SSHD fails...

[sam.tn]

Hello,

I was following the guide here:
http://forums.cpanel.net/showthread.php?t=30159&highlight=attacks

I reached the SSH port change and that's what i did (w/o changing ip), saved and exit.
but now i connot access ssh (putty) and i get timeout !

When try to restart ssh server through WHM? i get:

root     26953  1.1  0.5 18296 16972 ?       S    12:37   0:00 /usr/local/cpanel/whostmgr/bin/whostmgr ./ressshd
root     26971  1.1  0.0  3524 1516 ?        S    12:37   0:00 /usr/sbin/sshd


Jul 6 12:37:33 host sshd: sshd -TERM succeeded Jul 6 12:37:33 host sshd: succeeded sshd has failed, please contact the sysadmin.

ps: router port opened, and firewall disabled.
Any idea before i submit a ticket ?
Regards.

 

[nottheusual1]

Check your SSH client setup

This is a common "ooops" when you change SSH ports.

Be sure the SSH client (we swear by Putty) setup has been changed to match the changes you put in place when you did the edit from the excellent server hardening tutorial. We only allow SSH via a single IP on our servers (not the server base IP) and use a very obscure port number (like 2878). This is the cause for the timeout - your server doesn't allow SSH connections to the default (port 22) port anymore.

All the SSH clients attempt to open a connection with port 22 by default. You need to change this as well as the IP you've decided to use instead of your base server IP.

The SSH not being reported as working is a bug somewhere - the same line shows that it restarted OK. It does the same thing when restarted via WHM. It is working, though.

Since dedicating a single IP per server for SSH (NOT the server base IP address) and using an off-beat port number, attacks on our servers have all but stopped.

 

[moFBush]

If you read his post, he's not having problems connecting via SSH.. SSHd wont even start.

 

[sam.tn]

Thanks you guys, but sorted now thanks to technical support team.

Regards,
sam.tn

 

[nottheusual1]

If you read his post, he's not having problems connecting via SSH.. SSHd wont even start.

If you read my post, this is a common error - sshd is running, even though it REPORTS as failed after the restart. If you look, right before the few words exclaiming failure, the system reports sshd started OK. You can recreate this via your own WHM (if you have changed the SSH port) by doing a SSHd restart via the WHM menu. It will report failure and you will be able to ssh in with no problems, and everything else will show SSHd running just fine.

"Jul 6 12:37:33 host sshd: sshd -TERM succeeded Jul 6 12:37:33 host sshd: succeeded sshd has failed, please contact the sysadmin."

The reason it shows as failing is because (I think, anyway) it is looking at port 22 to see if it is working - it isn't on that port anymore, so it thinks it isn't running.

His real issue should have been a misconfigured ssh client - he restarted the service because he **thought** he couldn't connect - after he had changed the ssh port per the instructions from the server hardening tutorial. I've done the same thing when going from desktop to laptop on the road and **forgetting** to change the ssh config in Putty. SSHd never failed.

Try it yourself and see........... You didn't understand the problem.

 

[shawnsi]

what's the solution?

Thanks you guys, but sorted now thanks to technical support team.

Regards,
sam.tn

Hey Sam, would you please share the solution with us? Thanks!

Our server is having the same problem. The difference is that I have changed the default SSH port to something else and it was working a few days ago. Now I cannot access the SSH at all. Any help will be appriciated.

-Shawn