Improve company productivity with a Business Account.Sign Up

x
?
Solved

Linux Security: Help I have lost SSH access to my server

Posted on 2013-06-15
6
Medium Priority
?
869 Views
Last Modified: 2014-07-16
Dear Experts,
I have a stand alone server hosted by an external company.

Linux CENTOS.

We have suddenly lost SSH access.  We also cannot login with the root password through cPanel control panel.

We are told all the files and folders have been changed to the permission 777 which "breaks" the server.

Is this the final story or is there any way to get back control of the server?
Best Wishes,
Phil
0
Comment
Question by:PTRUSCOTT
6 Comments
 
LVL 31

Expert Comment

by:farzanj
ID: 39249791
You should use Putty to access your server via command line.

Yes, 777 is not just a terribly bad idea but if it can break many things.   In particular, if you have public-private key mechanism enabled, it would quit working if your .ssh folder and/or files in it have world write permissions.  They have to have as restrictive permissions as possible.

Certain other mechanisms like SELinux also disble access if permissions are too open.
If you made 777 for everything on the server, you need to either get backup to the old settings or if you don't have a good backup, reinstall anyway.

See if it would manually let you access though command line or through console.
0
 
LVL 1

Author Comment

by:PTRUSCOTT
ID: 39249815
When I try to use PuTTY.esxe with the old settings (root user name) and port 22.

I get the following error message:

PuTTY fatal error message:

"Server Unexpectedly closed network connection"

Is there some PuTTY configuration to get accesss in this situation?
Best Wishes,
Phil
0
 
LVL 31

Expert Comment

by:farzanj
ID: 39249820
Do you have any other user besides root that you may use to login?  Once you get into the system, you can change user.

You need to use some utility to see if ssh is even up.  Do you have a Linux client or only Windows?

Use telnet to see if the port is advertised.
telnet server.com 22

Ping the machine to see if it is even running.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
LVL 82

Expert Comment

by:arnold
ID: 39249836
Console access is the only way.  Does the remote provider have an IP KVM that can be used to access the console?
Depending on the system maker, does it have DRAC, ILOM, LOM type of access?
It had to have been configured and the remote provider would ........

Can you go on site?

The remaining option is either have their support staff work on it if available, r have the system shipped to you,
0
 
LVL 21

Accepted Solution

by:
Mazdajai earned 2000 total points
ID: 39249977
As other experts have mentioned, your only option is to try ssh in with other users and su to root.

But in the end the box still require a reinstall from a console because it is nearly impossible to fix the permission.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 40200795
Reinstall and restore from backups is probably the quickest way, But for info - rpm can restore ownership and permissions of OS files:

for RPM in $(rpm -qa); do rpm --setugids --setperms $RPM; done

Open in new window


But to be able to do that you have to log in and I think the login program needs to be setuid root which `chmod 777` will have broken. You may be able to get in in single-user mode, or boot from CD and fix enough program permissions to log in.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Cron is one of the most popular and basic utilities found on Unix systems. Combined with other tools, cron makes it exceptionally easy to automate a broad range of tasks on your server.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question