We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on Vesta 2.0 and expect to release it by the end of 2024. Read more about it: https://vestacp.com/docs/vesta-2-development
SSH permission denied
SSH permission denied
Both I and my nephew have a VPS with the same provider, set up with Debian 7 and Vesta (the only difference is I have x86, he has 64-bit).
I can log in fine on my server with SSH every time. On his server, once he reboots, he seems to be able to log in, but shortly after (maybe half a day) it refuses everything - different users, password and public key authentication. I have tried public key and it fails and falls back to password... which still fails. I know the username and password is correct.
The only thing he's changed from the stock install is that he's bound SSH to a single IP address that is different from his main site's IP address. I have done the same thing on mine, but that works fine.
auth.log shows no activity when it rejects the login. fail2ban has not blocked the IP. We have restarted both fail2ban and sshd repeatedly, no change. SSH is listening on port 22 and it seems to initially connect before rejecting the authentication.
Like I said, rebooting seems to work, but we can't do that every day, there are customers using it.
I would like to see if there's something in the log that explains this, but I don't see it anywhere. Is there another place I can look?
Thanks.
I can log in fine on my server with SSH every time. On his server, once he reboots, he seems to be able to log in, but shortly after (maybe half a day) it refuses everything - different users, password and public key authentication. I have tried public key and it fails and falls back to password... which still fails. I know the username and password is correct.
The only thing he's changed from the stock install is that he's bound SSH to a single IP address that is different from his main site's IP address. I have done the same thing on mine, but that works fine.
auth.log shows no activity when it rejects the login. fail2ban has not blocked the IP. We have restarted both fail2ban and sshd repeatedly, no change. SSH is listening on port 22 and it seems to initially connect before rejecting the authentication.
Like I said, rebooting seems to work, but we can't do that every day, there are customers using it.
I would like to see if there's something in the log that explains this, but I don't see it anywhere. Is there another place I can look?
Thanks.
Re: SSH permission denied
Try to restore the ip to default then If that works then that's the one causing the problem.
Me i just use the ff setup to secure my ssh.
Disallow root password login then i created a new user with sudo privilege and lastly i added allowusers ex. root mysecondaryuser then change the port ip. I think that's enough security already.
Me i just use the ff setup to secure my ssh.
Disallow root password login then i created a new user with sudo privilege and lastly i added allowusers ex. root mysecondaryuser then change the port ip. I think that's enough security already.
Re: SSH permission denied
Hello, do you have installed denyhosts?. if so, maybe they ban your ip. check this /etc/hosts.deny
Re: SSH permission denied
Hi all,
Thanks for your responses.
No, fail2ban (and denyhosts) are fine, the system is not rejecting the connection. It's only the *authentication* that is being denied. And I can't see anywhere that the system knows I'm even trying! I.e. no logs, nothing. If I could trace the issue in the logs I would be very happy...
Thanks for your responses.
No, fail2ban (and denyhosts) are fine, the system is not rejecting the connection. It's only the *authentication* that is being denied. And I can't see anywhere that the system knows I'm even trying! I.e. no logs, nothing. If I could trace the issue in the logs I would be very happy...
Re: SSH permission denied
did you trace the IP if it really routes to your box?
or are you using a domainname which may lead to another IP than the one you're expecting, because it is set wrong (typo/forgot to change etc.)?
or are you using a domainname which may lead to another IP than the one you're expecting, because it is set wrong (typo/forgot to change etc.)?
Re: SSH permission denied
It definitely goes to the IP assigned to the box, but I wonder if they have a duplicate IP issue at the host's end of things. That's the only reason I can think of for the strangeness going on here. We changed the IP to another one of the provided ones and it seems to be solid at the moment.Falzo wrote:did you trace the IP if it really routes to your box?
or are you using a domainname which may lead to another IP than the one you're expecting, because it is set wrong (typo/forgot to change etc.)?