Welcome to Centmin Mod Community
Become a Member

OVH Dedicated Server, SSH suddenly stops working

Discussion in 'Dedicated server hosting' started by rdan, Dec 15, 2015.

Tags:
  1. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    What aspects should I diagnose?
    CSF disabled via csf -x doesn't help.

    I can only connect to this server via our backup server on BackupSy which I luckily setup password less ssh via Public Key Authentication .

    Other machine I tried to access via SSH doesn't work and all timeouts.

    Website/Forums on that server works fine.
    I can also access the main IP via browser/port 80.

    Even if I manually added my desktop public key on the server, still can't connect, maybe because I'm not yet registered as known host?
     
  2. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    I changed this server SSH port to custom one since Nov 3, after initial install.
    And all access works fine until today.
    Last time I connect via SSH was yesterday.
     
  3. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Did you whitelist IPs ?

    CSF firewall related CSF - CSF Firewall info | Centmin Mod Community and CSF Firewall - Centmin Mod - Menu based Nginx installer for CentOS servers

    more info might be helpful
    1. What version of Centmin Mod ? .07 stable or .08 beta ? If .08 beta when was it installed and when was last time you updated the .08 beta code (there's constant updates to the code).
    2. What's your VPS/Server hardware specifications ? Xen/KVM/OpenVZ ? cpu type ? memory available ? disk space ? OS and version ? i.e. CentOS 6.6 or 7.1 ?
    3. Who's your web host ?
    4. Your ISP ip address static/dynamic ?
    5. What were you doing connection wise to your server leading up to the blockage ?
    6. If you're on dynamic ip, you may need additional steps CSF Firewall as per Getting Started Guide step 4
    7. Other steps: Does your web host offer out of band VNC/KVM/IPMI Console access? If you can, check if you ips are blocked using csf -g grep command
      Code:
      csf -g YOURIPADDRESS
      commands you can see for csf via
      Code:
      csf -h
      whitelist your ISP range of ips if you know the range
      Code:
      csf -a IPADDRESSORRANGE
      remove temp and permanent blocks from csf
      Code:
      csf -tr IPADDRESS
      csf -dr IPADDRESS
      also check CSF /var/log/lfd.log for clues
      Code:
      tail -50 /var/log/lfd.log
      another log is /var/log/messages you can grep it for your ips
      Code:
      grep IPADDRESS /var/log/messages
     
  4. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    .09beta
    I installed it on Novermber 3, 2015.
    centmin code is latest 09.
    Dedicated server CentOS 6.7
    OVH :).
    Dynamic, but doesn't matter as I have tried connecting to that server using my other VPS/Dedicated server also, still not working.

    Nothing, just suddenly stops me from connecting via SSH.
    No it's not block.
     
  5. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    Tried white listed my system IP use to connect, but still receiving "Connection timed out" error.
     
  6. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    As you can see on this log:
    The last SSH login I successfully did via password auth on my desktop was:
    Dec 14 03:06:24 ovh lfd[16479]
     
  7. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    can you do the reverse and ssh and ping your other systems and yourself via OVH server SSH ?

    Did you change SSH port number from 22 ?
     
  8. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    enable SSH client verbose mode when you connect for further clues too
     
  9. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
     
  10. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    and your /var/log/secure for clues
     
  11. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    Yes, it works fine Eva.
     
  12. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
     
  13. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    This doesn't apply right since I can't connect on every system.
    Not just my own desktop.
     
  14. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    8.8.8.8 being the OVH server IP and 2222 the custom port.
     
  15. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    your secure log says sshd listening on port 1018 but here you trying port 2222 ?
     
  16. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    I edited it manually to hide my custom port # :D.
    Yes, 1018 is my custom port original, just forgot to modify it on secure log :|.
     
  17. eva2000

    eva2000 Administrator Staff Member

    37,212
    8,126
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,512
    Local Time:
    4:19 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you testing with CSF enabled ? if you disable CSF firewall, you want have any default iptable rules in place so alot of stuff might be blocked port wise

    With CSF enabled, I'd double check your ports are whitelisted for SSHD port
    Code:
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    and check listening ports
    Code:
    netstat -ntl
     
  18. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    Yes.
     
  19. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    Yes it is, since I can connect via backup Server.
     
  20. rdan

    rdan Premium Member Premium Member

    4,412
    1,058
    113
    May 25, 2014
    Ratings:
    +1,541
    Local Time:
    2:19 AM
    Mainline
    10.2
    [​IMG]
     
..