i got 2 units that had issue accessing ssh. a 653a and a 659 pro II.
for 653a support eventually helped me to install a ssh fix qpkg, at which point my ssh now just works.
whereas on the 659 pro II which doesn't have it, i can access ssh if i enable telnet.
anyway will try this later on 659 later
SSH just doesn't work
- Moogle Stiltzkin
- Guru
- Posts: 11445
- Joined: Thu Dec 04, 2008 12:21 am
- Location: Around the world....
- Contact:
Re: SSH just doesn't work
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)
Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)
Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
-
- New here
- Posts: 5
- Joined: Fri Feb 13, 2015 4:34 am
Re: SSH just doesn't work
SSH has been down for so long for me. I've tried so many things but it ended up being this. Thank you so much!MTX wrote: ↑Mon May 29, 2017 10:46 pm Hi!
I just had the same problems and was able to connect thru telnet.
Starting sshd manually showed the root cause:As I had this issue already once before, I'm sure, that my key files had the correct permissions already set before the QTS 4.3.3 upgrade was started.Code: Select all
# /etc/init.d/login.sh start Starting sshd service: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/etc/ssh/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. key_load_private: bad permissions Could not load host key: /etc/ssh/ssh_host_rsa_key ... It is required that your private key files are NOT accessible by others. This private key will be ignored. key_load_private: bad permissions Could not load host key: /etc/ssh/ssh_host_dsa_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. OK [~] #
I did the same QTS upgrade on an other machine and had no problems. So, I don't know why the permissions were incorrect, but, they are preventing sshd from operation. Changing the permissions is not very difficult:Good luck to all !Code: Select all
[/etc/ssh] # ls -la total 20 drwxr-xr-x 2 admin administ 140 Apr 23 2010 ./ drwxr-xr-x 28 admin administ 3000 May 29 15:10 ../ -rw-r--r-- 1 admin administ 668 Oct 24 2015 ssh_host_dsa_key -rw-r--r-- 1 admin administ 605 Oct 24 2015 ssh_host_dsa_key.pub -rw-r--r-- 1 admin administ 1675 Oct 24 2015 ssh_host_rsa_key -rw-r--r-- 1 admin administ 397 Oct 24 2015 ssh_host_rsa_key.pub -rw-r--r-- 1 admin administ 3084 Apr 23 2010 sshd_config [/etc/ssh] # chmod 600 ssh_host_dsa_key ssh_host_rsa_key [/etc/ssh] # /etc/init.d/login.sh start Starting sshd service: OK Starting telnet service: telnetd: starting port: xxxxx; interface: any; login program: /bin/naslogin bind: Address already in use OK [/etc/ssh] #