd : ALL : deny" is found in the /etc/hosts.allow file. This issue is being tracked with case #97153, and this will be published on http://changelog.cpanel.net when the fix is released.

    In the meantime, it looks like you'll be able to correct this by adding an entry for localhost in your /etc/hosts.allow file before the deny:

    -------
    sshd : 127.0.0.1 : allow
    -------

    This will allow the server to connect to itself and stop that error message from appearing when restarting SSH through WHM.

    Please let me know if you have any questions about this or experience any issues with this workaround and I'll be happy to assist you with this further.

    Regards,

    --
    Trevor Bordner
    Technical Analyst II
    Migrations Specialist
    cPanel.net
     
  12. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    865
    Likes Received:
    9
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Interesting reply from Trevor, I always though sshd : 127.0.0.1 : allow had to there if you were adding any entry to the hosts.allow file
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I am happy to see the issue was resolved. Yes, it's where I was getting at when referencing the rules in /etc/hosts.allow in my earlier response. Thank you for updating us with the outcome.
     
  14. crshep

    crshep Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    83
    Likes Received:
    1
    Trophy Points:
    8

    yea just kind of weird that you have to add sshd : 127.0.0.1 : allow to the "/etc/hosts.allow" for the server to see it's self I would have NEVER thought that. LOL So when I looked it up my IP was there and that was why I told Michael my IP is there not thinking "localhost" since I would have thought the server could see it's self.

    Anyway as long as it worked was all I cared about.

    Thanks
     
Loading...

Share This Page