forked from docs/doc-exports
wanghuijuan738
4304fed907
Reviewed-by: Pristromskaia, Margarita <margarita.pristromskaia@t-systems.com> Co-authored-by: wanghuijuan738 <wanghuijuan738@huawei.com> Co-committed-by: wanghuijuan738 <wanghuijuan738@huawei.com>
158 lines
27 KiB
HTML
158 lines
27 KiB
HTML
<a name="EN-US_TOPIC_0105127983"></a><a name="EN-US_TOPIC_0105127983"></a>
|
|
|
|
<h1 class="topictitle1">Why Can't I Log In to My Linux ECS?</h1>
|
|
<div id="body8662426"><div class="section" id="EN-US_TOPIC_0105127983__section203378140307"><h4 class="sectiontitle">Symptom</h4><p id="EN-US_TOPIC_0105127983__p18931553173018">A Linux ECS cannot be logged in to due to some reasons. For example, the network is abnormal, remote desktop access is blocked by the firewall on the ECS, or the ECS vCPUs are overloaded.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p63262015122">This section describes how to troubleshoot Linux ECS login failures.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p15615114212307">If you cannot log in to your Linux ECS, follow the instructions provided in <a href="#EN-US_TOPIC_0105127983__section16351720103416">Checking the VNC Login</a>. Then, locate the login fault by referring to <a href="#EN-US_TOPIC_0105127983__section51421019195617">Fault Locating</a>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section16351720103416"><a name="EN-US_TOPIC_0105127983__section16351720103416"></a><a name="section16351720103416"></a><h4 class="sectiontitle">Checking the VNC Login</h4><p id="EN-US_TOPIC_0105127983__p123511209344">Check whether you can log in to the ECS using VNC on the management console.</p>
|
|
<ol id="EN-US_TOPIC_0105127983__ol935110206345"><li id="EN-US_TOPIC_0105127983__li1151341720102">Log in to the management console.</li><li id="EN-US_TOPIC_0105127983__li2352162010344">Choose <strong id="EN-US_TOPIC_0105127983__b243724214375"><span id="EN-US_TOPIC_0105127983__text667917287359">Computing</span></strong> > <strong id="EN-US_TOPIC_0105127983__b343724218375">Elastic Cloud Server</strong>.</li><li id="EN-US_TOPIC_0105127983__li7352182019347">In the <strong id="EN-US_TOPIC_0105127983__b842352706174048">Operation</strong> column of the target ECS, click <strong id="EN-US_TOPIC_0105127983__b842352706174322">Remote Login</strong>.<p id="EN-US_TOPIC_0105127983__p181110461218"></p>
|
|
<div class="fignone" id="EN-US_TOPIC_0105127983__fig12533164315356"><span class="figcap"><b>Figure 1 </b>Remote login</span><br><span><img id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_image17737103783517" src="en-us_image_0000002259727498.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
</li><li id="EN-US_TOPIC_0105127983__li61542434359">(Optional) When the system displays "Press CTRL+ALT+DELETE to log on", click <strong id="EN-US_TOPIC_0105127983__en-us_topic_0093263548_b76639262315">Send CtrlAltDel</strong> in the upper part of the remote login page to log in to the ECS.<div class="note" id="EN-US_TOPIC_0105127983__en-us_topic_0093263548_note15831651185"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0105127983__en-us_topic_0093263548_p383155151813">Do not press <strong id="EN-US_TOPIC_0105127983__en-us_topic_0093263548_b842352706175651">CTRL+ALT+DELETE</strong> on the physical keyboard because this operation does not take effect.</p>
|
|
</div></div>
|
|
</li></ol>
|
|
<p id="EN-US_TOPIC_0105127983__p8923165785318">If the VNC login still fails, record the resource details and fault occurrence time for further fault locating and analysis.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section51421019195617"><a name="EN-US_TOPIC_0105127983__section51421019195617"></a><a name="section51421019195617"></a><h4 class="sectiontitle">Fault Locating</h4><p id="EN-US_TOPIC_0105127983__p13263153715538">If you can log in to the ECS using VNC but cannot log in to it using a remote desktop connection, locate the fault by referring to this section.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p163466913016">The following fault causes are sequenced based on their occurrence probability.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p1134639173019">If the fault persists after you have ruled out a cause, check other causes.