pure-ftp/openssh failures.

pornophobic · 04-22-2010, 12:09 PM

This is my first post, I generally would find the answers I need by searching this site so I haven't had a need to sign up since I can't really help anyone as of yet. With that said here is my problem:

I'm running a VPS with CentOS RHEL 5 host-in-a-box, I just did a rebuild of the server and after a day or two pure-ftpd and sshd unexpectedly close out any incoming connections. I am the only one that uses ssh and ftp so I'm not sure what the problem could be. I checked the logs and there is nothing to do with not being able to bind on the address.

I tried connecting through ssh in verbose mode and it connects to the server just fine, but drops the connection before it asks me for my key pass phrase. If I enable password access it will drop before it asks me for it's password. I've tried restarting sshd and ftpd. I've tried rebooting the machine. I've tried google, but this problem seems to need a little more specific trouble shooting.

I can get in through console access, but that doesn't help me much when I need to transfer files.

Any help?

AlucardZero · 04-22-2010, 12:31 PM

Any more info in /var/log/secure or /var/log/messages ?

pornophobic · 04-22-2010, 12:46 PM

Quote:

Originally Posted by AlucardZero

Any more info in /var/log/secure or /var/log/messages ?

From /var/log/messages I get:

Code:

Apr 22 10:41:35 dagon xinetd[9995]: START: ftp pid=1394 from=my.ip
Apr 22 10:41:35 dagon xinetd[1394]: libwrap refused connection to ftp (libwrap=pure-ftpd) from my.ip
Apr 22 10:41:35 dagon xinetd[1394]: FAIL: ftp libwrap from=my.ip
Apr 22 10:41:35 dagon xinetd[9995]: EXIT: ftp status=0 pid=1394 duration=0(sec)
Apr 22 10:41:41 dagon xinetd[1694]: libwrap refused connection to ftp (libwrap=pure-ftpd) from my.ip

and from secure I get:

Code:

Apr 22 10:41:22 dagon sshd[32594]: refused connect from ::ffff:my.ip.my.ip (::ffff:my.ip.my.ip)
Apr 22 10:41:34 dagon sshd[1378]: refused connect from ::ffff:my.ip.my.ip (::ffff:my.ip.my.ip)
Apr 22 10:42:35 dagon pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
Apr 22 10:42:35 dagon pure-ftpd: (?@127.0.0.1) [INFO] Logout.

That's from me trying just now to get the messages.

pornophobic · 04-22-2010, 01:05 PM

I think I may have found the problem.
I did a search on google and came up with this link.
I looked at my hosts.deny file and found my IP in the file. I am using Kloxo/LXAdmin control panel and have Lxguard enabled, this is probably what is causing it. I'm going to change the settings and post the results.

pornophobic · 04-22-2010, 01:10 PM

Yep, that was the problem. I removed my address from the hosts.deny file and I can log in again.

Thanks for the second brain, I guess that's all that's needed sometimes

Just in case anyone who encounters the same problem using kloxo/LXAdmin comes along, I will leave this bit of information because the program suggests not to edit the hosts file directly:

Log in to your LXAdmin control panel (usually on port 7777 or 7778, I believe)
Go to servers, select your server (usually localhost on a VPS)
Under LXGuard, click on the connections tab and you should see a table of IPs, their suucessful attempts and how many failed attempts.
Click on the checkbox next to your IP and hit the "whitelist" button near the top of the page. You should now be able to log in.

Hope that helps someone in the future.

AlucardZero · 04-22-2010, 01:34 PM

You can also add your IP to /etc/hosts.allow to whitelist it.

ramulis · 05-25-2010, 08:24 AM

Thank you guys for the solution! This saved my day. Couldn't connect to ftp or ssh, but just added my ip to whitelist and it works just fine.

Great!