KVM host: refusing connection on ports 22 & 9090
-
What logs? I can't connect unless I go hookup a keyboard & monitor.
-
@FATeknollogee said in KVM host: refusing connection on ports 22 & 9090:
What logs? I can't connect unless I go hookup a keyboard & monitor.
Right - that's why I asked about iDRAC or iLo.
-
@FATeknollogee Might be a pain in the ass but if you have no other way of connecting?
-
-
The Inotify errors are to do with file system. you want ssh logs. /var/log/auth.log
-
@StuartJordan no such /var/log/auth
I do have /var/log/secure -
@FATeknollogee Sorry I'm used to Debian based distro, yep that sounds right if using fedora. you can also check with journal command:
journalctl -r /usr/sbin/sshd
-
Do you have fail2Ban set up on your KVM host?
-
@black3dynamite said in KVM host: refusing connection on ports 22 & 9090:
Do you have fail2Ban set up on your KVM host?
No
-
Looking through the logs, nothing looks out of place.
-
@FATeknollogee said in KVM host: refusing connection on ports 22 & 9090:
@black3dynamite said in KVM host: refusing connection on ports 22 & 9090:
Do you have fail2Ban set up on your KVM host?
No
You definitely want that.
-
@scottalanmiller said in KVM host: refusing connection on ports 22 & 9090:
@FATeknollogee said in KVM host: refusing connection on ports 22 & 9090:
@black3dynamite said in KVM host: refusing connection on ports 22 & 9090:
Do you have fail2Ban set up on your KVM host?
No
You definitely want that.
For what? If ssh is only strong cert auth that leaves 9090 for Cockpit. Is there a good 9090 config for failtoban?
-
The box is behind a firewall & port 22 is only open to a specific IP.
-
@Obsolesce said in KVM host: refusing connection on ports 22 & 9090:
For what?
Security. Otherwise you leave yourself open to brute force attacks. Or even just brute force attempts. Still uses your bandwidth.
-
@Obsolesce said in KVM host: refusing connection on ports 22 & 9090:
that leaves 9090 for Cockpit.
This is true, but automated attacks against Cockpit are way, way more rare. It's a fraction of the attack surface out of the gate.
-
Still looking for a fix!!
-
Does anyone use Door Knocking anymore?
-
Is it just these ports? is anything else dropping at the same time that your are unaware of on this host? have you tried accessing the host using putty on another machine?
-
@StuartJordan These are the ports I always need (haven't checked others).
I was able to use the new Relay feature on MeshCentral 2 to connect via LAN. -
no connection issues when using the relay then?