</p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_table6168184132811" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Possible causes and solutions</caption><thead align="left"><tr id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_row31680416283"><th align="left" class="cellrowborder" valign="top" width="28.15%" id="mcps1.3.3.5.2.3.1.1"><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p17639192710215">Possible Cause</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="71.85000000000001%" id="mcps1.3.3.5.2.3.1.2"><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p1063918274214">Solution</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_row6168941172810"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p19168144142812">The ECS is frozen or stopped.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p11168104115284">Make sure that the <span id="EN-US_TOPIC_0105127983__text1369613526357">ECS</span> is in the <strong id="EN-US_TOPIC_0105127983__b1770235243516">Running</strong> state. For details, see <a href="#EN-US_TOPIC_0105127983__section171182458381">Checking the ECS Status</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row174273283118"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p134273211312">The entered username or password is incorrect.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p542832163117">The default username for Linux ECSs is <strong id="EN-US_TOPIC_0105127983__b6894133213506">root</strong>. For details, see <a href="#EN-US_TOPIC_0105127983__section14258101291715">Checking the Login Mode</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row0162418123314"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p5298319173316">The ECS is overloaded.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p22981219163319">If the bandwidth or CPU usage of the ECS is excessively high, login failures may occur. For details, see <a href="#EN-US_TOPIC_0105127983__section1522711115588">Checking Whether the ECS Is Overloaded</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row1161017163417"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p561071143415">The ECS has no <span id="EN-US_TOPIC_0105127983__text1723317144409">EIP</span> bound.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p16610131163410">To log in to an ECS using RDP or MSTSC, ensure that the ECS has an <span id="EN-US_TOPIC_0105127983__text341914446814">EIP</span> bound. For details, see <a href="#EN-US_TOPIC_0105127983__section129793013377">Checking Whether an ECS Has an EIP Bound</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row178773823516"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p74585212353">The access is blocked by the ISP.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p19451352103514">Check whether you can access the ECS using another hotspot or network. For details, see <a href="#EN-US_TOPIC_0105127983__section289137105711">Checking Whether the Network Is Normal</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_row41681741172819"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p716874117282">The security group of the ECS denies inbound traffic on the remote login port.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p31691416286">Check whether the security group allows inbound traffic on the remote login port. For details, see <a href="#EN-US_TOPIC_0105127983__section830193612460">Checking Whether the Security Group Is Correctly Configured</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row5126436156"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p1312613320150">The remote access port is incorrectly configured.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p111264321516">Check whether the remote access port is correctly configured on the local computer and the ECS. For details, see <a href="#EN-US_TOPIC_0105127983__section21752310487">Checking Whether the Remote Access Port Is Correctly Configured</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row1800112083712"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p178001208371">An IP address whitelist for SSH logins has been configured.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p118001720153714">Ensure your IP address is included in the whitelist. For details, see <a href="#EN-US_TOPIC_0105127983__section9583105919232">Checking the IP Address Whitelist for SSH Logins (with HSS Enabled)</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_row796182813291"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p1296116289297">An OS fault has occurred.