What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12
How are you able to access your server: SSH
I’m posting here in hopes of fixing my mistake and learning from it.
How it all began: I decided to move my Ghost CMS blog to another, higher-specced VPS (let’s call it VPS-2), that is running Yunohost 12.
I connected via SSH from my laptop to the original host (VPS-1, running YH11) and wanted to accomplish my goal with sudo mc
to move files from VPS-1 to VPS-2 (specifically, pictures, located in /var/www/ghost/content/images ) , when I encountered this issue:
“sftp: failure establishing SSH session (-5)”
So this is the problem that I was trying to originally solve.
The fact that I was using a regular SSH connection just fine, but not SFTP, led me to the conclusion that Yunohost’s firewall is restricting outbound SFTP connections, even though inbound SSH (port 22) is allowed. sudo yunohost firewall list
gave me:
opened_ports:
- 22
- 25
- 53
- 80
- 443
- 587
- 993
- 5222
- 5269
- 5353
Basically, as I was trying to troubleshoot an SFTP issue, I felt overly confident at asking Perplexity questions … The AI told me that yunohost firewall list
shows only inbound ports and added: “I am not confident about the Yunohost way of handling outbound connections.” So we messed with iptables a little and then Perplexity suggested that I should install iptables-persistent using the following commands:
sudo apt-get install iptables-persistent
sudo dpkg-reconfigure iptables-persistent
// There was a warning that essential packages like yunohost and yunohost-admin would be removed, but didn’t really pay attention Instead of stopping and thinking, I typed “Yes, do as I say!” like an idiot. The installation proceeded, and now my Yunohost web admin panel is gone.
I realize now that blindly trusting AI instructions without fully understanding the implications was a terrible idea. this was 100% my fault for not reading (and not thinking!)
Current Situation
My Ghost blog is still online (thankfully), but I can no longer access the Yunohost web admin panel.
Should I try sudo apt install yunohost
? Or should I touch /etc/yunohost/installed
, as the solution here suggests?
I appreciate any advice or guidance you can provide. Thank you for taking the time to read this . these were my last commands:
sudo yunohost firewall list
sudo iptables -S | grep ESTABLISHED
sudo iptables -S | grep RELATED
sudo yunohost firewall add <myIP> --direction outgoing
sudo yunohost firewall allow <myIP> --port 22 --direction outgoing
sudo iptables -A OUTPUT -d <myIP> -p tcp --dport 22 -j ACCEPT
sudo iptables -S | grep '<myIP>'
sudo apt-get install iptables-persistent
sudo dpkg-reconfigure iptables-persistent
sudo apt-get install iptables-persistent
sudo dpkg-reconfigure iptables-persistent
sudo mc ## this is where I realized what happened and started to panic, backed up and messed with the sshd_config file (I didn't edit it, just wanted to regenerate)
mcedit /etc/ssh/sshd_config
cp /etc/ssh/sshd_config /tmp/1
sudo yunohost tools regen-conf ssh --force
yunohost tools regen-conf ssh --force
sudo mc
history