SSH incorrect password?
Hello folks,
We've got several cPanel servers, but just one started acting up all of the sudden.
We've got full WHM access, its a self-managed server on a VPS. We have root access and logging in on WHM/cPanel is no problem.
However, if we try to connect over SSH, it keeps asking for the password (as if its incorrect).
That same username/password combination has no problem to log in to the cPanel account
The same is true for the root user, we can log in to WHM but not onto SSH.
It just keeps asking for the password.
This started happening recently (after some of the updates, we guess).
We've tested other servers, we can connect without problem (to rule out problems with our ssh client).
Trying to connect from a different server to this one yields the same results (to rule out firewall stuff).
Rebooting service / server gave no unexpected messages nor did it help.
The user is added to the wheelgroup and has SSH access enabled in its account.
SSH Password Authorization Tweak is enabled, we've tried disabling it (it gave a permission denied error when trying to connect over SSH) and then re-enabling it, no changes.
Anyone have an idea what to look for (relevant logs?)? It gives no error response of any kind, just keeps prompting for the password.
-
Hi @Steven Lukas Are you using the cPanel user to try and access SSH or are you using root w/the root password? SSH Password Authorization Tweak is enabled, we've tried disabling it (it gave a permission denied error when trying to connect over SSH) and then re-enabling it, no changes.
This being enabled is probably good at this specific point as it being enabled means you can access the server using the password.Anyone have an idea what to look for (relevant logs?)? It gives no error response of any kind, just keeps prompting for the password.
If this is a cPanel user you're attempting to access the server with and you have access with the root user it makes things a bit easier to troubleshoot/var/log/messages
could give you some indication of what's occurring but it may be best to look in the following: 1./etc/ssh/sshd_config
check for any modifications/customizations 2/etc/sudoers
for wheel users the following should be uncommented and appear as follows:%wheel ALL=(ALL) ALL
More information on wheel users can be found in the documentation here: Manage Wheel Group Users - Version 78 Documentation - cPanel Documentation0 -
Hi, thanks for your reply and sorry for the late response. I have no root / cpanel-user ssh-access on the server, both give the same problem that the password would be incorrect (yet the credentials DO work to get into whm / cpanel). Luckily I have direct keyboard access (and thus root) to the server. I checked the Log, and it told me all I needed to know "Brute force detection active: 580 Login Denied -- Excessive Failures -- Ip Temp Banned" Apparantly, the first few attempts to login where actually incorrect. By the time we tried to login as root, we were already blocked ofcourse ... Whitelisted in CPHulk (should have been my first guess) and all is well again. Thanks for getting us in the right direction 0
Please sign in to leave a comment.
Comments
2 comments