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__en-us_topic_0167240183_p7961192852920">The file system is damaged. For details, see <a href="#EN-US_TOPIC_0105127983__section1977334311553">Checking Whether an OS Fault Has Occurred</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row1219118110346"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p101911311183410">The access is blocked by third-party antivirus software.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p111918118345">Disable or uninstall the third-party antivirus software and try again. For details, see <a href="#EN-US_TOPIC_0105127983__section58504535542">Checking Whether the Access Is Blocked by Antivirus Software</a>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr id="EN-US_TOPIC_0105127983__row141919114343"><td class="cellrowborder" valign="top" width="28.15%" headers="mcps1.3.3.5.2.3.1.1 "><p id="EN-US_TOPIC_0105127983__p131911611163413">The cause is displayed in the error message.</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="71.85000000000001%" headers="mcps1.3.3.5.2.3.1.2 "><p id="EN-US_TOPIC_0105127983__p21912117340">If an error message is displayed during remote login, check the operation guide based on the error information. For details, see <a href="#EN-US_TOPIC_0105127983__section331935012531">Checking Whether an Error Occurred During a Remote Login</a>.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section171182458381"><a name="EN-US_TOPIC_0105127983__section171182458381"></a><a name="section171182458381"></a><h4 class="sectiontitle">Checking the ECS Status</h4><p id="EN-US_TOPIC_0105127983__p175752236388">Check whether the <span id="EN-US_TOPIC_0105127983__text3306173594118">ECS</span> is in the <strong id="EN-US_TOPIC_0105127983__b01094447573">Running</strong> state on the management console. If the ECS is stopped, start it and try to log in to the ECS again.</p>
|
|
<div class="fignone" id="EN-US_TOPIC_0105127983__fig119881740136"><span class="figcap"><b>Figure 2 </b>Checking the ECS status</span><br><span><img id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_image354218231875" src="en-us_image_0000002259864122.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section14258101291715"><a name="EN-US_TOPIC_0105127983__section14258101291715"></a><a name="section14258101291715"></a><h4 class="sectiontitle">Checking the Login Mode</h4><p id="EN-US_TOPIC_0105127983__p16598191771719">Check the login mode you set when you created the ECS.</p>
|
|
<div class="fignone" id="EN-US_TOPIC_0105127983__fig3701318151020"><span class="figcap"><b>Figure 3 </b>Login Mode</span><br><span><img id="EN-US_TOPIC_0105127983__image64010510166" src="en-us_image_0000002294960765.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
<ul id="EN-US_TOPIC_0105127983__ul16634266220"><li id="EN-US_TOPIC_0105127983__li866362613226"><strong id="EN-US_TOPIC_0105127983__b171341042131017">Key pair</strong><ul id="EN-US_TOPIC_0105127983__en-us_topic_0162447875_ul2153216474"><li id="EN-US_TOPIC_0105127983__li79213584431">For the first login, use an SSH key. For details, see <a href="en-us_topic_0017955380.html">Logging In to a Linux ECS Using an SSH Key Pair</a>.</li><li id="EN-US_TOPIC_0105127983__en-us_topic_0162447875_li9233234714">For a non-first login, if you want to use the remote login function (VNC) provided by the management console, log in to the ECS using the SSH key and set the password.</li></ul>
|
|
</li></ul>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section1522711115588"><a name="EN-US_TOPIC_0105127983__section1522711115588"></a><a name="section1522711115588"></a><h4 class="sectiontitle">Checking Whether the ECS Is Overloaded</h4><p id="EN-US_TOPIC_0105127983__p138569111826">If the bandwidth or CPU usage of the <span id="EN-US_TOPIC_0105127983__text138562112027">ECS</span> is excessively high, login failures may occur.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p3622163045817">If you have created an alarm rule in Cloud Eye, the system automatically sends an alarm notification to you when the bandwidth or CPU usage reaches the threshold specified in the rule.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p04135417597">To resolve this issue, perform the operations described in <a href="en-us_topic_0167429329.html">Why Is My Linux ECS Running Slowly?</a></p>
