Unable to SSH into Server
Stephen Partington
cryptworks at gmail.com
Tue Oct 22 10:26:55 MST 2024
thats strange. you cannot incorporate a sudo -u apache into the mix? how
does vs-code work with its ssh protocols?
On Tue, Oct 22, 2024 at 1:25 PM <techlists at phpcoderusa.com> wrote:
> Hi,
>
> I appreciate all the feedback. There is more to the story.
>
> I am running a 10 year old Dell that is my daily driver. It has Kubuntu
> installed on it.
>
> I have a MSW10 laptop on my private network that I have installed
> VirtualBox on.
>
> I am a PHP developer so I use LAMP to further my goals of PHP dev.
> Ultimately I want to have a LAMP config that allows me to use Visual
> Studio Code to edit remotely. That requires the SSH user needs to be
> the owner of the Apache virtual host docroot directories and file.
>
> That way there is no ownership issues while uploading and downloading
> files or adding, modifying, or removing directories.
>
> I've got to the point of building out the default vhost and used that to
> create a second vhost and modifying it to became a full fledged Apache
> vhost.
>
> It is my understand that i still need to complete 3 more steps and i
> will have a vhost where the owner of the directories and file will also
> be configured as SSH.
>
> The 3 things I think I need to accomplish:
>
> 1) Add a user and configure it to use SSH.
> 2) Configure each vhost to use PHP-FPM.
> 3) Limit the User to the docroot of it's virtual host. (ChrootDirectory)
>
> I am using a clone of the LAMP server so I am going to remove it and
> create another close and start by trying to create a use that has SSH
> access and a home directory.
>
> Then I think I should work on limiting that user to the vhost that is
> designated to work with.
>
>
>
> Then finish up by installing configuring the vhost to use PHP-FPM.
>
> Any thought are much appreciated!!
>
> Keith
>
>
>
> On 2024-10-22 07:21, Stephen Partington via PLUG-discuss wrote:
> > The sshd pam setting is the one you want to make sure works because
> > that appears to link sshd access to valid system users for ssh access.
> >
> > This is a link to my bog stock login. and any user I create (as a
> > system user) can access via SSH. except for root. but root cannot even
> > log in at this point.
> >
> > Ubuntu Stock sshdconfig [1]
> >
> > On Tue, Oct 22, 2024 at 2:32 AM Rusty Carruth via PLUG-discuss
> > <plug-discuss at lists.phxlinux.org> wrote:
> >
> >> 'for fun' I pasted the text of your email in to chatgpt, it had some
> >> interesting advice:
> >>
> >> Verify User Exists: - probably not your problem.
> >>
> >> Check User's Shell: Ensure that the user "default" has a valid
> >> shell. You can check the user's entry in /etc/passwd
> >> Good suggestion, imho, but you did imply you'd logged in as the
> >> user, so this is also (probably) a red herring.
> >>
> >> Home Directory: Ensure the user "default" has a home directory.
> >>
> >> SSH Key/Password: If you're trying to log in using SSH keys, ensure
> >> that the public key is correctly placed in
> >> /home/default/.ssh/authorized_keys and that the permissions are set
> >> correctly
> >> - since you've not logged in via SSH, this is probably also a
> >> herring.
> >>
> >> However, the suggestion: If you’re using password authentication,
> >> make sure the user has a password set Might be helpful.
> >> I'm skipping firewall suggestion.
> >> Log Files: Since /var/log/faillog is empty, also check
> >> /var/log/auth.log for any messages related to SSH login attempts
> >> - very good idea.
> >>
> >> Three's more, but I'm guessing the log files are the most likely
> >> place to start, after the suggestions everyone else gave.
> >>
> >> On 10/21/24 23:22, Rusty Carruth via PLUG-discuss wrote:
> >> The other questions are all great, but can you ssh from the server
> >> to itself as the desired user? That is, ssh theSSHdude at localhost ,
> >> which should hopefully rule out network issues ;-)
> >>
> >> I'll also mention that I had a weird issue with SSH where I could
> >> ssh from machine A to machine B, but not from B to A! THAT turned
> >> out to be a netmask issue! And ChatGPT ALMOST got the answer. You
> >> could try your favorite AI to see if it can help, but be sure to
> >> give it more info than you think you should - I should have given it
> >> the output of ifconfig on both computers and it probably would have
> >> caught it....
> >>
> >> On 10/21/24 18:46, Keith Smith via PLUG-discuss wrote:
> >> Hi,
> >>
> >> I am a little stuck.
> >>
> >> I am trying to configure a user that will allow me to log into an
> >> Ubuntu 24.04lts server via SSH.
> >>
> >> I created a line : "AllowUsers default" in /etc/ssh/sshd_config
> >>
> >> Then sudo systemctl restart ssh
> >>
> >> Try to login and get "client_loop: send disconnect: Broken pipe"
> >>
> >> sudo tail /var/log/faillog returns nothing.
> >>
> >> I can SSH into the server from my Kubuntu desktop under the default
> >> user created during server o/s install
> >>
> >> A search says it is probably a network issue. Does not make sense
> >> given I can SSH in using another user.
> >>
> >> Any thoughts are much appreciated.
> >>
> >> Keith
> >>
> >> ---------------------------------------------------
> >> PLUG-discuss mailing list: PLUG-discuss at lists.phxlinux.org
> >> To subscribe, unsubscribe, or to change your mail settings:
> >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> >> ---------------------------------------------------
> >> PLUG-discuss mailing list: PLUG-discuss at lists.phxlinux.org
> >> To subscribe, unsubscribe, or to change your mail settings:
> >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> > ---------------------------------------------------
> > PLUG-discuss mailing list: PLUG-discuss at lists.phxlinux.org
> > To subscribe, unsubscribe, or to change your mail settings:
> > https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> >
> > --
> > A mouse trap, placed on top of your alarm clock, will prevent you from
> > rolling over and going back to sleep after you hit the snooze button.
> >
> > Stephen
> >
> >
> >
> > Links:
> > ------
> > [1]
> >
> https://drive.google.com/open?id=1VadPv7RzeJZQca89aTi5yIJ5F76V49_gkJ_vGgZCt9U
> > ---------------------------------------------------
> > PLUG-discuss mailing list: PLUG-discuss at lists.phxlinux.org
> > To subscribe, unsubscribe, or to change your mail settings:
> > https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20241022/b9bcb5ed/attachment.htm>
More information about the PLUG-discuss
mailing list