Permission denied when enabling SSH

tux19 · April 30, 2022, 10:14am

I am running vyos as VM on my Proxmox host. After solving troubles with my (passedthrough) network card, I could not enable SSH anymore via the vyos CLI. Thinking I must have broke something while fixing the network card, I rolled back to a earlier snapshot and reapplied the configuration.

This worked great for a few days, but yesterday the SSH config was gone again and I could not reenable it. Between restoring the snapshot and the reappearance of the issue, I did not change a lot except modifying a few NAT rules.

I get:

VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
  https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
  https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
  https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
  https://vyos.slack.com

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
  business policy requires it)
- and include all the information presented below

Report time:      2022-04-30 09:50:22
Image version:    VyOS 1.3-rolling-202203212131
Release train:    equuleus

Built by:         vyos_bld@246df251b6d7
Built on:         Mon 21 Mar 2022 21:31 UTC
Build UUID:       e008a1ee-0042-4410-94fe-c77bc8a7acaf
Build commit ID:  1c96b450e598ed

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (i440FX + PIIX, 1996)
Hardware S/N:
Hardware UUID:    68806dd7-6d75-4db5-a778-97e6f18ed101

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/ssh.py", line 89, in <module>
    generate(c)
  File "/usr/libexec/vyos/conf_mode/ssh.py", line 70, in generate
    render(systemd_override, 'ssh/override.conf.tmpl', ssh)
  File "/usr/lib/python3/dist-packages/vyos/template.py", line 120, in render
    with open(destination, "w") as file:
PermissionError: [Errno 1] Operation not permitted: '/etc/systemd/system/ssh.service.d/override.conf'



[[service ssh]] failed
Commit failed

I could rebuild the ISO, recreate the VM and the issue would most likely be gone. But I’m curious what the reason is, and how to debug this case.

Any ideas or help is appreciated

c-po · April 30, 2022, 4:33pm

Hi @tux19,

please also share your steps prior running commit which triggered this error.

Thanks,
Christian

tux19 · April 30, 2022, 6:59pm

Hi Christian,

Here is the history of this instance:

command history

1  2022-03-25T12:39:02+0000 set interfaces ethernet eth1 dhcpv6-options pd 0 length '56'
    2  2022-03-25T12:39:57+0000 delete interfaces ethernet eth1 dhcpv6-options pd 0 interface eth2.9 address '9'
    ...
  115  2022-03-25T15:35:54+0000 show bridge br0
  116  2022-03-25T15:36:01+0000 run show bridge br0
  117  2022-03-25T15:36:05+0000 run show bridge br0 spanning-tree
  118  2022-03-25T15:39:12+0000 run show interfaces
  119  2022-03-25T15:41:00+0000 set interfaces bridge br0 member interface eth3
  121  2022-03-25T15:41:12+0000 run show interfaces
  122  2022-03-25T15:42:15+0000 run show configuration
  123  2022-03-25T15:43:14+0000 set interfaces ethernet eth0 hw-id CE:E6:F5:4F:35:F8
  125  2022-03-25T15:43:26+0000 run show bridge br0 spanning-tree
  126  2022-03-25T15:50:28+0000 set service dhcp-server shared-network-name 'LAN' subnet 192.168.15.0/24 name-server 192.168.15.2
  127  2022-03-25T15:51:05+0000 delete system name-server 213.144.129.20
  128  2022-03-25T15:51:34+0000 set system name-server 192.168.15.2
  129  2022-03-25T15:51:54+0000 delete system name-server 77.109.128.2
  133  2022-03-25T16:21:59+0000 echo $(pwd)
  134  2022-03-25T16:22:18+0000 history > hist.log
  135  2022-03-25T16:28:06+0000 run show configuration
  136  2022-03-25T16:29:45+0000 delete service dhcp-server shared-network-name 'LAN' subnet 192.168.15.0/24 name-server 192.168.15.1
  139  2022-03-25T16:39:25+0000 history
  146  2022-03-25T17:05:56+0000 show dhcp server statistics
  147  2022-03-25T17:06:13+0000 show dhcp server leases
  148  2022-03-25T17:08:10+0000 show dhcp server leases
  149  2022-03-25T17:12:34+0000 show dhcp server leases
  150  2022-03-25T17:17:02+0000 show dhcp server leases
  151  2022-03-25T20:39:29+0000 show dhcp server leases
  152  2022-03-25T20:40:07+0000 ping 192.168.15.3
  153  2022-03-25T20:40:17+0000 ping 192.168.1.170
  154  2022-03-25T20:41:16+0000 ping 192.168.1.140
  155  2022-03-25T20:41:43+0000 ping 192.168.1.140
  156  2022-03-25T20:42:13+0000 show dhcp server leases
  157  2022-03-25T20:45:57+0000 show dhcp server leases
  158  2022-03-25T20:46:10+0000 ping 192.168.15.3
  159  2022-03-25T23:48:41+0000 run show configuration
  160  2022-03-25T23:48:47+0000 show configuration
  162  2022-03-25T23:51:46+0000 set interfaces ethernet eth0 hw-id CE:E6:F5:4F:35:F8
  166  2022-03-25T23:53:44+0000 run show interfaces ethernet eth2 physical
  167  2022-03-25T23:54:11+0000 run show interfaces ethernet eth1 physical
  168  2022-03-25T23:55:05+0000 run show interfaces bridge br0  physical
  169  2022-03-25T23:55:11+0000 run show interfaces bridge br0
  170  2022-03-26T00:02:03+0000 iperf
  171  2022-03-26T00:02:07+0000 iperf3
  172  2022-03-26T00:02:10+0000 iperf3 -s
  173  2022-03-26T00:12:34+0000 run ip addr show
  174  2022-03-26T00:12:38+0000 ip addr show
  175  2022-03-26T00:13:28+0000 set interfaces ethernet eth2 speed 10000
  177  2022-03-26T00:14:03+0000 set interfaces ethernet eth2 duplex full
  178  2022-03-26T00:14:06+0000 set interfaces ethernet eth2 speed 10000
  183  2022-03-26T00:16:54+0000 set interfaces ethernet eth2 speed auto
  185  2022-03-26T00:17:01+0000 set interfaces ethernet eth2 speed auto
  187  2022-03-26T00:17:17+0000 set interfaces ethernet eth2 duplex auto
  190  2022-03-26T00:35:12+0000 iperf3 -s
  191  2022-03-26T00:35:18+0000 iperf3 -s
  192  2022-03-26T00:35:32+0000 ps -ef
  195  2022-03-26T00:35:55+0000 iperf3 -s
  196  2022-03-26T00:39:04+0000 iperf3 -s
  197  2022-03-26T00:14:39+0000 iperf3 -s
  198  2022-03-26T09:18:21+0000 show configuration
  200  2022-03-26T09:20:26+0000 delete system name-server 77.109.128.2
  201  2022-03-26T09:21:04+0000 set system name-server 192.168.15.2
  202  2022-03-26T09:21:58+0000 delete system name-server 213.144.129.20
  203  2022-03-26T09:22:28+0000 delete service dhcp-server shared-network-name 'LAN' subnet 192.168.15.0/24 name-server 192.168.15.1
  204  2022-03-26T09:22:44+0000 set service dhcp-server shared-network-name 'LAN' subnet 192.168.15.0/24 name-server 192.168.15.2
  208  2022-03-26T09:33:25+0000 history
  227  2022-03-26T14:24:06+0000 set nat destination rule 100 description "HTTPS to Bastion"
  228  2022-03-26T14:24:27+0000 set nat destination rule 100 destination port '443'
  229  2022-03-26T14:24:51+0000 set nat destination rule 100 inbound-interface 'eth1'
  230  2022-03-26T14:25:01+0000 set nat destination rule 100 protocol 'tcp'
  231  2022-03-26T14:26:18+0000 set nat destination rule 100 translation address '192.168.15.3'
  232  2022-03-26T14:26:46+0000 set nat destination rule 100 translation port '8006'
  234  2022-03-26T14:30:11+0000 run show configuration
  235  2022-03-26T15:06:18+0000 delete nat destination rule 100 translation address '192.168.15.3'
