SSH Password Authorization Tweak in cPanel
Issue: Sometimes, you get the following error while accessing your server through root:
Error: ssh_exchange_identification: Connection closed by remote host
Fix: Go to "Security Center >> SSH Password Authorization Tweak" and then Disable Password Auth and Enable it again.
SSH Password Authorization Tweak in WHM panel allows you to enable or disable password authorization for SSH authentication. If you disable password authorization, the system will force users to use keys when they use SSH to access your server.
More Info: https://documentation.cpanel.net/display/ALD/SSH+Password+Authorization+Tweak
If you are still unable to SSH to the server, I would suggest contacting your DC or your hosting provider immediately.
This issue may have arisen due any one of the issues below.
>> /etc/hosts.allow
Check /etc/hosts.allow and make sure that your local machine IP address is whitelisted in it. If you are not sure about the IP address, please access the URL "whatismyip.com" in the browser. It will show your current IP address.
Also check whether ssh is allowed in the server
# grep sshd /etc/hosts.allow
sshd: ALL
>> Missing Dependencies
This one typically happens after a glibc or openssl upgrade. Many distros can install updates to glibc or openssl libs and not require a restart to sshd.
On any distro you can recognize it when after an update, then use lsof to see where sshd has open files. Some will be pointed to DEL, because those libs were deleted on update.
# lsof -n | grep ssh | grep DEL
When an SSH connection comes in the sshd daemon forks and attempts to attach (ld) these lib files, and fails resulting in this error.
>> Corrupted Fingerprint / Keys
Some how one or the other of the fingerprints or keys has become corrupted (did you manually edit one of these files?). Remove the server-side fingerprint in the clients ~/.ssh/known_hosts and try again. When you re-connect you will be prompted to accept the host identity again.
Login via console & check the permission of /var/log/btmp. It must be 600
# chmod 600 /var/log/btmp
This issue may have arisen due any one of the issues below.
>> /etc/hosts.allow
Check /etc/hosts.allow and make sure that your local machine IP address is whitelisted in it. If you are not sure about the IP address, please access the URL "whatismyip.com" in the browser. It will show your current IP address.
Also check whether ssh is allowed in the server
# grep sshd /etc/hosts.allow
sshd: ALL
>> Missing Dependencies
This one typically happens after a glibc or openssl upgrade. Many distros can install updates to glibc or openssl libs and not require a restart to sshd.
On any distro you can recognize it when after an update, then use lsof to see where sshd has open files. Some will be pointed to DEL, because those libs were deleted on update.
# lsof -n | grep ssh | grep DEL
When an SSH connection comes in the sshd daemon forks and attempts to attach (ld) these lib files, and fails resulting in this error.
>> Corrupted Fingerprint / Keys
Some how one or the other of the fingerprints or keys has become corrupted (did you manually edit one of these files?). Remove the server-side fingerprint in the clients ~/.ssh/known_hosts and try again. When you re-connect you will be prompted to accept the host identity again.
Login via console & check the permission of /var/log/btmp. It must be 600
# chmod 600 /var/log/btmp
Comments
Post a Comment