Skip to main content

Can't connect ssh after server compromised

Comments

3 comments

  • rpvw
    Hello, If you are unable to log into SSH but WHM is accessible, there is a script that will provide a minimal, default configuration of SSH to allow you to log in again. To use this script, you append the following to the url for WHM:
    /scripts2/doautofixer?autofix=safesshrestart
    For example, if your server's address is 1.2.3.4, this url will provide a temporary ssh instance that will allow login:
    https://1.2.3.4:2087/scripts2/doautofixer?autofix=safesshrestart
    Take note of the output from running that script, as it may restart ssh on a port other than 22 if somehow the previous ssh instance is still running.

    You probably will also want to read: Why can't I clean a hacked machine - cPanel Knowledge Base - cPanel Documentation
    0
  • cPanelMichael
    Hello, The document referenced on the previous post is the best place to start: Why can't I clean a hacked machine - cPanel Knowledge Base - cPanel Documentation Additionally, you could try the workaround quoted in the previous response if you have access to WHM and want to start a default instance of SSH. Thank you.
    0
  • KanyonBT
    "ok te?ekk"r ederim. a?a??daki url sayesinde ssh oturum a"ma ba?ar?l? /scripts2/doautofixer?autofix=safesshrestart
    0

Please sign in to leave a comment.