  236  2022-03-26T15:06:41+0000 set nat destination rule 100 translation address '192.168.15.105'
  237  2022-03-26T15:06:52+0000 delete nat destination rule 100 translation port '8006'
  239  2022-03-26T15:15:45+0000 history
  240  2022-03-26T15:17:57+0000 ip addr show
  241  2022-03-26T15:20:51+0000 show nat destination rule 100
  244  2022-03-26T15:21:26+0000 show nat destination statistics
  245  2022-03-26T15:21:42+0000 show nat destination translations
  246  2022-03-26T15:42:02+0000 set nat destination rule 100 translation address '192.168.15.4'
  248  2022-03-26T15:42:10+0000 set nat destination rule 100 translation address '192.168.15.4'
  249  2022-03-26T15:42:22+0000 delete nat destination rule 100 translation address '192.168.15.105'
  252  2022-03-26T15:43:44+0000 run show configuration
  253  2022-03-26T15:44:22+0000 set nat destination rule 105 description "HTTP to Bastion"
  254  2022-03-26T15:44:43+0000 set nat destination rule 105 destination port '80'
  255  2022-03-26T15:44:57+0000 set nat destination rule 105 inbound-interface 'eth1'
  256  2022-03-26T15:45:24+0000 set nat destination rule 105 protocol 'tcp'
  257  2022-03-26T15:45:38+0000 set nat destination rule 105 translation address '192.168.15.4'
  260  2022-03-26T15:51:11+0000 ping vaettis.christianott.ch
  262  2022-03-27T09:42:13+0000 history
  263  2022-03-28T19:56:10+0000 run show configuration
  264  2022-03-28T19:57:46+0000 set service dhcpv6-relay listen-interface br0
  265  2022-03-28T19:58:08+0000 set service dhcpv6-relay upstream-interface eth1 address 192.168.
  266  2022-03-28T19:58:11+0000 set service dhcpv6-relay upstream-interface eth1 address 192.168.1.1
  267  2022-03-28T19:58:21+0000 set service dhcpv6-relay upstream-interface eth1 address 192.168.1.1/24
  268  2022-03-28T19:59:07+0000 set service dhcpv6-relay upstream-interface eth1 address 192.168.1.1
  270  2022-03-28T20:01:11+0000 set service dhcpv6-relay upstream-interface eth1 address  2a02:168:677a::1
  272  2022-03-28T20:03:47+0000 show ipv6
  273  2022-03-28T20:03:52+0000 run show ipv6
  274  2022-03-28T20:04:55+0000 set interfaces ethernet eth1 address 'dhcpv6'
  275  2022-03-28T20:06:42+0000 delete interfaces ethernet eth1 dhcpv6-options pd 0 interface eth2.9 address '9'
  276  2022-03-28T20:07:10+0000 delete interfaces ethernet eth1 dhcpv6-options pd 0 interface eth2.9
  277  2022-03-28T20:07:42+0000 delete interfaces ethernet eth1 dhcpv6-options pd 0 interface eth2
  278  2022-03-28T20:07:56+0000 set interfaces ethernet eth1 dhcpv6-options pd 0 interface br0
  280  2022-03-28T20:08:06+0000 ip addr show
  281  2022-03-28T20:10:00+0000 run show interfaces
  283  2022-03-29T15:46:35+0000 show configuration
  288  2022-03-29T16:32:08+0000 show configuration
  289  2022-03-29T16:32:21+0000 show interfaces
  290  2022-03-29T16:32:41+0000 show interfaces
  293  2022-03-29T16:46:06+0000 show interfaces
  294  2022-03-29T16:46:20+0000 show configuration
  295  2022-03-29T16:47:23+0000 ipconfig
  296  2022-03-29T16:47:27+0000 ifconfig
  297  2022-03-29T16:47:54+0000 ifconfig
  298  2022-03-29T16:48:04+0000 ifconfig
  299  2022-03-29T16:49:28+0000 ifconfig
  300  2022-03-29T16:51:41+0000 ifconfig
  301  2022-03-29T16:52:55+0000 show interfaces ethernet eth0 physical
  302  2022-03-29T16:53:21+0000 show interfaces ethernet eth01 physical
  303  2022-03-29T16:53:26+0000 show interfaces ethernet eth1 physical
  304  2022-03-29T16:53:54+0000 show interfaces ethernet eth2 physical
  305  2022-03-29T16:54:08+0000 show interfaces ethernet eth3 physical
  306  2022-03-29T16:54:19+0000 show interfaces ethernet eth4 physical
  307  2022-03-29T16:54:52+0000 ifconfig
  308  2022-03-29T16:54:59+0000 ifconfig
  309  2022-03-29T16:55:24+0000 show interfaces
  310  2022-03-29T16:55:33+0000 ifconfig
  311  2022-03-29T16:55:39+0000 show interfaces
  312  2022-03-29T16:55:56+0000 show interfaces
  313  2022-03-29T16:56:39+0000 show interfaces
  314  2022-03-29T16:57:27+0000 show configuration
  315  2022-03-29T16:58:22+0000 BBc
  317  2022-03-29T16:59:06+0000 delete interfaces ethernet eth0
  318  2022-03-29T16:59:12+0000 delete interfaces ethernet eth4
  320  2022-03-29T16:59:51+0000 delete interfaces bridge br0 member interface eth0
  322  2022-03-29T17:00:40+0000 run show interfaces
  323  2022-03-29T17:01:05+0000 show ifconfig
  324  2022-03-29T17:01:37+0000 run show interfaces ethernet detail
  326  2022-03-29T17:02:03+0000 run show interfaces ethernet detail
  332  2022-03-29T17:11:16+0000 show ifconfig
  333  2022-03-29T17:11:25+0000 ifconfig
  334  2022-03-29T17:11:58+0000 run show interfaces ethernet detail
  335  2022-03-29T17:12:04+0000 show interfaces ethernet detail
