This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I've installed EnableSSH on my Duo v2 successfully and was able to use it with the root account. While trying to enable ssh access to other users, I unfortunately locked root out before managing to enable another user.
Right now the successful login with a non-root user leads to an instant logout.
Loggin in with root leads to "Permisson denied, please try again". The reason for this is probably a wrong entry in the "Allowed Users" section of the ssh configuration.
Normal admin access via the Web UI is not affected and runs perfectly well.
I've already tried re-installing the EnableSSH plugin, but unfortunately that did not reset the ssh configuration.
Is there any way to reset only the ssh config without possibly running into problems on the Web UI side?
Thanks for the quick reply, I managed to get into tech support mode and telnet to the Duo v2, but unfortunately the files of the ssh configuration are not present in this state. Is there a chance that I can mount other parts of the filesystem that contain the config files of the plugins that are installed?
Yes, you need to mount the real OS partition.
I've never owned a v2. but I believe these commands will work/
# start_raid.sh
# mount /dev/md0 /sysroot
Not sure if you'll also need to chroot to get the commmands you need, but if you do try these commands:
# mount --bind /proc /sysroot/proc
# mount --bind /dev /sysroot/dev
# mount --bind /dev/pts /sysroot/dev/pts
# mount --bind /sys /sysroot/sys
# chroot /sysroot /bin/bash
Do a configuration backup (under Settings/System/Backup) and see if the file you need to fix is in it. If it is, be sure to use an editor that will use an LF only for an EoL and not add anything (Like Notepad++) and make the changes you need to, then restore that backup.
Is there any way to reset only the ssh config without possibly running into problems on the Web UI side?
> You can get into the OS using tech support mode. You'd be on your own after that though.
Thanks for the quick reply, I managed to get into tech support mode and telnet to the Duo v2, but unfortunately the files of the ssh configuration are not present in this state. Is there a chance that I can mount other parts of the filesystem that contain the config files of the plugins that are installed?
And, BTW what is the way to gracefully shutdown the system from tech support mode? Pulling the plug is the only way I've found and that really hurts me every time 😮
> Do a configuration backup (under Settings/System/Backup) and see if the file you need to fix is in it. If it is, be sure to use an editor that will use an LF only for an EoL and not add anything (Like Notepad++) and make the changes you need to, then restore that backup.
Thanks for the quick reply - I've checked that already with older config backups, but unfortunately the file I'm looking for is not contained there - even if I'm doing a present config backup with "All" option marked.
Thanks for the quick reply, I managed to get into tech support mode and telnet to the Duo v2, but unfortunately the files of the ssh configuration are not present in this state. Is there a chance that I can mount other parts of the filesystem that contain the config files of the plugins that are installed?
Yes, you need to mount the real OS partition.
I've never owned a v2. but I believe these commands will work/
# start_raid.sh
# mount /dev/md0 /sysroot
Not sure if you'll also need to chroot to get the commmands you need, but if you do try these commands:
# mount --bind /proc /sysroot/proc
# mount --bind /dev /sysroot/dev
# mount --bind /dev/pts /sysroot/dev/pts
# mount --bind /sys /sysroot/sys
# chroot /sysroot /bin/bash
Thanks for the quick reply - I've checked that already with older config backups, but unfortunately the file I'm looking for is not contained there - even if I'm doing a present config backup with "All" option marked.
The crucial file is
sshd_config
and it's supposed to sit somewhere like
/etc/ssh
If support mode doesn't get you there, I suppose you could try just putting it into the config backup .zip and see if the restore really checks and restores specific content or restores whatever it finds. I know you can delete files from the .zip to be restored with no issue, I've never tried to add any.
> I've never owned a v2. but I believe these commands will work/
# start_raid.sh
# mount /dev/md0 /sysroot
> Not sure if you'll also need to chroot to get the commmands you need, but if you do try these commands:
# mount --bind /proc /sysroot/proc
# mount --bind /dev /sysroot/dev
# mount --bind /dev/pts /sysroot/dev/pts
# mount --bind /sys /sysroot/sys
# chroot /sysroot /bin/bash
PHEW! That worked and you're seeing one really delighted user over here. After the mounts I was able to correct the ssh config and I could log back in as root. What I initially wanted to do was to enable a normal user to ssh into the NAS. I've seen another discussion somewhere around here how to do that, so this time I'll read that closely before changing ANYTHING, promise 😉
