Page 1 of 1
Incorrect Password after configuring sshd.config
Posted: 2018/05/21 11:31:51
by CollyZ
I got brutal forced access last night by 5.188.10.185(
https://www.abuseipdb.com/check/5.188.10.185), luckily they did't got the password
today im thinking about updating my sshd config to make it more safe, I edited
Code: Select all
vi /etc/ssh/sshd_config
Port 25762
PermitRootLogin nope
AllowUsers CollyZ
PermitEmptyPasswords no
UsePAM no
X11Forwarding no
UseDNS no
Protocol 2
MaxAuthTries 3
MaxSessions 2
and finally
Code: Select all
:wq!
systemctl restart sshd.service
after that, i remained the ssh session which i opened on SecureCRT, root access
I opened another session: the server refused to connect, and i thought i didn't add port 25762 to the firewall exception, i changed config back to port 22 and tried again, this time it worked and let me input the password of non-root account, which i did and did it correctly. then it said username and password authentication failed.
Root password also failed
Now I can only access root and normal user on noVNC by server provider, what should I do now?
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 12:34:00
by mghe
Did You changed port in selinux?,
$ sudo semanage port -l | grep ssh
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 16:48:22
by CollyZ
mghe wrote:Did You changed port in selinux?,
$ sudo semanage port -l | grep ssh
No, things i did before are
Install openssl
Install easy-rsa
Install OpenVPN
Install firewalld
Create 2 users
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 17:26:55
by TrevorH
PermitRootLogin nope
While you may understand that 'nope' is a synonym for no, I rather suspect that sshd is not so canny,
Port 25762
You need to tell selinux that sshd is allowed to use that port. Read
man semanage-port and the grep you were given and use the existing port definitions to set up the new one.
Safest thing to do is to generate ssh key pairs for all your users, including root and install those on the server and test them to make sure they work and then disable password authentication altogether. If you must login as root via ssh then use
PermitRootLogin without-password so that root cannot login except by using the keys.
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 18:43:00
by CollyZ
TrevorH wrote:
PermitRootLogin nope
While you may understand that 'nope' is a synonym for no, I rather suspect that sshd is not so canny,
Port 25762
You need to tell selinux that sshd is allowed to use that port. Read
man semanage-port and the grep you were given and use the existing port definitions to set up the new one.
Safest thing to do is to generate ssh key pairs for all your users, including root and install those on the server and test them to make sure they work and then disable password authentication altogether. If you must login as root via ssh then use
PermitRootLogin without-password so that root cannot login except by using the keys.
Code: Select all
# semanage port -d -t ssh_port_t -p tcp 25762
?
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 18:44:30
by TrevorH
# semanage port -d -t ssh_port_t -p tcp 25762
That would delete a port definition.
Re: Incorrect Password after configuring sshd.config
Posted: 2018/05/21 19:02:24
by CollyZ
TrevorH wrote:
# semanage port -d -t ssh_port_t -p tcp 25762
That would delete a port definition.
oops, should be an -a
thank you very much, problem solved