  336  2022-03-29T17:13:47+0000 edit
  338  2022-03-29T17:14:10+0000 set interfaces bridge br0 member interface eth3
  340  2022-03-29T17:14:24+0000 ping 192.168.15.2
  342  2022-03-29T17:15:07+0000 show configuration
  344  2022-03-29T17:15:12+0000 show configuration
  347  2022-03-29T17:18:16+0000 set interfaces ethernet eth3 hw-id 7A:46:51:3B:13:79
  349  2022-03-29T17:18:28+0000 show configuration
  350  2022-03-29T17:18:36+0000 run show configuration
  352  2022-03-29T17:19:04+0000 ping 192.168.15.3
  353  2022-03-29T17:19:12+0000 ping 192.168.15.3
  354  2022-03-29T17:23:25+0000 ping 192.168.15.3
  355  2022-03-29T17:23:33+0000 ping 192.168.15.2
  356  2022-03-29T17:23:45+0000 show configuration
  357  2022-03-29T17:30:49+0000 ping 192.168.1.1
  358  2022-03-29T17:32:19+0000 ping 192.168.1.3
  359  2022-03-29T17:32:25+0000 ping 192.168.15.3
  360  2022-03-29T17:32:40+0000 ping 192.168.15.3
  362  2022-03-29T19:27:42+0000 show configuration
  364  2022-03-29T19:28:36+0000 show interfwces
  365  2022-03-29T19:28:43+0000 show interfaces
  367  2022-03-29T19:28:53+0000 show interfaces
  368  2022-03-29T19:29:28+0000 show interfaces ethernet detail
  370  2022-03-29T19:30:25+0000 set interfaces ethernet eth0 address dhcp
  371  2022-03-29T19:31:00+0000 set interfaces ethernet eth4 address dhcp
  373  2022-03-29T19:31:12+0000 ip addr show
  374  2022-03-29T19:32:17+0000 ip addr show
  377  2022-03-29T19:39:34+0000 nano /etc/modprobe.d/ixgbe-options.conf
  378  2022-03-29T19:42:04+0000 show interfaces ethernet eth0
  384  2022-03-29T19:47:18+0000 show interfaces ethernet eth0 physical
  385  2022-03-29T19:47:37+0000 show interfaces ethernet eth0 transceiver
  386  2022-03-29T19:48:34+0000 show interfaces ethernet eth0 identify
  387  2022-03-29T19:52:04+0000 ip addr show
  388  2022-03-29T19:56:32+0000 ip addr show
  389  2022-03-29T19:56:45+0000 show interfaces ethernet eth0 physical
  390  2022-03-29T20:10:43+0000 dmesg
  392  2022-03-29T20:12:29+0000 nano /etc/modprobe.d/ixgbe-options.conf
  393  2022-03-29T20:12:41+0000 fg
  394  2022-03-29T20:12:52+0000 sudo nano /etc/modprobe.d/ixgbe-options.conf
  395  2022-03-29T20:13:11+0000 rmmod ixgbe; modprobe ixgbe
  396  2022-03-29T20:23:29+0000 sudo nano /etc/modprobe.d/ixgbe-options.conf
  397  2022-03-29T20:23:37+0000 rmmod ixgbe; modprobe ixgbe
  401  2022-03-29T20:26:15+0000 ip addr show
  402  2022-03-29T20:26:32+0000 ip addr show
  405  2022-03-29T20:28:33+0000 show interfaces ethernet detail
  406  2022-03-29T20:29:21+0000 show interfaces ethernet eth0 transceiver
  407  2022-03-29T20:29:32+0000 show interfaces ethernet eth4 transceiver
  408  2022-03-29T20:29:57+0000 show configuration
  410  2022-03-29T20:33:44+0000 sudo nano /boot/grub/grub.cfg
  411  2022-03-29T20:34:33+0000 sudo nano /etc/default/grub
  412  2022-03-29T20:36:50+0000 echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf
  413  2022-03-29T20:36:57+0000 sudo echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf
  414  2022-03-29T20:37:35+0000 sudo sh -c "echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf
  415  2022-03-29T20:40:52+0000 "
  416  2022-03-29T20:37:55+0000 sudo sh -c "echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf"
  418  2022-03-29T20:38:19+0000 sudo sh -c "echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf"
  419  2022-03-29T20:38:51+0000 sudo sh -c 'echo "options ixgbe allow_unsupported_sfp=1,1" > /etc/modprobe.d/ixgbe-options.conf'
  421  2022-03-29T20:39:13+0000 depmod -a
  422  2022-03-29T20:39:20+0000 sudo depmod -a
  423  2022-03-29T20:39:43+0000 sudo update-initramfs -u
  425  2022-03-29T20:41:05+0000 ip addr show
  427  2022-03-29T20:42:56+0000 ip addr show
  428  2022-03-29T20:43:43+0000 rmmod ixgbe; modprobe ixgbe
  429  2022-03-29T20:46:54+0000 sudo sh -c 'echo "options ixgbe allow_unsupported_sfp=1" > /etc/modprobe.d/ixgbe-options.conf'
  430  2022-03-29T20:46:59+0000 rmmod ixgbe; modprobe ixgbe
  431  2022-03-29T20:47:14+0000 show interfaces ethernet eth0 physical
  432  2022-03-29T20:50:35+0000 sudo sh -c 'echo "options ixgbe allow_unsupported_sfp=1" > /etc/modprobe.d/i40e.conf'
  433  2022-03-29T20:50:49+0000 ethtool
  434  2022-03-29T20:50:55+0000 ethtool eth0
  435  2022-03-29T20:52:19+0000 ethtool -i eth0
  436  2022-03-29T20:52:25+0000 ethtool -i eth4
  437  2022-03-29T20:53:04+0000 ethtool -m eth4
  438  2022-03-29T20:53:11+0000 ethtool -m eth0
  439  2022-03-29T21:00:48+0000 show interfaces
  440  2022-03-29T21:01:06+0000 show interfaces bridge
  441  2022-03-29T21:01:10+0000 show interfaces bridge br0
  443  2022-03-29T21:01:21+0000 show interfaces bridge
  446  2022-03-29T21:02:32+0000 ip addr show