|
|
<ul id="EN-US_TOPIC_0105127983__ul1299993111212"><li id="EN-US_TOPIC_0105127983__li7999731621">If the login failure is caused by high CPU usage, perform the following operations to reduce the CPU usage:<ul id="EN-US_TOPIC_0105127983__ul174239291320"><li id="EN-US_TOPIC_0105127983__li3423929136">Stop certain processes that are not used temporarily and try again.</li><li id="EN-US_TOPIC_0105127983__li54231629538">Restart the ECS.</li><li id="EN-US_TOPIC_0105127983__li14231629830">Reinstall the ECS OS. Back up important data before the reinstallation.</li><li id="EN-US_TOPIC_0105127983__li942316291533">If the ECS OS cannot be reinstalled due to important data, replace the disk attached to the ECS. To do so, back up data on the original disk, detach the disk from the ECS, attach the new disk to the ECS, and copy data to the new disk.</li></ul>
|
|
<p id="EN-US_TOPIC_0105127983__p38081010132513">You can also upgrade the vCPUs and memory by <a href="en-us_topic_0013771092.html">modifying ECS specifications</a>.</p>
|
|
</li><li id="EN-US_TOPIC_0105127983__li455710171834">If the login fails because the bandwidth exceeds the limit, perform the following operations:<p id="EN-US_TOPIC_0105127983__p84011210281"><a name="EN-US_TOPIC_0105127983__li455710171834"></a><a name="li455710171834"></a>For instructions about how to increase the bandwidth, see <a href="en-us_topic_0093492521.html">Modifying an EIP Bandwidth</a>.</p>
|
|
</li></ul>
|
|
<p id="EN-US_TOPIC_0105127983__p1354933175611">After you perform the preceding operations, try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section129793013377"><a name="EN-US_TOPIC_0105127983__section129793013377"></a><a name="section129793013377"></a><h4 class="sectiontitle">Checking Whether an ECS Has an <span id="EN-US_TOPIC_0105127983__text103571156133">EIP</span> Bound</h4><p id="EN-US_TOPIC_0105127983__p12291454175918">If you need to use a remote login tool (such as PuTTY or Xshell) to access the ECS, bind an <span id="EN-US_TOPIC_0105127983__text102466344617">EIP</span> to the <span id="EN-US_TOPIC_0105127983__text16408691119">ECS</span>.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p537993816320">For details, see <a href="https://docs.otc.t-systems.com/elastic-ip/umn/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.html" target="_blank" rel="noopener noreferrer">Assigning an EIP and Binding It to an ECS</a>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section289137105711"><a name="EN-US_TOPIC_0105127983__section289137105711"></a><a name="section289137105711"></a><h4 class="sectiontitle">Checking Whether the Network Is Normal</h4><p id="EN-US_TOPIC_0105127983__p121741018205515">Use a local PC in another network or use another hotspot to access the ECS. Check whether the fault occurs on the local network. If so, contact the carrier to resolve this issue.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p163029520174">After you perform the preceding operations, try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section830193612460"><a name="EN-US_TOPIC_0105127983__section830193612460"></a><a name="section830193612460"></a><h4 class="sectiontitle">Checking Whether the Security Group Is Correctly Configured</h4><p id="EN-US_TOPIC_0105127983__p20455351933">Check whether the local host can access port 22 on the ECS.</p>
|
|
<p id="EN-US_TOPIC_0105127983__en-us_topic_0096686377_p81727318238">Run the following command to check whether port 22 is accessible:</p>
|
|
<p id="EN-US_TOPIC_0105127983__en-us_topic_0096686377_p2137132210223"><strong id="EN-US_TOPIC_0105127983__b206241912144112">telnet </strong><em id="EN-US_TOPIC_0105127983__i11470515134120"><</em><em id="EN-US_TOPIC_0105127983__i8322192194016"><span id="EN-US_TOPIC_0105127983__text173228284010">ECS</span>-private-IP-address></em></p>
|
|
<p id="EN-US_TOPIC_0105127983__p113651127115317">If port 22 is inaccessible, check whether port 22 is opened in the security group rule.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p66736719386">On the ECS details page, click the <strong id="EN-US_TOPIC_0105127983__b199618723613">Security Groups</strong> tab and check that port 22 is configured in the inbound rule of the security group.</p>
