Cannot SSH or WinSCP connect to the controller
Hi all,
Controller is axc f2152.
I can ping the controller through cmd and can also open the web management, but whenever I try to connect through Putty or WinSCP I get a connection refused error.
All other functionality is nominal Engineer connects, controller runs Modbus TCP client etc..
Is there any suggestion to troubleshoot that?
Vaggelis
Comments
What is the result of this command from the Windows command prompt (where x.x.x.x is the IP address of the controller):
?
Hi Martin,
The reply is
ssh: connect to host 192.168.130.10 port 22: Connection refusedHello Vaggelis,
could you try to proceed the reset Type 1 via following command line:
sudo recover-axcf2152 1
After the reset, try to connect as Martin suggested (the Ehernet Adapter IP should be in the same network e.g. 192.168.1.200):
BR Eduard
Hello Vaggelis,
did you:
1. enable the firewall in your WBM?
2. delete the admin user ?
3.try to login with another user (that does not have Admin privileges)?
something similar?
You can also try:
"ssh -v 192.168.130.10"
for detailed information.
It is possible that your PC is blocking outgoing connections for WinSCP/Putty check that in your firewall as well.
check at
/c/Users/xxx/.ssh/known_hosts
If you have an entry for 192.168.130.10 maybe a mismatching certificate entry is stopping the connection (you can simply delete an entry there.)
Hi all,
Firewall on PLC is not enabled, firewall manager is also disabled as a system service.
Firewall on PC doesn't block ssh connection as I can ssh in other linux devices in the same network.
I haven't deleted admin user, and there are no entries in
/c/Users/xxx/.ssh/known_hosts.I did though at some point permitted ssh root login, so I could give admin write access to
/var/www/plcnext/redirectMaybe there is another way to do that...
I cannot right now reset the controller as it is operational on-site.
Hello Vaggelis,
so you edited the sshd.config.
It is possible that there is a configuration issue there which causes the SSHD to crash. (thats the worst case)
What happens when you login without specifiying the user directly is the server responding?
You can try again login in through root user again?
Did you maybe also add keybased login and the Certificate on your PC and it no longer matches the device?
try this to fore Password login
or
Please try creating a user through the WBM UserManagement with Admin privilegs and then login using that user.
Once logged in check if you can switch user to the admin user. "su admin"
Check the File "/opt/plcnext/projects/Default/System/Um/Users.config"
Hi Oliver,
Login without specifying the user directly, results again in
The same happens when trying to force the password login and when another user with admin rights tries to login.
When configuring the sshd config I only permitted root login, didn't change anything else.
Hello Vaggellis,
after editing the root login permissions you were still able to create login sessions fine ? (even after a plc reboot or sshd restart)
You could use the OPC UA File Transfer to verify the contents of your sshd.conf file
I can only imagine that either:
A. The sshd is not running because some configuration issue in the sshd config file.
(You could check via nmap if the Port is open.)
(You could use the OPC UA File Transfer to verify the contents of your sshd.conf file https://youtu.be/Jgwt_0y5aCw)
B. Some firewall rule is blocking SSH.
(double check WBm configuration, did you do additional rules?)
(or install software the sets up routes , like docker or something?)
C. Maybe the wrong device responds (multiple networks connected?) -> check MAC through arp table.
kind regards,
Oliver
Hi again Oliver ant thanks for your fast response,
A)
Can I send you somewhere the sshd_config just to check?
B)
Haven't used any routing software/docker/etc..
Also firewall on PLC side was stopped(no additional rules were created ever) and firewall management system service was deactivated last time I managed to connect.
C)
Hello Vaggelis,
I contacted you via mail for the file.
We can see that SSH port is closed so the SSH Daemon is probably not running at all.
You can check if it is still the same after a reboot?
Mmaybe it crashed due to some connection (but i have never seen such behavior yet.)
Or you might have to do a reset type 1.
If you are using an external SD Card you could plug it into a PC with linux file system (ext4) support and try to revert the changes done to your sshd config.
kind regards,
Oliver
Hi Oliver,
Just replied at your mail with he attached configuration file.
It is the sane after reboot and I am not using an external SD card(maybe I should though), I think it all goes down to a reset type 1.
Is there a possibility I can write the original files(having to do with ssh) through OPC UA, and daemon starts after a reboot?