  447  2022-03-29T21:06:40+0000 lspci -n
  448  2022-03-29T21:17:41+0000 cd x710-unlocker/
  449  2022-03-29T21:17:45+0000 make
  450  2022-03-29T21:18:36+0000 gcc
  451  2022-03-29T21:18:40+0000 make
  452  2022-03-29T21:19:07+0000 make all
  453  2022-03-29T21:20:04+0000 g++
  454  2022-03-29T21:20:27+0000 sudo apt install build-essential
  456  2022-03-29T21:28:08+0000 chmod +x xl710_unlock
  458  2022-03-29T21:28:44+0000 ./xl710_unlock -n eth4
  459  2022-03-29T21:28:49+0000 sudo ./xl710_unlock -n eth4
  460  2022-03-29T21:29:58+0000 sudo ./xl710_unlock -n eth4
  461  2022-03-29T22:00:10+0000 nvmupdate64e
  462  2022-03-29T22:00:20+0000 nvmupdate64e
  463  2022-03-29T22:08:29+0000 sudo ./mytool
  464  2022-03-29T22:09:24+0000 lscpi -n
  465  2022-03-29T22:09:36+0000 lspci -n
  466  2022-03-29T22:10:11+0000 lspci -n
  467  2022-03-29T22:10:15+0000 sudo ./mytool
  469  2022-03-29T22:13:21+0000 cd 700/
  472  2022-03-29T22:14:48+0000 sudo ./nvmupdate64e
  473  2022-03-29T22:16:30+0000 sudo ./nvmupdate64e -f
  474  2022-03-29T22:18:54+0000 nano nvmupdate.cfg
  475  2022-03-29T22:20:09+0000 sudo ./nvmupdate64e -h
  476  2022-03-29T22:20:21+0000 sudo ./nvmupdate64e -i
  477  2022-03-29T22:20:52+0000 sudo ./nvmupdate64e -RecoveryDevices
  478  2022-03-29T22:23:09+0000 sudo ./nvmupdate64e -u -RecoveryDevices
  479  2022-03-29T22:23:46+0000 sudo ./nvmupdate64e -i -RecoveryDevices
  481  2022-03-29T22:25:38+0000 sudo ./nvmupdate64e
  482  2022-03-29T22:25:45+0000 cd 700/
  483  2022-03-29T22:25:47+0000 sudo ./nvmupdate64e
  484  2022-03-29T22:27:48+0000 ifconfig
  485  2022-03-29T22:28:12+0000 dmesg
  487  2022-03-29T22:29:20+0000 sudo sh -c 'echo "options ixgbe allow_unsupported_sfp=1" > /etc/modprobe.d/ixgbe-options.conf'
  488  2022-03-29T22:29:31+0000 history
  489  2022-03-29T22:29:46+0000 sudo depmod -a
  490  2022-03-29T22:30:16+0000 sudo update-initramfs -u
  492  2022-03-29T22:32:03+0000 lspci -n
  493  2022-03-29T22:32:19+0000 cd 700/
  494  2022-03-29T22:32:28+0000 sudo ./nvmupdate64e
  495  2022-03-29T22:32:39+0000 sudo ./nvmupdate64e -i
  496  2022-03-29T22:33:06+0000 sudo ./nvmupdate64e -i
  497  2022-03-29T22:33:09+0000 lspci -n
  498  2022-03-29T22:34:01+0000 sudo ./nvmupdate64e -8086:1572 -i
  499  2022-03-29T22:34:09+0000 sudo ./nvmupdate64e -location 8086:1572 -i
  500  2022-03-29T22:34:16+0000 sudo ./nvmupdate64e -location 8086:1572 -u
  501  2022-03-29T22:34:31+0000 sudo ./nvmupdate64e -location 8086:1572 -u -f
  502  2022-03-29T22:34:34+0000 sudo ./nvmupdate64e -location 8086:1572
  503  2022-03-29T22:34:49+0000 ifconfig
  504  2022-03-29T22:36:04+0000 ifconfig
  505  2022-03-29T22:36:15+0000 dmesg
  507  2022-03-29T22:38:53+0000 ethtool
  508  2022-03-29T22:38:58+0000 ethtool -h
  509  2022-03-29T22:39:09+0000 ethtool -l
  510  2022-03-29T22:39:22+0000 ethtool -l eth4
  511  2022-03-29T22:41:03+0000 show interfaces
  512  2022-03-29T22:42:14+0000 sudo ./nvmupdate64e
  513  2022-03-29T22:42:19+0000 cd 700/
  514  2022-03-29T22:42:20+0000 sudo ./nvmupdate64e
  515  2022-03-29T22:43:21+0000 lspci -vv | grep -i 'Intel Corporation Ethernet Controller X710'
  516  2022-03-29T22:43:53+0000 ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  517  2022-03-29T22:43:58+0000 sudo ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  518  2022-03-29T22:45:27+0000 cd 700/
  519  2022-03-29T22:45:32+0000 sudo ./nvmupdate64e
  520  2022-03-29T22:46:25+0000 ethtool -l eth4
  521  2022-03-29T22:46:38+0000 show interfaces
  522  2022-03-29T22:47:03+0000 show interfaces ethernet detail
  523  2022-03-29T22:47:24+0000 ethtool eth4
  524  2022-03-29T22:47:37+0000 show interfaces ethernet detail
  525  2022-03-29T22:47:51+0000 ethtool eth0
  526  2022-03-29T22:48:38+0000 show interfaces ethernet eth0 brief
  527  2022-03-29T22:48:48+0000 show interfaces ethernet eth0 physical
  528  2022-03-29T22:49:13+0000 sudo ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  529  2022-03-29T22:49:47+0000 sudo ./nvmupdate64e
  530  2022-03-29T22:51:02+0000 ip addr show
  531  2022-03-29T22:52:17+0000 sudo ./mytool
  532  2022-03-29T22:54:17+0000 ip addr show
  533  2022-03-29T22:54:48+0000 sudo ./mytool
  534  2022-03-29T22:54:58+0000 sudo ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  535  2022-03-29T22:55:09+0000 cd 700/
  536  2022-03-29T22:55:10+0000 sudo ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  537  2022-03-29T22:55:37+0000 show configuration
  539  2022-03-29T22:56:24+0000 set interfaces ethernet eth4 address dhcp
  544  2022-03-29T22:57:55+0000 show interfaces ethernet detail
  545  2022-03-29T22:58:28+0000 show interfaces ethernet eth0 physical
  546  2022-03-29T22:59:03+0000 show interfaces ethernet eth4 physical
