• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Locked out from SSH!

C

CLovell

Guest
He everyone,

Hope someone's able to help as I may be in a bit of a quandry. I've recently used lvalics' lovely new box security script and all was running nicely until logging on this morning and finding all my SSH connections being refused!

I had used the option in the script to change the SSH port to a new one and limit to SSH-2 connections. Remote port-scanning is not showing the new port that I had specified. I have limited telnet access, ftp and the Plesk control panel, but otherwise I'm out!

If anyone could offer some advice or help I would be most extremely grateful - I'm a little new on Linux so any help would be extremely welcome.

Thanks again!
 
Ok, I can still upload scripts via ftp and run them via crontab. Trying to work out how I can either:

a) remove the old security installations made by the first script
b) reset ssh so I can login

Any chance someone would know a means of doing this please?
 
If you can use PLESK, then you can try from domain where is allowed SSH to enter with SSH Term and login with that Java Applet.
That will run as localhost and should work.
Then you can stop firewall and enter with SSH.

Also be sure that in /etc/apf/allow_hosts.rules you add your IP to have full access.

If all this is done and you still cannot do anything, ask for a reboot from hosting company. Also it is possibble to be hacked and hacker changed SSH port. Try to see if something is running what can be SSH.

Hope this help.
 
Hi Ivalics, thanks for replying.

Plesk's SSH shell gives me 'Connection Refused: connect'. I'm getting the worrying idea that the SSH service has stopped somehow. I'm wondering if there is a method of restarting it via telnet?

RKHunter & Chrootkit reports are coming up ok, but I'm enquiring with the hosts to see about getting something done.

Thanks again
 
Hmm, looks like SSH just won't open up that alternative port the script asks for. Thankfully the hosts were very nice about it and didn't charge to reset it.
 
Most hosts provide console access, typically in LILO/GRUB you map the console and a serial device and they provide a terminal server that connects to the serial device.

If your host doesn't have one, then you are at their mercy. I would definately recommend (in the future) using a host that provides console access, remote hard reboot, recovery capability (boot server into a "recovery" kernel), and re-imaging capability.

At the very least you need to have remote console access.
 
You must log in or register to reply here.

Similar threads

malisaeed
Issue write (github.com): Connection refused: port 22
Replies
0
Views
466
malisaeed
malisaeed
D
Resolved Need to find password for SSH Terminal use - the one I wrote down years ago isn't working
Replies
5
Views
372
Kaspar
K
M
Issue Can't open Port 25. Please help
Replies
2
Views
257
mhogue
M
pr0tax
Question Stop SSH Port Scanning
Replies
0
Views
817
pr0tax
pr0tax
B
Resolved How to turn off redirection from www.foo.bar/wp-admin to www2.foo.bar/wp-admin ?
Replies
1
Views
237
ben-tomsen
B
Back
Top