Can't connect in SSH (but web admin works fine)

jibecfed · August 17, 2018, 10:18pm

My YunoHost configuration

Hardware: x64 Kimsufi OVH
Internet access: in a datacenter
YunoHost version:
yunohost: 3.1.0
yunohost-admin: 3.1.0
moulinette: 3.1.0
ssowat: 3.1.0
Have you personalized your yunohost with some specifics configurations or do you use only the yunohost cli/webadmin tool ? basic

I did install yunohost on domain.tld, then created and changed the default domain for portal.domain.tld then set domain.tld as default domain again.

Description of my problem

Connection to web admin works fine, but connection to ssh fails all the time, using the exact same password as the one used for web admin.

Reboot doesn’t change anything.

Connect to domain.tld, portal.domain.tld, ipv4 or ipv6 doesn’t change anything.

Accessing the sshd config file in rescue mode doesn’t show anything abnormal.

Here is my complete diagnosis: Webadmin > Tools -> Diagnosis

https://paste.yunohost.org/esalohifon

yolateng0 · August 25, 2018, 9:05am

hi
i have the same problem as you on ovh instance ssd 2018.
Only Root SSH Access is possible.

August 27, 2018 (Europe: Paris), August 26, 2018 (America: Los Angeles)

J ai changé les variables jails et port ssh dans Fail2ban.
Cela m’a permis d’accéder en login admin@mydomain.tld par SSH. -après avoir relancer le client fail2ban et fermer le port 22 en relancant le firewall-

est ce le cas pour aussi?

ps: est ce la fresh install de fail2ban qui peut limiter cette connection en admin? ou cela vient d OVH et des gestion vps et dédiés.

gannonwoto · August 29, 2018, 1:41pm

hi,

try :

ssh your_user@your_yunohost_@ip -vvvv
or better
ssh your_user@your_yunohost_@ip -i <path to your private key> -vvvv
If you have set up ssh key in your kimsufi account.

keoma · November 19, 2018, 10:08pm

Same issue here, on a Kimsuffi too. @yolateng0, can you provide more details about the jails and ssh ports modifications you made to make it work ?

I want my users to be able to use SSH so using the root user is not an option for me.

yolateng0 · November 21, 2018, 1:53pm

@keoma do you talk about differents users via SSH (yunohsot users) or just user Root and Admin?
2nd situation user admin: this solution Impossible SSH admin on VPS OVH ‘ssh: Could not resolve hostname service’

1rt situation differents user: chan New app ssh_chroot_dir

keoma · November 21, 2018, 2:12pm

@yolateng0 Thank you for your answer.

I was talking about YunoHost users.

From https://yunohost.org/#/ssh I though that running the following command would enable ssh access to YunoHost users rather than using another app.

yunohost user ssh allow <username>

yolateng0 · November 21, 2018, 2:20pm

follow the second situation if you want you can so create an user, given to it a directory, fix a maximum space available for this user (without partitioning of your hard drive). Then allow this user to connect to this directory, and only to this directory, by ssh or sftp.

also you can created a possibility for a another user allowed ssh access.
Like you want.

yunohost user ssh allow username

The user must exist.

but sometime there is problem with no access ssh. It is possible to reinstall the ssh access for the Admin account by installing the libpam-ldapd package (no other) on vps ovh

sudo apt install libpam-ldapd