If you were able to log in to the “root” account without a password and now you can’t, it is because you were using a certificate for login. This may have expired or disappeared from one of the 2 computers.
In any case, it is much safer to log in to the “admin” account and then escalate via “su”.
I thought that hestia would have some hidden configuration, so I asked in the forum.
By SFTP I can log in with admin, but of course… it’s useless because with SFTP I can’t change user after logging in.
By SFTP if I choose root user, it tells me that passwd is wrong, but I already changed root’s passwd 20 times.
With putty I can’t log in with admin or root or with any user.
Putty at least returns an error that I don’t quite understand.
Couldn´t agree a host key algorithm (available;rsa-sha2-512…)
I have root access because it is a container. First I enter the server and from the server I have to go to the container, but there is no way directly to the container.
and yes!!!, hestiaCP works perfectly from http and the network is perfectly functional
HestiaCP doesnt change the ssh configuration in relation to root login, there are no hidden configs. Also by OS default is root login with password disabled - so if you configure the value PermitRootLogin properly (yes), login with password will work.
I don’t think that your issue is related to hestia, as we do not touch any root login relevant part. So it sounds more like a local issue, where I’m not realy aware about your setup.
You can maybe check your auth.log, which could provide more informations why you can’t login.
I already found the problem, and it was very ‘dumb’
It turns out that you have to put
AllowRootLogin yes
Password Authentication yes
before Match User ****************
the final lines that hestia put in sshd_config
"here it works"
Match User sftp_dummy99,********
ChrootDirectory %h
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp
"it doesn't work here"
I’m used to putting my settings at the end of the file to remember that they are my changes.
And that’s how I always do it and it works, but in this case, since you put it right at the end, it doesn’t work.