|
|
<div class="fignone" id="EN-US_TOPIC_0105127983__fig21551910162316"><span class="figcap"><b>Figure 4 </b>Checking remote access ports</span><br><span><img id="EN-US_TOPIC_0105127983__image29472028113913" src="en-us_image_0000002385628601.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
<p id="EN-US_TOPIC_0105127983__p17902620115818">For details about how to modify a security group rule, see <a href="https://docs.otc.t-systems.com/virtual-private-cloud/umn/access_control/security_group/managing_security_group_rules/modifying_a_security_group_rule.html#vpc-securitygroup-0005" target="_blank" rel="noopener noreferrer">Modifying a Security Group Rule</a>.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p1477817466141">After you perform the preceding operations, try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section21752310487"><a name="EN-US_TOPIC_0105127983__section21752310487"></a><a name="section21752310487"></a><h4 class="sectiontitle">Checking Whether the Remote Access Port Is Correctly Configured</h4><div class="p" id="EN-US_TOPIC_0105127983__p1044583465313">Check ECS settings.<ol id="EN-US_TOPIC_0105127983__ol5272141013449"><li id="EN-US_TOPIC_0105127983__li2383194220591">Check whether the sshd process is running.</li><li id="EN-US_TOPIC_0105127983__li2038419420596">Check whether your local PC is denied by the ECS.<ol type="a" id="EN-US_TOPIC_0105127983__ol173841842175918"><li id="EN-US_TOPIC_0105127983__li83841042185913">Log in to the ECS and run the following command:<p id="EN-US_TOPIC_0105127983__p1038416422596"><a name="EN-US_TOPIC_0105127983__li83841042185913"></a><a name="li83841042185913"></a><strong id="EN-US_TOPIC_0105127983__b133841742135916">vi /etc/hosts.deny</strong></p>
|
|
</li><li id="EN-US_TOPIC_0105127983__li9384174285913">If the IP address of the local PC is in the <strong id="EN-US_TOPIC_0105127983__b5789124911314">hosts.deny</strong> file, the ECS denies connection attempts from the local PC. In such a case, delete the IP address from the file.</li></ol>
|
|
</li><li id="EN-US_TOPIC_0105127983__li3384174213595">Open the <strong id="EN-US_TOPIC_0105127983__b84235270691732">/etc/ssh/ssh_config</strong> file in the local PC and view the default login port. Then, open the <strong id="EN-US_TOPIC_0105127983__b8423527069183">/etc/ssh/sshd_config</strong> file in the ECS and check whether the SSH port is the default port 22.<p id="EN-US_TOPIC_0105127983__p1338416421592"><span><img id="EN-US_TOPIC_0105127983__image1638434211593" src="en-us_image_0164069962.png" title="Click to enlarge" class="imgResize"></span></p>
|
|
</li></ol>
|
|
</div>
|
|
<p id="EN-US_TOPIC_0105127983__p882814601513">After you perform the preceding operations, try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section9583105919232"><a name="EN-US_TOPIC_0105127983__section9583105919232"></a><a name="section9583105919232"></a><h4 class="sectiontitle">Checking the IP Address Whitelist for SSH Logins (with HSS Enabled)</h4><p id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_p7113171462414">After HSS is enabled, you can configure an IP address whitelist for SSH logins as required. The IP address whitelist controls SSH access to ECSs, effectively preventing account cracking.</p>
|
|
<p id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_p1537965917243">After you configure the allowlist, SSH logins will be allowed only from IP addresses in the allowlist.</p>
|
|
<ol id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_ol17858115432815"><li id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_li3858554102817">On the <strong id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_b6481153113810">Events</strong> page, check whether a local host IP address is intercepted due to brute force cracking.</li><li id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_li685885412284">Check whether the IP address whitelist for SSH logins has been enabled. If it has been enabled, ensure that the IP address of the local host has been added to the IP address whitelist.