The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSHD fails...

Discussion in 'General Discussion' started by sam.tn, Jul 6, 2006.

  1. sam.tn

    sam.tn Registered

    Joined:
    Jul 6, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I was following the guide here:
    http://forums.cpanel.net/showthread.php?t=30159&highlight=attacks

    I reached the SSH port change and that's what i did (w/o changing ip), saved and exit.
    but now i connot access ssh (putty) and i get timeout !

    When try to restart ssh server through WHM? i get:
    Code:
    root     26953  1.1  0.5 18296 16972 ?       S    12:37   0:00 /usr/local/cpanel/whostmgr/bin/whostmgr ./ressshd
    root     26971  1.1  0.0  3524 1516 ?        S    12:37   0:00 /usr/sbin/sshd
    
    
    Jul 6 12:37:33 host sshd: sshd -TERM succeeded Jul 6 12:37:33 host sshd: succeeded sshd has failed, please contact the sysadmin.
    

    ps: router port opened, and firewall disabled.
    Any idea before i submit a ticket ?
    Regards.
     
  2. nottheusual1

    nottheusual1 Active Member

    Joined:
    Jul 13, 2004
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Check your SSH client setup

    This is a common "ooops" when you change SSH ports.

    Be sure the SSH client (we swear by Putty) setup has been changed to match the changes you put in place when you did the edit from the excellent server hardening tutorial. We only allow SSH via a single IP on our servers (not the server base IP) and use a very obscure port number (like 2878). This is the cause for the timeout - your server doesn't allow SSH connections to the default (port 22) port anymore.

    All the SSH clients attempt to open a connection with port 22 by default. You need to change this as well as the IP you've decided to use instead of your base server IP.

    The SSH not being reported as working is a bug somewhere - the same line shows that it restarted OK. It does the same thing when restarted via WHM. It is working, though.

    Since dedicating a single IP per server for SSH (NOT the server base IP address) and using an off-beat port number, attacks on our servers have all but stopped.
     
    #2 nottheusual1, Jul 6, 2006
    Last edited: Jul 6, 2006
  3. moFBush

    moFBush Well-Known Member

    Joined:
    Dec 31, 2005
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    If you read his post, he's not having problems connecting via SSH.. SSHd wont even start.
     
  4. sam.tn

    sam.tn Registered

    Joined:
    Jul 6, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thanks you guys, but sorted now thanks to technical support team.

    Regards,
    sam.tn
     
  5. nottheusual1

    nottheusual1 Active Member

    Joined:
    Jul 13, 2004
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    If you read my post, this is a common error - sshd is running, even though it REPORTS as failed after the restart. If you look, right before the few words exclaiming failure, the system reports sshd started OK. You can recreate this via your own WHM (if you have changed the SSH port) by doing a SSHd restart via the WHM menu. It will report failure and you will be able to ssh in with no problems, and everything else will show SSHd running just fine.

    "Jul 6 12:37:33 host sshd: sshd -TERM succeeded Jul 6 12:37:33 host sshd: succeeded sshd has failed, please contact the sysadmin."

    The reason it shows as failing is because (I think, anyway) it is looking at port 22 to see if it is working - it isn't on that port anymore, so it thinks it isn't running.


    His real issue should have been a misconfigured ssh client - he restarted the service because he **thought** he couldn't connect - after he had changed the ssh port per the instructions from the server hardening tutorial. I've done the same thing when going from desktop to laptop on the road and **forgetting** to change the ssh config in Putty. SSHd never failed.

    Try it yourself and see........... You didn't understand the problem.
     
    #5 nottheusual1, Jul 7, 2006
    Last edited: Jul 7, 2006
  6. shawnsi

    shawnsi Registered

    Joined:
    Aug 17, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    what's the solution?

    Hey Sam, would you please share the solution with us? Thanks!

    Our server is having the same problem. The difference is that I have changed the default SSH port to something else and it was working a few days ago. Now I cannot access the SSH at all. Any help will be appriciated.

    -Shawn
     
    #6 shawnsi, Aug 5, 2008
    Last edited: Aug 5, 2008
Loading...

Share This Page