Last Updated: February 25, 2016
·
1.366K
· timfernihough

SOLVED: Getting yourself back into your server after failing to authenticate properly multiple times

So recently I was assisting a colleague setup a mySQL connection from a local mySQL client to a Rackspace Cloud Server. This was mostly because he's more proficient using the UI then the mySQL command line and I can certainly appreciate the efficiency gain of using something familiar.

So, in the process of doing so, I apparently authenticated incorrectly multiple times and got myself locked out of the server.

Instead of getting a request for a password when running the following command to access my server:

ssh root @ x.y.z.w

I instead receive the following message from the server:

ssh_exchange_identification: Connection closed by remote host.

I was at home at the time, so I decided to try logging in from my home desktop computer instead of my work laptop. I experienced the same problem. Turns out this is clearly because I was behind a router on my home network and therefore both requests from my laptop and desktop were coming from the same public facing IP address, which clearly got blocked due to failure to authenticate.

It became clear I needed to attempt to authenticate from a different IP address but it was 11pm at night and I didn't want to go to a coffee shop. Problem was solved by SSH'ing into ANOTHER server of mine (ie, a different originating IP address) and then attempting to authenticate to the original server from this second server. I was then able to login.

To remove my blacklisted IP address, I went and did the following:

vi /etc/hosts.deny

I scrolled down to the bottom of the list and found my IP. I removed it from the list.

To prevent this from happening again, I went and did the following:

vi /etc/hosts.allow

and added my IP address at home (and at work) so that this will not happen again for me.

Disclaimer: This second item of course will only work if your IP address is static. If you have a changing IP address (ie, you have a DSL modem that assigns you a new IP address every day), you can't really take advantage of white-listing your IP but you can still un-blacklist your IP to resolve your problem this time around.

Thanks to Chris Estrada (http://twitter.com/weare1sand0s) at Rackspace for troubleshooting this with me and helping me figure it out.