<div class="caution" id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_note2090824103216"><span class="cautiontitle"><img src="public_sys-resources/caution_3.0-en-us.png"> </span><div class="cautionbody"><ul id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_ul1937912596242"><li id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_li15379185932417">Before enabling the whitelist to control SSH logins, ensure that all IP addresses that need to initiate SSH logins are added to the allowlist. Otherwise, you cannot remotely log in to your ECS through SSH.</li><li id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_li1437935912246">Exercise caution when adding a local IP address to the allowlist. This will make HSS no longer restrict access from this IP address to your ECSs.</li></ul>
|
|
</div></div>
|
|
<p id="EN-US_TOPIC_0105127983__en-us_topic_0018073217_p19801141612346">For more details, see <a href="https://docs.otc.t-systems.com/host-security-service/umn/enabling_hss/common_security_configuration/configuring_server_login_protection.html#hss-01-0566" target="_blank" rel="noopener noreferrer">Configuring Server Login Protection</a>.</p>
|
|
</li></ol>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section1977334311553"><a name="EN-US_TOPIC_0105127983__section1977334311553"></a><a name="section1977334311553"></a><h4 class="sectiontitle">Checking Whether an OS Fault Has Occurred</h4><ul id="EN-US_TOPIC_0105127983__ul155211803"><li id="EN-US_TOPIC_0105127983__li16558114020">Password injection failure<p id="EN-US_TOPIC_0105127983__p755611201"><a name="EN-US_TOPIC_0105127983__li16558114020"></a><a name="li16558114020"></a>The password failed to be injected using Cloud-Init.</p>
|
|
</li><li id="EN-US_TOPIC_0105127983__li3551311402">File system damaged after a forcible stop<p id="EN-US_TOPIC_0105127983__p855161113016"><a name="EN-US_TOPIC_0105127983__li3551311402"></a><a name="li3551311402"></a>There is a low probability that the file system is damaged after a forcible stop, which causes the ECS fails to be restarted. For details, see <a href="en-us_topic_0102008259.html">Why Does a Forcibly-Stopped Linux ECS Fail to Be Restarted?</a></p>
|
|
</li></ul>
|
|
<p id="EN-US_TOPIC_0105127983__p127732436552">After you perform the preceding operations, try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section58504535542"><a name="EN-US_TOPIC_0105127983__section58504535542"></a><a name="section58504535542"></a><h4 class="sectiontitle">Checking Whether the Access Is Blocked by Antivirus Software</h4><p id="EN-US_TOPIC_0105127983__p1452222592019">Third-party antivirus software may lead to a failure in accessing the ECS.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p8781145617549">If third-party antivirus software is running, check whether the remote connection is blocked by the software. If the remote connection is blocked, add the <span id="EN-US_TOPIC_0105127983__text11651201111111">EIP</span> bound to the ECS to the whitelist of the antivirus software and try to access the ECS again.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p8796113519412">You can also disable or uninstall the third-party antivirus software and try to remotely log in to the ECS again.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0105127983__section331935012531"><a name="EN-US_TOPIC_0105127983__section331935012531"></a><a name="section331935012531"></a><h4 class="sectiontitle">Checking Whether an Error Occurred During a Remote Login</h4><p id="EN-US_TOPIC_0105127983__p112001124133117">If an error message is displayed during remote login, check the operation guide based on the error information.</p>
|
|
<p id="EN-US_TOPIC_0105127983__p19875155920158">If the fault persists, record the resource details and fault occurrence time, and contact technical support for assistance.</p>
|
|
</div>
|
|
<p id="EN-US_TOPIC_0105127983__p362342411620"></p>
|
|
<p id="EN-US_TOPIC_0105127983__p73821810115012">If the fault persists after the preceding operations are performed, record the resource details and fault occurrence time, and contact customer service for technical support.</p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0208790595.html">Remote Logins</a></div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script language="JavaScript">
|
|
<!--
|
|
image_size('.imgResize');
|
|
var msg_imageMax = "view original image";
|
|
var msg_imageClose = "close";
|
|
//--></script> |