Solved SSHD won't start: Corrupt authorized_key file

Lamia

Active Member

Thanks: 21
Messages: 150

#1
I added a public key to authorized keys for my PC and reloaded->restarted sshd. Since then my sshd won't run. NMAP no longer shows that the non-default port is available/opened. I have restarted the PC a number of times but no luck. I cannot login via ssh VPS. I deleted some keys and added one, which actually looked weird before added it.

My inkling is to boot to rescue mode, mount home, and may be etc, remove the key and restart the PC. I am wanting you to guide me on what and how to mount the partitions/dirs. I would want to know how to revert back; so, a complete guide with commands to restore my PC will be appreciated. I have tried mounting/unmounting at the rescue mode before but I want to be more cautious than before.
 

ShelLuser

Son of Beastie

Thanks: 1,389
Messages: 2,958

#3
Also don't rely on something as crude as nmap. Just run # sockstat -4l on the host to see exactly which ports are currently being used. It might be a configuration error, in which case you should be able to see something mentioned in /var/log/messages or /var/log/auth.
 
OP
OP
Lamia

Lamia

Active Member

Thanks: 21
Messages: 150

#4
Where did you added it in? In ~/.ssh/authorized_keys?
YES!
What do you see when you (re)start sshd in /var/log/auth.log
Since I restarted the sshd & PC, I no longer have access to it. I cannot not connect via ssh. All services are running but not the sshd (at least its port in no longer available). Every attempt to connect shows timeout.
 
OP
OP
Lamia

Lamia

Active Member

Thanks: 21
Messages: 150

#5
Also don't rely on something as crude as nmap. Just run # sockstat -4l on the host to see exactly which ports are currently being used. It might be a configuration error, in which case you should be able to see something mentioned in /var/log/messages or /var/log/auth.
Sure! sockstat -4l if I am on ternimal of the PC.
Since I restarted the sshd & PC, I no longer have access to it. I cannot not connect via ssh. All services are running but not the sshd (at least its port in no longer available). Every attempt to connect shows connection timeout.
 
OP
OP
Lamia

Lamia

Active Member

Thanks: 21
Messages: 150

#6
Fixed!
SSHguard blacklisted my IP address. I had to remove the IP address via the rescue mode. My ISP rotates the Public IP addresses so that makes it difficult for me to enter a range of IP addresses as allowed_ips.

Thanks to you all.
 

aragats

Aspiring Daemon

Thanks: 349
Messages: 875

#7
You could write a couple of scripts in both VPS and your home PC to let the server know your current IP address.
IMO the easiest way is accessing a particular web page with a cron task from your home PC, i.e. a very long URL on your VPS (if you have a web server running).
I'm using that approach to have a simple dynamic DNS.
 
OP
OP
Lamia

Lamia

Active Member

Thanks: 21
Messages: 150

#8
You could write a couple of scripts in both VPS and your home PC to let the server know your current IP address.
IMO the easiest way is accessing a particular web page with a cron task from your home PC, i.e. a very long URL on your VPS (if you have a web server running).
I'm using that approach to have a simple dynamic DNS.
I would like that, particularly now that I am using a vpn_via_ssh and wanting my client IP address to be automatically updated on the server.
I know that a few VPN providers over a deamon that periodically push updates _IP address changes - to their servers.
You mind sharing it with me?
 

aragats

Aspiring Daemon

Thanks: 349
Messages: 875

#9
My VPS runs apache with php anyway, so I use this simple php script below which runs a shell script to update dns/maradns db.
Of course, your task is slightly different, so you'll need to create the corresponding shell script.
Code:
<?php
$secreturl = "d8e8fca2dc0f896fd7cb4cb0031ba249";
$ipupdatecmd = "/usr/local/etc/maradns/update.ip";
$request = "null";

$ipaddress = $_SERVER["REMOTE_ADDR"];
if (isset($_GET['request']))
    $request = $_GET["request"];

if ($request == $secreturl)
    $res = shell_exec("$ipupdatecmd $ipaddress");
?>
Then in your home PC you can periodically run
fetch -o test http://myvps.com/?request=d8e8fca2dc0f896fd7cb4cb0031ba249
or
curl -X GET http://myvps.com/?request=d8e8fca2dc0f896fd7cb4cb0031ba249
or whatever web client you may like (www/links, www/w3m etc).

Of course, this is not perfect and can be improved in various ways, e.g. you can change $secreturl after every request etc.
 
Top