What exactly does resetting the root password do? Can't ssh in anymore.

October 4, 2018 492 views
Initial Server Setup Ubuntu

Server was working fine. Used public key auth to ssh in using Putty. Passwords disabled, etc.

Everything was working fine until I wanted to make changes on my server and realized forgot my (sudoer) user password. Mistakenly, in hopes of fixing the problem, I reset the root password through the web interface (not the user password, which I actually needed).

After having done so, every time I try to connect (with Putty) it now asks for a password. I went through /etc/ssh/sshd_config and made sure all the options are correct. Created a new key pair, restarted server, etc. Still, the behavior persists, although I can see it is checking the keys (tried testing using the old key, it tells me the server refused the key, but still asks for a password)

I'm wondering what exactly happened during the root password reset that could cause this. It makes sense that it would change the ssh configuration to allow password log ins (since I imagine that is what most users are intending when they reset root password) If that is correct, it has done so in a non-obvious way as I have gone through the config file myself and don't see what could be causing this.

I've also tried changing the user password through the rescue console and resetting the root password twice. None of the passwords work when trying to log in over ssh, always giving the message "Access Denied".

1 comment
  • Figured out what was wrong. I had created a new user when I wasn't able to log in. I used the rescue console to create the new user and add their public key. When I pasted the public key into the rescue console, it was being garbled somehow by the web interface. The solution was to temporarily re-enable password authentication and add the key through Putty. The original user couldn't log in due to some kind of permissions corruption. But that's an issue for another thread.

1 Answer

Hey friend!

While I can't tell you with certainty what caused the full event you've experienced, I can tell you that reset root password does not change SSH config, and that may at least help in troubleshooting. If you change the root password and password login is disabled, you can only use it to log in through the web console (as it doesn't use an SSH client).

In helping you resolve the whole problem though, I'd encourage you to take a step back and look at it through a simpler perspective. That's the good thing about SSH, me and you can both get into situations where we're overlooking something, but in the end the problem is almost always simple in nature. That means potential resolutions can be equally as simple. At it's core, we can pretty much reset the whole thing by copying /etc/ssh/sshd_config from a new droplet with the same OS version, and delete /root/.ssh on the server (then generate new keys). Restart the SSH server afterward (from web console using root pass) and you're theoretically as good as new in almost every situation.

Outside of overlooking a configuration variable, a typo or error (maybe caused by a text editor) in authorized_keys, or a file permission issue there really isn't much else that can go wrong.

Hope that helps to kind of step back from it and think over the depth of the possibilities.

Jarland

  • Hey, thanks for the input. If resetting the password doesn't affect ssh configuration, that certainly narrows it down a lot. I was trying to isolate the event that caused this, as everything seemed to be working fine until the session during which password was reset. Around that time, I might have also restarted the droplet, I think that maybe could have caused it to upgrade some packages, and maybe downloaded a new config in the process which overwrote those settings. I was hoping to avoid creating another droplet, but it might be necessary as a last resort. I know there is also a way to look at the output from sshd, by running it in the rescue console or something, but I am having trouble locating how to do that.

Have another answer? Share your knowledge.