webinterface not working, ssh remote host identification changed after sudden power loss

m_l_s

New Member
Dec 28, 2020
2
0
1
22
Hi,

As many people do I went back home for Christmas this Year. Not wanting to carry my server on a train (obv.) I just left it back in my Apartment.

It was all working fine yesterday, but my flatmate just texted me that the fridge was not working and then told me the surge protector flipped.

As a broke college student I don't have a UPS, so my server went down too.

That's why I asked my flatmate to turn it back on, so he did. At first I was able to see that it connected to my router wit the usual IP-Adress in my routers interface (I have a vpn running on my router to access the network remotely), although it said something like:

Code:
IP Adress valid following next request

It also din't have any of my lxcs' showing up although they should start on boot (two of three are accessing a Luks encrypted ZFS volume though so they usually don't boot up until that is decrypted)

I was not able to reach the Proxmox web interface, and the ssh request timed out, but I was able to ping the server, so I asked my flatmate to restart the server locally (pressing the power button).

After that it stopped showing the message from before in the router, but I was still not able to connect to the web interface ans the lxcs' didn't show up.

However, I was able to ping the server again.

And this time my ssh request didn't time out, but it warned me that the remote Host Identification has changed.

So my questions are:

  • is it possible the Host identification changed due to the sudden power loss and is it safe to ssh into the system?
  • how do I fix the web interface?

I hope someone will be able to help me.
I also made a reddit post reguarding this: https://www.reddit.com/r/Proxmox/comments/klozjc/trouble_with_remote_acces/
 
Last edited:

oguz

Proxmox Retired Staff
Retired Staff
Nov 19, 2018
5,207
695
118
And this time my ssh request didn't time out, but it warned me that the remote Host Identification has changed.
that's interesting. is your server configured with a static IP address? maybe it changed, that could be the cause of the error here.

maybe the server is already up, just with a different IP? you could scan for port 8006 and 22 on your network to find it if that's the case.
nmap -p22,8006 -v 10.0.0.0/24 (adjust the subnet)

normally this shouldn't happen though

you can also run ssh -v your.pve.host to see what's happening with ssh better.
 

m_l_s

New Member
Dec 28, 2020
2
0
1
22
that's interesting. is your server configured with a static IP address? maybe it changed, that could be the cause of the error here.

maybe the server is already up, just with a different IP? you could scan for port 8006 and 22 on your network to find it if that's the case.
nmap -p22,8006 -v 10.0.0.0/24 (adjust the subnet)

normally this shouldn't happen though

you can also run ssh -v your.pve.host to see what's happening with ssh better.
Hi, wow, thank you for your quick reply but I have checked in my router interface and there is just two devices connected to that network, and one is my VPN connection, the other one is connected over LAN which no other device but the server should be using.

when I run nmap this is my output:
Code:
Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-28 22:16 CET
Nmap scan report for [Router_IP]
Host is up (0.080s latency).
Not shown: 994 closed ports
PORT     STATE    SERVICE
9/tcp    filtered discard
53/tcp   open     domain
80/tcp   open     http
443/tcp  open     https
5060/tcp open     sip
8089/tcp open     unknown

Nmap scan report for [usual_proxmox_IP]
Host is up (0.060s latency).
Not shown: 998 closed ports
PORT   STATE    SERVICE
9/tcp  filtered discard
22/tcp open     ssh

Nmap scan report for [device_running command_IP]
Host is up (0.011s latency).
All 1000 scanned ports on [device_running_command_IP] are closed

Nmap done: 256 IP addresses (3 hosts up) scanned in 12.63 second
so as I understand it it does not find any other devices with that port open in may LAN (the webserver port usually is 8006)

running ssh -v gives me the following:
Code:
debug1: Connecting to [Server_IP] [[Server_IP]] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\[user]/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_ed25519-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_xmss type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\[user]/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7
debug1: Remote protocol version 2.0, remote software version dropbear_2018.76
debug1: no match: dropbear_2018.76
debug1: Authenticating to [Server_IP]:22 as 'root'                                                    
debug1: SSH2_MSG_KEXINIT sent                            
debug1: SSH2_MSG_KEXINIT received                        
debug1: kex: algorithm: curve25519-sha256                
debug1: kex: host key algorithm: ecdsa-sha2-nistp256          
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none                                                
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none                                        
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY                  
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:[wrong key]

edit: I screwed up the nmap command and fixed that
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!