  548  2022-03-29T22:59:21+0000 set interfaces ethernet eth0 address dhcp
  550  2022-03-29T22:59:58+0000  ip link set dev eth0 up
  551  2022-03-29T23:00:03+0000 sudo ip link set dev eth0 up
  552  2022-03-29T23:01:14+0000 sudo ip link set down eth0 && sudo ip link set dev eth0 up
  553  2022-03-29T23:01:19+0000 sudo ip link set down eth0
  554  2022-03-29T23:01:26+0000 sudo ip link set dev eth0 up
  555  2022-03-29T23:01:33+0000 sudo ip link set up eth0
  560  2022-03-29T23:03:19+0000 sudo ip link set dev eth0 up
  562  2022-03-29T23:04:04+0000 set interfaces ethernet eth0 address dhcp
  565  2022-03-29T23:04:19+0000 help
  566  2022-03-29T23:04:54+0000 sudo ./mytool
  567  2022-03-29T23:05:58+0000 sudo ./mytool
  568  2022-03-29T23:06:13+0000 lscpi -n
  569  2022-03-29T23:06:18+0000 lspci -n
  570  2022-03-29T23:06:23+0000 sudo ./mytool
  571  2022-03-29T23:08:57+0000 lspci -x -s 00:11.0
  572  2022-03-29T23:09:29+0000 ethtool -i eth0
  573  2022-03-29T23:11:22+0000 cd 700/
  574  2022-03-29T23:13:14+0000 ethtool -i eth0
  575  2022-03-29T23:11:27+0000 nano nvmupdate.cfg
  576  2022-03-29T23:17:52+0000 fg
  577  2022-03-29T23:18:00+0000 nano nvmupdate.cfg
  578  2022-03-29T23:18:36+0000 sudo ./nvmupdate64e -u -l -o update.xml -b -c nvmupdate.cfg
  579  2022-03-29T23:18:56+0000 ipconfig
  580  2022-03-29T23:18:59+0000 ifconfig
  581  2022-03-29T23:19:07+0000 ip addr show
  582  2022-03-29T23:19:37+0000 sudo ./nvmupdate64e  -o update.xml
  583  2022-03-29T23:21:34+0000 sudo ./nvmupdate64e  -o update.xml
  585  2022-03-29T23:23:33+0000 cd 700/
  586  2022-03-29T23:23:35+0000 sudo ./nvmupdate64e  -o update.xml
  588  2022-03-29T23:25:17+0000 ping 192.168.15.100
  589  2022-03-29T23:28:52+0000 sudo ./nvmupdate64e  -i -o output.xml
  592  2022-03-29T23:34:54+0000 sudo ./nvmupdate64e  -i -o output.xml
  593  2022-03-29T23:34:58+0000 cd 700/
  594  2022-03-29T23:35:00+0000 sudo ./nvmupdate64e  -i -o output.xml
  596  2022-03-29T23:35:26+0000 ip addr show
  597  2022-03-29T23:35:49+0000 sudo ip link set dev eth0 up
  598  2022-03-29T23:35:56+0000 sudo ip link set dev eth4 up
  599  2022-03-29T23:36:21+0000 sudo ip link set dev eth3 up
  600  2022-03-30T00:07:36+0000 ip addr show
  602  2022-03-30T00:08:20+0000 set interfaces ethernet eth3 address dhcp
  603  2022-03-30T00:08:25+0000 set interfaces ethernet eth4 address dhcp
  605  2022-03-30T00:09:01+0000 delete interfaces bridge br0 member interface eth3
  607  2022-03-30T00:09:13+0000 ip addr show
  608  2022-03-30T00:09:55+0000 sudo ip link set dev eth4 up
  609  2022-03-30T00:10:05+0000 ip addr show
  610  2022-03-30T00:10:16+0000 ping 8.8.8.8
  614  2022-03-30T00:10:25+0000 ifconfig
  615  2022-03-30T00:10:45+0000 ip addr show
  617  2022-03-30T00:11:23+0000 sudo ./nvmupdate64e  -i -o output.xml
  618  2022-03-30T00:11:29+0000 cd 700/
  619  2022-03-30T00:11:30+0000 sudo ./nvmupdate64e  -i -o output.xml
  621  2022-03-30T00:12:12+0000 sudo ./nvmupdate64e
  622  2022-03-30T00:13:39+0000 ethtool -i eth3
  623  2022-03-30T00:13:57+0000 sudo ./nvmupdate64e
  624  2022-03-30T00:15:56+0000 lspci -x -s 00:11.0
  625  2022-03-30T00:22:00+0000 lspci
  626  2022-03-30T00:22:37+0000 lspci -h
  627  2022-03-30T00:22:47+0000 lspci
  628  2022-03-30T00:23:00+0000 lspci 00:11.0
  629  2022-03-30T00:23:11+0000 lspci -l 00:11.0
  630  2022-03-30T00:23:17+0000 lspci -i 00:11.0
  631  2022-03-30T00:23:44+0000 lspci -vv | grep -i 'X710'
  632  2022-03-30T00:37:36+0000 cd 700/
  633  2022-03-30T00:37:41+0000 sudo ./nvmupdate64e
  634  2022-03-30T00:38:01+0000 sudo ./nvmupdate64e
  635  2022-03-30T00:38:17+0000 ip addr show
  636  2022-03-30T00:39:44+0000 ip addr show
  637  2022-03-30T00:39:49+0000 sudo ./nvmupdate64e
  638  2022-03-30T00:45:42+0000 ip addr show
  639  2022-03-30T00:46:36+0000 show interfaces detail
  640  2022-03-30T00:47:27+0000 cd 700/
  641  2022-03-30T00:47:29+0000 sudo ./nvmupdate64e
  642  2022-03-30T00:49:05+0000 sudo ./nvmupdate64e
  644  2022-03-30T17:05:03+0000 show interfaces
  645  2022-03-30T17:06:39+0000 set interfaces bridge br0 member interface eth1
  647  2022-03-30T17:07:40+0000 set interfaces bridge br0 member interface eth0
  649  2022-03-30T17:08:00+0000 delete interfaces bridge br0 member interface eth1
  651  2022-03-30T17:08:29+0000 set interfaces bridge br0 member interface eth1
  654  2022-03-30T17:08:51+0000 show interfaces
  655  2022-03-30T17:09:14+0000 ifconfig
  656  2022-03-30T17:09:44+0000 ifconfig
  657  2022-03-30T17:10:00+0000 run show configuration
  658  2022-03-30T17:10:06+0000 show configuration
  659  2022-03-30T17:11:00+0000 set interface ethernet eth0 address 192.168.1.170/24
  661  2022-03-30T17:11:08+0000 set interface ethernet eth0 address 192.168.1.170/24
