CSF Cannot access SSH after Changing Port number

how did you change sshd port ? use centmin.sh menu option 16 ?

Code:

--------------------------------------------------------
Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
--------------------------------------------------------
                   Centmin Mod Menu                  
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB 5.2, 5.5, 10, 10.1 Upgrade Sub-Menu
12). Zend OpCache Install/Re-install
13). Install ioping.sh vbtechsupport.com/1239/
14). SELinux disable
15). Install/Re-install ImageMagick PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2,p7zip etc
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Re-install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + WP Super Cache
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 

if you did you just need to edit your SSH client's session profile and change port from 22 to new port number

 

when you use menu option 16, the first prompt asks you to enter the default sshd port which is 22 and then next prompt is to enter the new sshd port.. You did that right ? enter 22 at first prompt then at 2nd prompt enter new sshd port ?

Code:

--------------------------------------------------------
Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
--------------------------------------------------------
                   Centmin Mod Menu                 
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB 5.2, 5.5, 10, 10.1 Upgrade Sub-Menu
12). Zend OpCache Install/Re-install
13). Install ioping.sh vbtechsupport.com/1239/
14). SELinux disable
15). Install/Re-install ImageMagick PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2,p7zip etc
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Re-install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + WP Super Cache
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 16
--------------------------------------------------------

Code:

*************************************************
* Setup sshd
*************************************************
--------------------------
backup sshd_config
--------------------------
cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config-backup
--------------------------
change ssh port
--------------------------
You'll be asked what your current default SSH port is (default = 22).
Then asked which SSH port number you want to change to.
New SSH port should be a number below and less than <1024.

Your current default SSH port is: 22

Enter existing SSH port number (default = 22 for fresh installs): 22

Enter the SSH port number you want to change to: 999

Post 999 configured in /etc/ssh/sshd_config
Port 999

Code:

*************************************************
* Setup sshd complete
*************************************************
To check to see if you can access your server via the new port
keep this existing SSH2 connection open, and start a new SSH2
connection to this server connecting via the new SSH2 port
if you can connect, then it's working.

If you can't connect, using your existing SSH2 logged in
connection, edit and check /etc/csf/csf.conf and your iptables
/etc/sysconfig/iptables and service iptables status
making sure the new port number you specified is correctly set
*************************************************

check my custom sshd port 999 was set

Code:

csf -l | grep 999
17       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:999
28       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:999

if you can't access it, you would need to use KVM/IPMI out of band console if your web host has the feature or on Linode that is using Lish Using the Linode Shell (Lish) - Linode Guides & Tutorials to get back in.

 

Have you tried the old 22 port number ? as the routine in menu 16 would need to match the old and new ports to change it, so match 22 default to new port. If you entered a port number not in csf.conf TCP_IN list of ports, there is nothing for menu option 16 to match and change. So in theory you should still have old port 22 in place on CSF. But the sshd config might be the problem as it would of changed that listening port. I might need to change that in inc/sshd.inc so it doesn't do that in future so might prevent such problems as yours

To get back in, you'll need to use DO VNC Console in your VPS droplet management area or contact DO support and edit your server's Port number defined in /etc/ssh/sshd_config back to 22

i.e. on my test above i set sshd port to 999 so change in /etc/ssh/sshd_config Port 999 back to Port 22

Code:

Port 999

then restart sshd service

Code:

service sshd restart

 

what does output of the command below give

Code:

grep Port /etc/ssh/sshd_config

set it to the desired new port manually for current fix and restart sshd service

a new update for .08 beta 03 centmin.sh menu option 16 will take care of future issues such as this but for now, you need to manually fix it

 

fyi, for .08 beta 03 i made a commit update just now to make the centmin.sh menu option 16 more foolproof update inc/sshd.inc make it more fool proof from mistaken existing ss… · centminmod/centminmod@ab6c4d2 · GitHub

 

set it in /etc/ssh/sshd_config to the desired new port manually for current fix and restart sshd service

Code:

Port DESIREDPORTNUMBER

 

Which version of centmin mod ? .07 stable or .08 beta 03 ? if on .08 beta 03, you can try updating to latest code first before trying centmin.sh menu option 16 again due to fix i added update inc/sshd.inc make it more fool proof from mistaken existing ss… · centminmod/centminmod@ab6c4d2 · GitHub

 

centmin.sh menu option 1 ? that is initial install only..

Upgrading Centmin Mod involves 2 parts.

1. Upgrading the actual Centmin Mod code which you downloaded via zip file or via github. This is heart of Centmin Mod where the code is the engine that runs centmin.sh shell based menu and all the automation you're accustomed to.
2. Upgrade software that Centmin Mod installed or manages. For this part following outline at Upgrade - How to upgrade Centmin Mod is best.

So essentially, you can upgrade from .07 to .08 in place, but not everything is upgraded as some things like server initial environment setup isn't changed i.e. how swap, tmp setup and allocation are created etc. The main parts from part 2 above are what in place upgrades do i.e. Nginx and PHP-FPM compilation and config/settings parameters and MariaDB version from 5.5 to 10.0.x. If you want the full environment changed including tmp and swap setup to .08's configuration, then you would need a fresh OS install and fresh .08 initial install. You can think of it like upgrading Windows 7 to Windows 8. An in place upgrade will upgrade code but won't change your computer environment from when you installed Windows 7 i.e. disk configuration and partition sizes won't change from when you initially installed Windows 7. Only way to change that would be fresh Windows 8 install.

There's 3 ways you can upgrade your .07 stable or .08 beta03 code you have on your server. They are outlined in respective upgrade sections of the first posts linked below:

1. For .07 stable 1st post see section on upgrades Install - Centmin Mod 1.2.3-eva2000.07 stable install
2. For .08 beta 03 1st post see section on upgrade to latest code CentOS 7.x - How to help test .08 CentOS 7 Betas with Github code ?
3. For either .07 stable or .08 beta03 via github command line Upgrade - Working with git command line for updating Centmin Mod local copies

Github commit log for

• .07 stable Commits · centminmod/centminmod · GitHub
• .08 beta 03 Commits · centminmod/centminmod · GitHub

 

however, if you have VNC Console access to DO VPS, you can try existing .07 stable centmin.sh menu 16 again and see if it works as you now know to input existing sshd port first

 

git is another method of upgrade centminmod and will be the easiest way to do it via centmin mod .08 beta's new menu option 23 see Beta Branch - New .08 beta menu option - updating Centmin Mod via git | Centmin Mod Community For .08 beta 03 and higher you can auto update code via the git environment too Beta Branch - Cronjob Auto Updating Centmin Mod .08 beta03 How To Guide | Centmin Mod Community

fresh install, means you need to redo everything so probably not recommended, just update the code as outlined in the parts at CSF - Cannot access SSH after Changing Port number | Centmin Mod Community

the patch doesn't fix your problem, it just prevents future folks from experiencing your problem, as the new patch fix prevents folks from inputting an incorrect existing sshd port to begin with