Well, I locked myself out of ssh somehow

  • Hi, I have omv 6.0.25-1 (Shaitan) running on a RPi3, I set this up a couple years ago. It's in a location that I return to once a year, and when I left it last season it was running fine. Shut it down while we were away for five months, and I booted it when we got back for this year's season and it's up and running cheerfully. I can access it via the WebGUI, but for some reason I can't log in via ssh. My normal username on OMV is "jack" which is a member of the ssh group. But the server rejects my attempts at password and I'm using the same password that I noted the last time I was here. Likewise the username "admin" is failing at ssh password challenge. I've gone into Users and changed the "jack" password and tried via ssh again, no go. So, in short, I have ssh server running on OMV, I have full admin access via webGUI, but I can't get in via ssh. Might anyone here lend a hand? Thank you!

    • Official Post

    Hi, I have omv 6.0.25-1 (Shaitan) running on a RPi3, I set this up a couple years ago. It's in a location that I return to once a year, and when I left it last season it was running fine. Shut it down while we were away for five months, and I booted it when we got back for this year's season and it's up and running cheerfully. I can access it via the WebGUI, but for some reason I can't log in via ssh. My normal username on OMV is "jack" which is a member of the ssh group. But the server rejects my attempts at password and I'm using the same password that I noted the last time I was here. Likewise the username "admin" is failing at ssh password challenge. I've gone into Users and changed the "jack" password and tried via ssh again, no go. So, in short, I have ssh server running on OMV, I have full admin access via webGUI, but I can't get in via ssh. Might anyone here lend a hand? Thank you!

    If you changed the password, and jack is in the SSH group, there's no logical reason you shouldn't be able to SSH in (that I can think of). What client are you using to SSH in? Also, do you have docker running on the Pi?

  • KM0201

    Added the Label OMV 6.x
  • Thank you for providing insight. No, I do not have Docker running. I don't use an ssh client, I just use a Terminal -- which works for accessing every other darn Windows and Linux boxes I have to administer -- like this:


    $ ssh jack@the.ip.add.ress


    And it returns asking for jack's password.


    After so many failed attempts, jack has been blocked. A nice email from OMV says I can unlock me via the omv-firstaid command, which I seem to think is a command line thing, and it's getting to a command line that is presently a challenge.


    In the GUI I have reset jack's password, and still not getting anywhere.

  • Your curiosity is not morbid. It is wise.


    So in the WebGUI I created a new user, gave it an easy-to-remember password, made sure it was a member of the ssh group, Saved and Applied the settings. Waited for the dust to settle and tried connecting via ssh from command line from another computer on the network.


    ssh newusername@ipaddress


    It asked for password, I put in password, it said Permission denied, please try again.


    This is frustrating.

  • It asked for password, I put in password, it said Permission denied, please try again.

    Do you have fail2ban running?


    Try to reset it.

    • Official Post

    One more question.. under Services/SSH in the webUI, what port is SSH running on? Default is 22. So if it's not 22, change it to 22 and see if you can SSH in. If it's 22, you don't need to identify the port, since it is default.


    If it is 22, maybe try moving it to another port (say, 25) and see if you can SSH in with ssh username@ip.address:25

  • A worthy experiment! It is enabled on Port 22. So, I will move it to Port 25 , save and apply the setting, and re-try. One moment . . .

    Code
    % ssh thatjack@192.168.100.22 -p 25
    ssh: connect to host 192.168.100.22 port 25: Connection refused

    What the heck? If it's not one thing, it's another. OMV > Services > ssh shows ssh Enabled and on Port 25.

  • Moving SSH to port 25 may not work. Postfix is already using it.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

  • Well then, by golly I'll try 8989! Aaaaand -- it works! I dunno why Port 22 has decided to be difficult, I can stick to 8989 until I feel like sorting out 22. Thank you all for the assistance. Now I can get around to doing what I was trying to do in the first place before I got stymied by 22's intransigence!

    • Official Post

    I dunno why Port 22 has decided to be difficult

    This will tell you which process is using port 22:

    ss -lptn 'sport = :22'

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!