  663  2022-03-30T17:11:19+0000 ifconfig
  664  2022-03-30T17:11:29+0000 ping 8.8.8.8
  665  2022-03-30T17:12:56+0000 show configuration
  666  2022-03-30T17:13:39+0000 ping 192.168.1.1
  667  2022-03-30T17:13:00+0000 run show configuration
  668  2022-03-30T17:14:34+0000 set interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  670  2022-03-30T17:14:50+0000 s
  672  2022-03-30T17:15:01+0000 ping 192.168.1.1
  673  2022-03-30T17:17:16+0000 run show configuration
  674  2022-03-30T17:17:19+0000 show configuration
  676  2022-03-30T17:19:15+0000 set nat source rule 100 outbound-interface eth0
  677  2022-03-30T17:19:37+0000 set nat destination rule 100 inbound-interface eth0
  678  2022-03-30T17:19:41+0000 set nat destination rule 105 inbound-interface eth0
  680  2022-03-30T17:20:09+0000 ping google.de
  681  2022-03-30T17:21:38+0000 show dhcp server leases
  682  2022-03-30T17:22:02+0000 show dhcp server leases
  683  2022-03-30T17:22:04+0000 show dhcp server leases
  685  2022-03-31T15:42:49+0000 show configuration
  686  2022-03-31T15:43:16+0000 ifconfgi
  687  2022-03-31T15:43:20+0000 ifconfig
  688  2022-03-31T15:43:57+0000 ifconfig
  689  2022-03-31T15:44:12+0000 show interfaces ethernet
  691  2022-03-31T15:44:32+0000 set interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  693  2022-03-31T15:44:42+0000 ifconfig
  695  2022-03-31T15:45:24+0000 show configuration
  697  2022-03-31T15:46:20+0000 set nat destination rule 105 inbound-interface eth2
  698  2022-03-31T15:46:32+0000 set nat destination rule 100 inbound-interface eth2
  699  2022-03-31T15:46:52+0000 set nat source rule 100 outbound-interface eth2
  700  2022-03-31T15:47:29+0000 set interface ethernet eth2 address 192.168.1.170/24
  701  2022-03-31T15:48:19+0000 delete interfaces bridge br0 member interface eth2
  706  2022-03-31T19:38:32+0000 show interfaces
  708  2022-03-31T19:39:15+0000 show configuration
  709  2022-03-31T19:39:19+0000 run show configuration
  710  2022-03-31T19:39:45+0000 ipconfig
  711  2022-03-31T19:39:48+0000 ifconfig
  712  2022-03-31T19:41:20+0000 ip link show
  713  2022-03-31T19:41:58+0000 ip link set eth3 down
  714  2022-03-31T19:42:03+0000 sudo ip link set eth3 down
  715  2022-03-31T19:42:16+0000 sudo ip link set eth3 name eth2
  716  2022-03-31T19:42:25+0000 sudo ip link set eth2 up
  717  2022-03-31T19:42:30+0000 ifconfgi
  718  2022-03-31T19:42:32+0000 ifconfig
  719  2022-03-31T19:42:50+0000 run show configuration
  720  2022-03-31T19:43:07+0000 set interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  723  2022-03-31T19:43:53+0000 run show configuration
  724  2022-03-31T19:44:13+0000 delete interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  727  2022-03-31T19:44:23+0000 run show configuration
  728  2022-03-31T19:45:12+0000 ip link show
  729  2022-03-31T19:45:57+0000 sudo ip link set eth2 down
  730  2022-03-31T19:46:18+0000 sudo ip link set eth2 name eth3
  731  2022-03-31T19:46:25+0000 sudo ip link set eth0 down
  732  2022-03-31T19:46:35+0000 sudo ip link set eth0 name eth2
  733  2022-03-31T19:46:57+0000 sudo ip link set eth2 up
  734  2022-03-31T19:47:07+0000 sudo ip link set eth3 up
  735  2022-03-31T19:47:11+0000 ip link show
  736  2022-03-31T19:48:39+0000 run show configuration
  737  2022-03-31T19:48:47+0000 run show configuration
  738  2022-03-31T19:49:10+0000 delete interfaces ethernet
  739  2022-03-31T19:49:45+0000 set interfaces bridge br0 member interface eth3
  745  2022-03-31T19:50:56+0000 show configuration
  747  2022-03-31T19:51:56+0000 delete interfaces ethernet eth0 hw-id a0:36:9f:28:d7:b8
  750  2022-03-31T19:53:33+0000 show configuration
  751  2022-03-31T19:53:55+0000 ifconfig
  753  2022-03-31T19:55:00+0000 set interface ethernet eth0 address 192.168.1.170/24
  755  2022-03-31T19:55:34+0000 delete interfaces bridge br0 member interface eth0
  756  2022-03-31T19:55:37+0000 set interface ethernet eth0 address 192.168.1.170/24
  758  2022-03-31T19:57:44+0000 ifconfig
  760  2022-03-31T19:58:09+0000 set interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  761  2022-03-31T19:58:33+0000 set interfaces bridge br0 member interface eth2
  762  2022-03-31T19:58:54+0000 set nat source rule 100 outbound-interface eth0
  763  2022-03-31T19:59:04+0000 set nat destination rule 100 inbound-interface eth0
  764  2022-03-31T19:59:11+0000 set nat destination rule 105 inbound-interface eth0
  767  2022-03-31T19:57:18+0000 show configuration
  769  2022-03-31T21:08:06+0000 show configuration
  770  2022-03-31T21:08:27+0000 ip addr show
  772  2022-03-31T21:08:49+0000 delete interfaces bridge br0 member interface eth0
  773  2022-03-31T21:09:07+0000 set interfaces ethernet eth2 hw-id 7A:46:51:3B:13:79
