Can't login via SSH on port 22 anymore, WEB-interface works

[CrazyBubbaUser]

Suddenly I can not login to my Bubba Two via Putty (or Kitty) anymore.

I can ping my Bubba Two and I can also access my Bubba Two via the web interface.

Everytime I try to connect via SSH I get "Network error: Software caused connection abort".

I have checked my user in Bubba Two via the web interface and I can see that "Allow shell login" is ticked.

[Ubi]

I guess you tried to restart bubba and that did not help. The error message you get in combination with the observation that the webinterface still works, generally means bubba is still alive, but (1) either the SSHd process died, (2) it refuses access from your network becasue of a configuration error or (3) there is a routing/firewall issue. Did you fiddle with any configuration before you got locked out? (network, firewall, sshd.conf etc)?

Ubi

[CrazyBubbaUser]

Yes I have tried with restarting my Bubba a couple of times.

It might be an firewall issue because I am testing a new 3G Router, Vololink VA125 with embedded 3G modem but I was indeed able to use Putty into my Bubba since Friday but now this morning it suddenly has stopped working...

I have even tried with setting port forwarding of port 22 to my ip of my Bubba and that doesn't help and it shouldn't be necessary since I am on the same lan I guess?

I am using static IP adresses.

I didn't fiddle with any conf files on Bubba before this (I am not that experienced on Linux yet so I have started with that yet.)

[Ubi]

My guess is that the problem is within the router, although giving the HTTP works there's some nifty forwarding going on in that machine. One way of checking this is by connecting your bubba to a PC via a hub or through a crosscable. you then have to give your pc a fixed IP adress as well, but for the rest you should be able to connect fine.

Ubi

[CrazyBubbaUser]

Yepp that is one way I could try... I might just reinstall the Bubba image over again since I do not have too much data on my Bubba Two yet.

I was thinking if a faulty executed CHMOD command could cause some files to get wrong permissions cause this?

I was logged into Bubba Two as root and executed a "CHMOD 777 -R -v /*" command (I think it was this anyway) while standing in "/home/userxxx/downloads".

It might be that I by mistake changed some system file permissions so that the operating system can not work correctly with the system files?

[pcrene]

Hello

As you have acces to the web-interface.. give or make another user the SSH privelige...
It could be that by any accident your account has lost this feature.

Rene

[Ubi]

sorry no

the "connection timed out" error shows that the SSH daemon cannot be reached. This is not related to a user not having SSH access, as this would only prevail in a dropped connection AFTER the user has entered the username. so adding users or messing with privs from the webinterface will not solve this issue.

[Ubi]

I was logged into Bubba Two as root and executed a "CHMOD 777 -R -v /*" command (I think it was this anyway) while standing in "/home/userxxx/downloads".

for some reason I missed this, sorry about that. You are correct. For some reason you decided to eradicate file permissions on your entire system. This explains why SSHd does not work anymore as it requires some form of security before accepting connections. However the damage you did is way more extensive and you pretty much opened up your system to any hacker with more than 3 brain cells.

In short: You need to do a full restore of your system

And as an explanation: chmod /* renames the ENTIRE file system no matter where you are located. If you would have added a dot (.) and type "chmod ./*" you would have been fine because you would have told the OS tol only look into the local dir and not the entire filesystem.

Ubi

[CrazyBubbaUser]

Eeehhmm... Yepp, I realised that after reading more about the chmod command...

Anyway, I will restore my system to intial configuration by reformatting the Bubba Two with a brand new image. Done it before so it is not a problem to do it again...

However, I am curios how a hacker could get access to my Bubba Two since it is behind a separate router with it's own firewall and no ports being forward to the Bubba Two? Why can't I get access then?

[Ubi]

if you have access to an apache system with 777 permissions you can pretty much access the system

[CrazyBubbaUser]

Aha ok but would that still be possible eventhough my Bubba Two is behind a router and firewall and no port forwarding enabled?

How would somebody outside my internal lan be able to even ping my Bubba router with my router and firewall in between? Would it be possible by some use of UPnP if that is enabled and what ports on Bubba Two would be open to the outside world outside my firewall?

[Ubi]

it's indeed extrmely unlikely, but posible. Who knows theres some worm on your desktop, then all routing tricks are useless. DOn't worry about it too much , the chance that someone will mess up your data today is minimal

Ubi

[CrazyBubbaUser]

Ok thanks for the input.

Reformatting and reinstalling my Bubba Two now...

Thanks also for the clarification on the mistake with missing dot in my CHMOD command. I immediately felt when I pressed return on that command ("CHMOD 777 -R -v /*") that this was going to cause problems for me...