Ssh root login = YES, pleasse

o_antonio_o · April 13, 2023, 4:19am

I tried to edit sshd_config but it didn’t work.
Is any more step necessary?

Can you explain to me how to grant login permission to the root user again without a key?

Please save yourself talking to me about security, I’m not going to jump off the roof.

All the best

Thank you

Wibol · April 13, 2023, 8:36am

If you were able to log in to the “root” account without a password and now you can’t, it is because you were using a certificate for login. This may have expired or disappeared from one of the 2 computers.

In any case, it is much safer to log in to the “admin” account and then escalate via “su”.

eris · April 13, 2023, 8:49am

PermitRootLogin yes
PasswordAuthentication yes

o_antonio_o · April 13, 2023, 12:43pm

No eris, I asked after trying this option.

I thought that hestia would have some hidden configuration, so I asked in the forum.

By SFTP I can log in with admin, but of course… it’s useless because with SFTP I can’t change user after logging in.
By SFTP if I choose root user, it tells me that passwd is wrong, but I already changed root’s passwd 20 times.
With putty I can’t log in with admin or root or with any user.

Putty at least returns an error that I don’t quite understand.
Couldn´t agree a host key algorithm (available;rsa-sha2-512…)

I have root access because it is a container. First I enter the server and from the server I have to go to the container, but there is no way directly to the container.

and yes!!!, hestiaCP works perfectly from http and the network is perfectly functional

Raphael · April 13, 2023, 12:51pm

HestiaCP doesnt change the ssh configuration in relation to root login, there are no hidden configs. Also by OS default is root login with password disabled - so if you configure the value PermitRootLogin properly (yes), login with password will work.

I don’t think that your issue is related to hestia, as we do not touch any root login relevant part. So it sounds more like a local issue, where I’m not realy aware about your setup.

You can maybe check your auth.log, which could provide more informations why you can’t login.

o_antonio_o · April 13, 2023, 1:00pm

Yeah! That’s how I understood it seeing the answer of ‘eris’.

I’m trying to find a solution, although it’s strange…
all users with ssh login permission can login and root impossible.

I’ll keep looking, thanks

o_antonio_o · April 13, 2023, 1:14pm

I already found the problem, and it was very ‘dumb’
It turns out that you have to put

AllowRootLogin yes
Password Authentication yes

before Match User ****************
the final lines that hestia put in sshd_config

"here it works"

Match User sftp_dummy99,********
ChrootDirectory %h
    X11Forwarding no
    AllowTCPForwarding no
    ForceCommand internal-sftp

"it doesn't work here"

I’m used to putting my settings at the end of the file to remember that they are my changes.
And that’s how I always do it and it works, but in this case, since you put it right at the end, it doesn’t work.

jlguerrero · April 13, 2023, 3:51pm

You.can drop your changes in the corresponding .d directory.

o_antonio_o · April 13, 2023, 8:15pm

I imagine that it refers to the line

Include /etc/ssh/sshd_config.d/*.conf

I mean! I create a file called for example
my-changes.conf

and everything to work?
I have to try it

Thanks for your suggestion, I really didn’t know that this include was for that.

brilliant,

all the best

jlguerrero · April 13, 2023, 10:08pm

This way, your config will not be touched if the file is edited and you can easily deploy your files in a new server instantly.

system · May 13, 2023, 10:09pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.