Get the most out of your Centmin Mod LEMP stack
Become a Member

OVH Dedicated Server, SSH suddenly stops working

Discussion in 'Dedicated server hosting' started by RoldanLT, Dec 15, 2015.

Tags:
  1. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    What aspects should I diagnose?
    CSF disabled via csf -x doesn't help.

    I can only connect to this server via our backup server on BackupSy which I luckily setup password less ssh via Public Key Authentication .

    Other machine I tried to access via SSH doesn't work and all timeouts.

    Website/Forums on that server works fine.
    I can also access the main IP via browser/port 80.

    Even if I manually added my desktop public key on the server, still can't connect, maybe because I'm not yet registered as known host?
     
  2. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    I changed this server SSH port to custom one since Nov 3, after initial install.
    And all access works fine until today.
    Last time I connect via SSH was yesterday.
     
  3. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    Did you whitelist IPs ?

    CSF firewall related CSF - CSF Firewall info | Centmin Mod Community and CSF Firewall - Centmin Mod - Menu based Nginx installer for CentOS servers

    more info might be helpful
    1. What version of Centmin Mod ? .07 stable or .08 beta ? If .08 beta when was it installed and when was last time you updated the .08 beta code (there's constant updates to the code).
    2. What's your VPS/Server hardware specifications ? Xen/KVM/OpenVZ ? cpu type ? memory available ? disk space ? OS and version ? i.e. CentOS 6.6 or 7.1 ?
    3. Who's your web host ?
    4. Your ISP ip address static/dynamic ?
    5. What were you doing connection wise to your server leading up to the blockage ?
    6. If you're on dynamic ip, you may need additional steps CSF Firewall as per Getting Started Guide step 4
    7. Other steps: Does your web host offer out of band VNC/KVM/IPMI Console access? If you can, check if you ips are blocked using csf -g grep command
      Code:
      csf -g YOURIPADDRESS
      commands you can see for csf via
      Code:
      csf -h
      whitelist your ISP range of ips if you know the range
      Code:
      csf -a IPADDRESSORRANGE
      remove temp and permanent blocks from csf
      Code:
      csf -tr IPADDRESS
      csf -dr IPADDRESS
      also check CSF /var/log/lfd.log for clues
      Code:
      tail -50 /var/log/lfd.log
      another log is /var/log/messages you can grep it for your ips
      Code:
      grep IPADDRESS /var/log/messages
     
  4. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    .09beta
    I installed it on Novermber 3, 2015.
    centmin code is latest 09.
    Dedicated server CentOS 6.7
    OVH :).
    Dynamic, but doesn't matter as I have tried connecting to that server using my other VPS/Dedicated server also, still not working.

    Nothing, just suddenly stops me from connecting via SSH.
    No it's not block.
     
  5. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    Tried white listed my system IP use to connect, but still receiving "Connection timed out" error.
     
  6. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    As you can see on this log:
    The last SSH login I successfully did via password auth on my desktop was:
    Dec 14 03:06:24 ovh lfd[16479]
     
  7. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    can you do the reverse and ssh and ping your other systems and yourself via OVH server SSH ?

    Did you change SSH port number from 22 ?
     
  8. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    enable SSH client verbose mode when you connect for further clues too
     
  9. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
     
  10. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    and your /var/log/secure for clues
     
  11. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    Yes, it works fine Eva.
     
  12. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
     
  13. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    This doesn't apply right since I can't connect on every system.
    Not just my own desktop.
     
  14. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    8.8.8.8 being the OVH server IP and 2222 the custom port.
     
  15. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    your secure log says sshd listening on port 1018 but here you trying port 2222 ?
     
  16. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    I edited it manually to hide my custom port # :D.
    Yes, 1018 is my custom port original, just forgot to modify it on secure log :|.
     
  17. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    10:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    you testing with CSF enabled ? if you disable CSF firewall, you want have any default iptable rules in place so alot of stuff might be blocked port wise

    With CSF enabled, I'd double check your ports are whitelisted for SSHD port
    Code:
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    and check listening ports
    Code:
    netstat -ntl
     
  18. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    Yes.
     
  19. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    Yes it is, since I can connect via backup Server.
     
  20. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    8:07 AM
    1.11
    10.2
    [​IMG]