Spent a full weekend figuring out why my home server kept locking me out

I set up a new firewall rule on Friday night to block a weird port scan I saw, but I must have messed up the syntax. It ended up blocking my own SSH access from my laptop. I spent all Saturday and most of Sunday (like 14 hours total) checking logs and trying to remember if I'd set up a local console password (I hadn't). Finally got back in by driving to my friend's place to use his computer and connect through a VPN tunnel I'd forgotten about. Has anyone else had a simple config change spiral like that?

3 comments

3 Comments

the_kim2mo ago

That "simple config change spiral" is the worst. You start with one tiny fix and end up in a full blown lockout crisis. Makes you wonder why we never test from a backup connection first, right?

cooper.viola2mo ago

My personal record is three hours locked out of my own server.

rubyreed1mo ago

Three hours sounds rough, @cooper.viola. I started keeping a cheap 4G USB dongle in my bag after a similar six hour nightmare. Now before I touch any config file I plug that thing in and set it up as a backup SSH route. It takes five minutes but it saves me every time. The trick is to test the backup connection before you make any changes, not after you break the main one. Once you have that safety net you can mess around with configs without that panic feeling.