Hi there,
I may have broken SSH on my PVE host by doing `systemctl stop sshd` a while back in the shell and not the web GUI - ever since, I've not been able to connect to the host over SSH. It's showing as running, and even accepts incoming SSH connections, however all connection attempts are rejected
Client side (-vvv verbose SSH logging):
(client username obscured)
Server side (auth.log):
(client IP obscured)
Fail2Ban was enabled but that has now been disabled - there are no banned IP's with fail2ban-client or in iptables
I have tried SSH'ing from different clients both on the LAN and elsewhere, however all get rejected
Thanks
EDIT: Everything in sshd.conf is default (that came with Proxmox), only the port has been changed
I may have broken SSH on my PVE host by doing `systemctl stop sshd` a while back in the shell and not the web GUI - ever since, I've not been able to connect to the host over SSH. It's showing as running, and even accepts incoming SSH connections, however all connection attempts are rejected
Client side (-vvv verbose SSH logging):
Code:
OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "myhost.domain.com" port 60252
debug2: ssh_connect_direct
debug1: Connecting to myhost.domain.com [X.X.X.X] port 60252.
debug1: Connection established.
debug1: identity file /home/XXXX/.ssh/id_rsa type -1
debug1: identity file /home/XXXX/.ssh/id_rsa-cert type -1
debug1: identity file /home/XXXX/.ssh/id_dsa type -1
debug1: identity file /home/XXXX/.ssh/id_dsa-cert type -1
debug1: identity file /home/XXXX/.ssh/id_ecdsa type -1
debug1: identity file /home/XXXX/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/XXXX/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/XXXX/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/XXXX/.ssh/id_ed25519 type -1
debug1: identity file /home/XXXX/.ssh/id_ed25519-cert type -1
debug1: identity file /home/XXXX/.ssh/id_ed25519_sk type -1
debug1: identity file /home/XXXX/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/XXXX/.ssh/id_xmss type -1
debug1: identity file /home/XXXX/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
Server side (auth.log):
Code:
Feb 1 22:30:29 lon-dc01 sshd[2410673]: refused connect from X.X.X.X (X.X.X.X)
Feb 1 22:31:35 lon-dc01 sshd[2411094]: refused connect from X.X.X.X (X.X.X.X)
Feb 1 22:47:17 lon-dc01 sshd[2417111]: refused connect from X.X.X.X (X.X.X.X)
Fail2Ban was enabled but that has now been disabled - there are no banned IP's with fail2ban-client or in iptables
I have tried SSH'ing from different clients both on the LAN and elsewhere, however all get rejected
Thanks
EDIT: Everything in sshd.conf is default (that came with Proxmox), only the port has been changed
Last edited: