Incorrect Password after configuring sshd.config

General support questions
Post Reply
CollyZ
Posts: 14
Joined: 2018/05/21 11:16:34

Incorrect Password after configuring sshd.config

Post by CollyZ » 2018/05/21 11:31:51

I got brutal forced access last night by 5.188.10.185(https://www.abuseipdb.com/check/5.188.10.185), luckily they did't got the password
today im thinking about updating my sshd config to make it more safe, I edited

Code: Select all

vi /etc/ssh/sshd_config
Port 25762
PermitRootLogin nope
AllowUsers CollyZ
PermitEmptyPasswords no
UsePAM no
X11Forwarding no
UseDNS no
Protocol 2
MaxAuthTries 3
MaxSessions 2
and finally

Code: Select all

:wq!
systemctl restart sshd.service
after that, i remained the ssh session which i opened on SecureCRT, root access
I opened another session: the server refused to connect, and i thought i didn't add port 25762 to the firewall exception, i changed config back to port 22 and tried again, this time it worked and let me input the password of non-root account, which i did and did it correctly. then it said username and password authentication failed.

Code: Select all

PermitRootLogin yes
Root password also failed
Now I can only access root and normal user on noVNC by server provider, what should I do now?

mghe
Posts: 708
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: Incorrect Password after configuring sshd.config

Post by mghe » 2018/05/21 12:34:00

Did You changed port in selinux?,

$ sudo semanage port -l | grep ssh

CollyZ
Posts: 14
Joined: 2018/05/21 11:16:34

Re: Incorrect Password after configuring sshd.config

Post by CollyZ » 2018/05/21 16:48:22

mghe wrote:Did You changed port in selinux?,

$ sudo semanage port -l | grep ssh
No, things i did before are
Install openssl
Install easy-rsa
Install OpenVPN
Install firewalld
Create 2 users

User avatar
TrevorH
Forum Moderator
Posts: 23669
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Incorrect Password after configuring sshd.config

Post by TrevorH » 2018/05/21 17:26:55

PermitRootLogin nope
While you may understand that 'nope' is a synonym for no, I rather suspect that sshd is not so canny,
Port 25762
You need to tell selinux that sshd is allowed to use that port. Read man semanage-port and the grep you were given and use the existing port definitions to set up the new one.

Safest thing to do is to generate ssh key pairs for all your users, including root and install those on the server and test them to make sure they work and then disable password authentication altogether. If you must login as root via ssh then use PermitRootLogin without-password so that root cannot login except by using the keys.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

CollyZ
Posts: 14
Joined: 2018/05/21 11:16:34

Re: Incorrect Password after configuring sshd.config

Post by CollyZ » 2018/05/21 18:43:00

TrevorH wrote:
PermitRootLogin nope
While you may understand that 'nope' is a synonym for no, I rather suspect that sshd is not so canny,
Port 25762
You need to tell selinux that sshd is allowed to use that port. Read man semanage-port and the grep you were given and use the existing port definitions to set up the new one.

Safest thing to do is to generate ssh key pairs for all your users, including root and install those on the server and test them to make sure they work and then disable password authentication altogether. If you must login as root via ssh then use PermitRootLogin without-password so that root cannot login except by using the keys.

Code: Select all

# semanage port -d -t ssh_port_t -p tcp 25762
?

User avatar
TrevorH
Forum Moderator
Posts: 23669
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Incorrect Password after configuring sshd.config

Post by TrevorH » 2018/05/21 18:44:30

# semanage port -d -t ssh_port_t -p tcp 25762
That would delete a port definition.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

CollyZ
Posts: 14
Joined: 2018/05/21 11:16:34

Re: Incorrect Password after configuring sshd.config

Post by CollyZ » 2018/05/21 19:02:24

TrevorH wrote:
# semanage port -d -t ssh_port_t -p tcp 25762
That would delete a port definition.
oops, should be an -a
thank you very much, problem solved :P

Post Reply