The service “sshd” appears to be down.

Santi109

Registered
Oct 17, 2017
3
0
1
Cambodia
cPanel Access Level
Root Administrator
How to fix this error? my server provider told me that some iptables rules blocking most of the ports.. I am really beginner to Linux CentOS..

Any help really appreciated..

Thanks
 

Santi109

Registered
Oct 17, 2017
3
0
1
Cambodia
cPanel Access Level
Root Administrator
I was reinstall sshd with success, what configuration I need to do?

sshd was running. but i dont know if I need to make configuration to secure it?

Hi,

If you have a KVM, VNC, or IMPI access of your machine, then you will have to disable the firewall first on your machine..
Did you change the SSH port?
I dont change the SSH port. it is 22.. does i need to disable firewall now?
 
Last edited by a moderator:

SysSachin

Well-Known Member
Aug 23, 2015
604
48
28
India
cPanel Access Level
Root Administrator
Twitter
sshd was running. but i dont know if I need to make configuration to secure it?
To secure SSHD you have to change ssh port as well as disable direct root access.

Did you installed any other firewall on your server ? like csf or apf ?
 

cPWilliamL

cP Technical Analyst II
Staff member
May 15, 2017
258
30
103
America
cPanel Access Level
Root Administrator
As others have pointed out, you should:
  1. Change the SSH port and ensure the new port is open in iptables
  2. Setup a wheel user and disable root SSH access
  3. Setup SSH keys and disable password authentication
The following documentation should be helpful:
Manage Wheel Group Users - Documentation - cPanel Documentation
Manage root's SSH Keys - Documentation - cPanel Documentation
SSH Password Authorization Tweak - Documentation - cPanel Documentation

It's best to make these changes via console access, that way, if a change you make results in no access, you can easily revert.
 
  • Like
Reactions: SysSachin

Santi109

Registered
Oct 17, 2017
3
0
1
Cambodia
cPanel Access Level
Root Administrator
To secure SSHD you have to change ssh port as well as disable direct root access.

Did you installed any other firewall on your server ? like csf or apf ?
I think there is not other firewall. it just iptables.. does any port that haven't been used would be okay?

As others have pointed out, you should:
  1. Change the SSH port and ensure the new port is open in iptables
  2. Setup a wheel user and disable root SSH access
  3. Setup SSH keys and disable password authentication
The following documentation should be helpful:
Manage Wheel Group Users - Documentation - cPanel Documentation
Manage root's SSH Keys - Documentation - cPanel Documentation
SSH Password Authorization Tweak - Documentation - cPanel Documentation

It's best to make these changes via console access, that way, if a change you make results in no access, you can easily revert.
Does console access mean IPMI would be suitable? Thank you for the documentation..