Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 834
  • Last Modified:

Linux Security: Help I have lost SSH access to my server

Dear Experts,
I have a stand alone server hosted by an external company.

Linux CENTOS.

We have suddenly lost SSH access.  We also cannot login with the root password through cPanel control panel.

We are told all the files and folders have been changed to the permission 777 which "breaks" the server.

Is this the final story or is there any way to get back control of the server?
Best Wishes,
Phil
0
PTRUSCOTT
Asked:
PTRUSCOTT
1 Solution
 
farzanjCommented:
You should use Putty to access your server via command line.

Yes, 777 is not just a terribly bad idea but if it can break many things.   In particular, if you have public-private key mechanism enabled, it would quit working if your .ssh folder and/or files in it have world write permissions.  They have to have as restrictive permissions as possible.

Certain other mechanisms like SELinux also disble access if permissions are too open.
If you made 777 for everything on the server, you need to either get backup to the old settings or if you don't have a good backup, reinstall anyway.

See if it would manually let you access though command line or through console.
0
 
PTRUSCOTTAuthor Commented:
When I try to use PuTTY.esxe with the old settings (root user name) and port 22.

I get the following error message:

PuTTY fatal error message:

"Server Unexpectedly closed network connection"

Is there some PuTTY configuration to get accesss in this situation?
Best Wishes,
Phil
0
 
farzanjCommented:
Do you have any other user besides root that you may use to login?  Once you get into the system, you can change user.

You need to use some utility to see if ssh is even up.  Do you have a Linux client or only Windows?

Use telnet to see if the port is advertised.
telnet server.com 22

Ping the machine to see if it is even running.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
arnoldCommented:
Console access is the only way.  Does the remote provider have an IP KVM that can be used to access the console?
Depending on the system maker, does it have DRAC, ILOM, LOM type of access?
It had to have been configured and the remote provider would ........

Can you go on site?

The remaining option is either have their support staff work on it if available, r have the system shipped to you,
0
 
MazdajaiCommented:
As other experts have mentioned, your only option is to try ssh in with other users and su to root.

But in the end the box still require a reinstall from a console because it is nearly impossible to fix the permission.
0
 
tfewsterCommented:
Reinstall and restore from backups is probably the quickest way, But for info - rpm can restore ownership and permissions of OS files:

for RPM in $(rpm -qa); do rpm --setugids --setperms $RPM; done

Open in new window


But to be able to do that you have to log in and I think the login program needs to be setuid root which `chmod 777` will have broken. You may be able to get in in single-user mode, or boot from CD and fix enough program permissions to log in.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now