Incident: Broken SSH Access

Description

Users cannot SSH into a server due to misconfiguration or permission issues.

Symptoms

• Connection refused or timed out
• Permission denied error
• Users locked out after SSH key change

Root Cause Checklist

• Wrong file permissions on .ssh/authorized_keys?
• SSH service down?
• Firewall rules changed?
• SSH daemon misconfigured?

Resolution Steps

1. Gain emergency access (console/Proxmox/IPMI)
2. Check SSH service:

   systemctl status sshd
   journalctl -u sshd
   

3. Check user permissions:

   ls -la ~/.ssh
   chmod 700 ~/.ssh
   chmod 600 ~/.ssh/authorized_keys
   

4. Validate config:

   sshd -t
   

Preventive Actions

• Always test new SSH settings in parallel session
• Use fallback user or console access
• Enable monitoring on SSH status

Tools & Commands

• systemctl, sshd -t, chmod, firewall-cmd, emergency console