-1

I previously followed this guide to add SSH keys to my remote server(I didn't hide or remove the keys from anywhere, just to be sure I don't lose access). It was passphrase protected. However I changed the passphrase to something else, and changed it back to the old one but now I can't login to it using another terminal session. Only my current terminal session is logged on, and unfortunately this is all as the root user. I generated new SSH key and added it to the server as well as my machine too but I still can't logon on it from another terminal session. How can I fix this?!

I fear I'd get locked out if I can't find a solution in time, that is, if my internet disconnects..

Akash Agarwal
  • 103
  • 4
  • restore the original `sshd_config` from package, then reload sshd. – Ipor Sircer Jan 09 '17 at 11:06
  • I'd check you have added your private part of your key on your local (client) machine to your ssh agent or it is being used when attempting to ssh into the server. – AJP Jan 09 '17 at 11:08
  • @IporSircer Sorry I'm naive in this domain, can you tell me the commands to that? I'm freaking out here – Akash Agarwal Jan 09 '17 at 11:08
  • @AJP I checked that the new private key is added to my local machine, but I can confirm that I'm already running a terminal session from before all of this mess happened. I'm just too afraid to close it. Should it matter? – Akash Agarwal Jan 09 '17 at 11:09
  • @AkashAggarwal if you ssh'd in using a password then no. Also if it's a new machine you've brought up and there's no valuable data on it then there's nothing to worry about. If there is valuable data you might consider making a backup of it now, otherwise if you lose control of the machine by being unable to login back in then you can delete it from your (cloud infrastructure) provider and request a new instance :) – AJP Jan 09 '17 at 11:13
  • Also can you edit your question with the command you are using and the error you get when you try to ssh into the server from your local (client) machine please. – AJP Jan 09 '17 at 11:17
  • @AJP I already made a backup using another user account of my important data, I'm going to try SSHing from another system now – Akash Agarwal Jan 09 '17 at 11:22
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/51431/discussion-between-ajp-and-akash-aggarwal). – AJP Jan 09 '17 at 11:23

2 Answers2

1

Check the logs on the server. If a login is failed, usually something is written to the logs.

According to your comment, you can't su with an ordinary user. This suggests you trying to supply a wrong password, otherwise su would work.

Try changing the root password to something simple which cannot possibly be mistyped. If the server isn't behid a firewall, just be sure to change to something long, that will do for the short time you're experimenting. Be sure to actually type the password, do not copy and paste it.

If you have public/private keys, be sure that only the owner has read/write access the .ssh directory, as well as to the keys. The ssh server won't authorize a key which is accessible to anyone but the owner.

If you still can't login, run the ssh server in debug mode on an other port like this:

/usr/sbin/sshd -d -d -d -p 10022

Then try connecting to the port 10022. The debug sshd process will log everything to the screen, so you may be able to spot any errors or anomalies preventing you from logging in.

Lacek
  • 7,233
  • 24
  • 28
  • Ok, all these problems were inter-related. I changed the shell wrongly using chsh, it was supposed to be '/bin/bash' but in my /etc/passwd file it was only 'bash' for root user, which is why I couldn't `su`, which is why I couldn't SSH using root, but I could using other user. Thank you! The debugging totally helped me out. – Akash Agarwal Jan 09 '17 at 13:13
0

Have you changed the sshd_config? If you want to be able to log on as root with a password PermitRootLogin needs to be set to Yes (and sshd reloaded).

If you're worried about losing your connection while you figure it out create a new user and set the password (which you can do as you're root). Unless sshd is really broken this will allow you to login and su - to root.

Nick
  • 149
  • 8
  • Nick, sorry for the delay. I got occupied. The /etc/ssh/sshd_config has never been changed, permitRootLogin is already yes. I did had another user already and I copied my improtant files, I just can't su and do anything with it, I must be doing something wrong – Akash Agarwal Jan 09 '17 at 11:35