Opened 9 years ago
Closed 9 years ago
#1667 closed defect (fixed)
ssh login to upload.osgeo.org not possible
| Reported by: | jef | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | SysAdmin | Keywords: | |
| Cc: | upload |
Description
Currently ssh login to upload.osgeo.org does not work (neither via password nor key)
Change History (10)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
I'm working on adding new certificates to LDAP authentication. Upload and Qgis should be fixed already, please holler if yours still doesn't work within 12 hours from now.
Martin.
comment:3 by , 9 years ago
I confirm upload is fixed for me. git.osgeo.org still fails, with:
ssh_exchange_identification: read: Connection reset by peer
comment:4 by , 9 years ago
Worksforme. Too many failed logins ?
Please try from a different IP and report back, Martin.
comment:6 by , 9 years ago
Works from a different IP, so I guess it is due to "too many failed logins". (When) will this protection expire ?
comment:7 by , 9 years ago
sshd logs show a refused connect message for my IP,but I don't see which configuration of sshd determines that.
comment:9 by , 9 years ago
So with the help or Jurgen the forbidding line was found in /etc/hosts.deny, added on May 1st.
The ssh logs show that around that time I had multiple failing login attempts due to LDAP service being unreachable.
Now if I remove my IP from /etc/hosts.deny I can log in, but the hosts.deny records re-appears shortly after. Looking at "denyhosts" configuration it seems that 1 failed login (DENY_THRESHOLD_RESTRICTED) results in 1 week of denial (PURGE_DENY).
Adding my (static) IP to /etc/hosts.allow lets me in no matter the denial period. I've "solved" the issue like this. The ticket can be closed, for what concerns myself.
comment:10 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
login to the qgis vm also affected