• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved RootLogin in SSH other than port22

J

JuanCar

Regular Pleskian
Server operating system version
Almalinux 9.4
Plesk version and microupdate number
Plesk Obsidian 18.0.62 #1
Hi.
I just migrated my Plesk from Centos to AlmaLinux 9
I had root access to ssh.
I changed port number, and setup Firewall to allow the new port.
But I cannot access using root.
When I try ssh access I get this answer: The remote system refused the connection
I created a new user with ssh access right (allowusers root sshuser), with this user I can access by ssh to the server and switch to root when logged.
I wonder why I can't access ssh as root using another port different of 22
Any idea?
 
Check SSH Configuration File:

Edit your SSH configuration file to ensure it allows root login on the new port.
#sudo nano /etc/ssh/sshd_config

Verify the following settings:
Port <new_port_number>
PermitRootLogin yes
AllowUsers root sshuser

After making changes to the SSH configuration file, restart the SSH service;
sudo systemctl restart sshd


Hope this helps!
 
It's also worth checking if there is no other firewall application running (firewalld being the most common).
 
afuego said:
Check SSH Configuration File:

Edit your SSH configuration file to ensure it allows root login on the new port.
#sudo nano /etc/ssh/sshd_config

Verify the following settings:
Port <new_port_number>
PermitRootLogin yes
AllowUsers root sshuser

After making changes to the SSH configuration file, restart the SSH service;
sudo systemctl restart sshd


Hope this helps!
Click to expand...
I followed all these steps, of course. But the problem is that if I set port to 22 root access is allowed, but when I set another port root access are forbidden. Of course the port is open, an so I can access with another user.
I cannot see any other firewall.
I have Selinux in my system, but I set it to permissive, so it doesn't affect.
 
JuanCar said:
I followed all these steps, of course. But the problem is that if I set port to 22 root access is allowed, but when I set another port root access are forbidden. Of course the port is open, an so I can access with another user.
I cannot see any other firewall.
I have Selinux in my system, but I set it to permissive, so it doesn't affect.
Click to expand...
If SELinux is enabled, you might need to configure it to allow SSH on the new port:

#sudo semanage port -a -t ssh_port_t -p tcp <new_port_number>
#sudo semanage port -l | grep ssh


Check SSH logs for any errors:

sudo tail -f /var/log/secure
ssh -p <new_port_number> root@<server_ip>


Ensure the SSH daemon is listening on the new port. You can check this with:

#sudo netstat -tuln | grep <new_port_number>
 
afuego said:
If SELinux is enabled, you might need to configure it to allow SSH on the new port:

#sudo semanage port -a -t ssh_port_t -p tcp <new_port_number>
#sudo semanage port -l | grep ssh


Check SSH logs for any errors:

sudo tail -f /var/log/secure
ssh -p <new_port_number> root@<server_ip>


Ensure the SSH daemon is listening on the new port. You can check this with:

#sudo netstat -tuln | grep <new_port_number>
Click to expand...
I can use the new port with a non-root user but not with root. Ports are not the problem, the problem is that root can access if I use port 22 but not if I use any other port.
And SElinux is deactivated with setenforce 0. And logs secure o messages doesn't contain any info about the root access denied. So I think SElinux is not the issue.
 
JuanCar said:
I followed all these steps, of course. But the problem is that if I set port to 22 root access is allowed, but when I set another port root access are forbidden. Of course the port is open, an so I can access with another user.
Click to expand...
The error message is suspicious, though. The remote system refused the connection usually means that the connection itself is already failing, and at that point the server has no way to know you want to login as root, so it shouldn't be able to deny you based on that. Are you absolutely sure you didn't fumble the port number in your ssh client config/commandline for the root login attempt?
 
Solved: I'm silly, very, very, very silly
The mistake was in my side. I was using an script to connect (with default port 22), but I was setting port config in another one.
Thanks
 
You must log in or register to reply here.

Similar threads

serreri
Issue Redundant error after changing ssh port with plesk extension - SSH Terminal - 1.3.8-111
Replies
1
Views
448
Vladimir C.
V
H
Question SSH user can see other subdomain directories even with chrooted shell?
Replies
3
Views
489
Raul A.
R
WhiteTiger
Question Access from a static IP is not allowed
Replies
0
Views
309
WhiteTiger
WhiteTiger
D
Issue Migration Manager
Replies
6
Views
1K
alapshin
A
S
Question Will disabling Ubuntu SSH root login affect Plesk FTP/SSH Terminal?
Replies
1
Views
763
Kaspar@Plesk
Kaspar@Plesk
Back
Top