  774  2022-03-31T21:09:15+0000 set interface ethernet eth0 address 192.168.1.170/24
  775  2022-03-31T21:09:20+0000 set nat destination rule 105 inbound-interface eth0
  776  2022-03-31T21:09:25+0000 set nat destination rule 100 inbound-interface eth0
  777  2022-03-31T21:09:32+0000 set nat source rule 100 outbound-interface eth0
  778  2022-03-31T21:09:53+0000 set interfaces bridge br0 member interface eth2
  780  2022-03-31T21:10:41+0000 show configuration
  781  2022-03-31T21:10:44+0000 runshow configuration
  782  2022-03-31T21:10:49+0000 run show configuration
  786  2022-03-31T21:12:15+0000 show configuration
  787  2022-03-31T21:12:29+0000 ip addr show
  789  2022-03-31T21:14:33+0000 mkdir /cfg_backup
  790  2022-03-31T21:14:37+0000 sudo mkdir /cfg_backup
  792  2022-03-31T21:15:08+0000 sudo chown root:vyattacfg -R /cfg_backup/
  803  2022-03-31T21:20:26+0000 lspci
  807  2022-04-18T09:32:39+0000 source /cfg_backup/cfg.txt
  808  2022-04-18T09:32:48+0000 sudo mount -t ext4 /dev/sdb1 /cfg_backup/
  809  2022-04-18T09:32:50+0000 source /cfg_backup/cfg.txt
  812  2022-04-18T09:34:33+0000 ip addr show
  813  2022-04-18T09:37:13+0000 delete interfaces ethernet eth5
  814  2022-04-18T09:40:08+0000 delete protocols static route 0.0.0.0/0  next-hop
  815  2022-04-18T09:40:38+0000 delete service dhcpv6-relay
  817  2022-04-18T09:41:41+0000 ip addr show
  822  2022-04-18T09:43:07+0000 ip addr show
  824  2022-04-18T09:48:03+0000 set system name-server 2a02:168:677a:15:2::fefe
  825  2022-04-18T09:49:05+0000 set service router-advert interface br0 name-server 2a02:168:677a:15:2::fefe
  826  2022-04-18T09:49:26+0000 delete service router-advert interface br0  name-server 2001:1620:2777:1::10
  827  2022-04-18T09:49:30+0000 delete service router-advert interface br0  name-server 2001:1620:2777:2::20
  832  2022-04-18T11:49:33+0000 show nat destination rule 108
  834  2022-04-18T11:49:53+0000 show nat destination statistics
  835  2022-04-18T11:50:32+0000 show nat destination rules 108
  836  2022-04-18T11:50:38+0000 show nat destination rules
  840  2022-04-20T06:47:46+0000 set system static-host-mapping host-name woelkli.christianott.ch inet 192.168.15.4
  842  2022-04-20T06:51:49+0000 set nat source rule 5000 disable
  844  2022-04-20T06:52:24+0000 set nat destination rule 108 disable
  848  2022-04-23T13:16:06+0000 run show configuration
  849  2022-04-23T13:17:01+0000 set service ssh port '22'
  853  2022-04-23T13:18:55+0000 run show configuration
  854  2022-04-29T14:57:25+0000 dmesg
  859  2022-04-29T15:03:47+0000 show configuration
  861  2022-04-29T15:04:27+0000 set service ssh port '22'
  869  2022-04-29T15:11:05+0000 set service ssh port '22'
  872  2022-04-29T15:11:41+0000 sudo nano /config/config.boot
  873  2022-04-29T15:12:46+0000 fg
  874  2022-04-29T15:13:06+0000 set service ssh
  875  2022-04-29T15:13:14+0000 delete service ssh
  877  2022-04-29T15:13:40+0000 show service ssh
  878  2022-04-29T15:13:44+0000 set service ssh
  880  2022-04-29T15:13:51+0000 show service ssh
  882  2022-04-29T15:14:11+0000 discard
  883  2022-04-29T15:14:24+0000 sudo nano /config/config.boot
  888  2022-04-29T15:17:25+0000 show services
  889  2022-04-29T15:17:42+0000 show
  890  2022-04-29T15:17:49+0000 show configuration
  894  2022-04-29T15:22:01+0000 discard
  904  2022-04-29T15:29:31+0000 show service ssh
  905  2022-04-29T15:29:42+0000 set service ssh
  907  2022-04-29T15:29:50+0000 history
  910  2022-04-29T15:33:07+0000 sudo chmod 766 /etc/systemd/system/ssh.service.d/override.conf
  921  2022-04-29T15:47:22+0000 discard
  929  2022-04-29T15:51:50+0000 set service ssh
  931  2022-04-29T15:52:54+0000 sudo systemctl reset ssh
  932  2022-04-29T15:53:01+0000 sudo systemctl revert ssh
  933  2022-04-29T15:53:49+0000 sudo systemctl revert ssh.service
  941  2022-04-29T16:01:21+0000 sudo mount -t ext4 /dev/sdb1 /cfg_backup/
  949  2022-04-29T16:09:03+0000 discard
  951  2022-04-29T16:09:26+0000 show configuration commands > /cfg_backup/cfg_new.txt
  953  2022-04-29T16:10:01+0000 sudo systemctl restart ssh
  955  2022-04-30T09:49:37+0000 set service ssh
  959  2022-04-30T09:54:17+0000 history
  960  2022-04-30T09:57:02+0000 dmesg
  962  2022-04-30T09:58:11+0000 ssh --version
  963  2022-04-30T09:58:18+0000 ssh -V
  964  2022-04-30T09:58:35+0000 sudo apt update
  972  2022-04-30T10:23:10+0000 ip link show
  978  2022-04-30T14:41:42+0000 dmesg
  981  2022-04-30T14:42:33+0000 set service ssh
  983  2022-04-30T14:42:44+0000 sudo systemctl restart ssh
  989  2022-04-30T14:52:31+0000 set service ssh
 1003  2022-04-30T15:42:47+0000 history

I removed all the irrelevant commit, save, ls commands. There is a lot of try-n-error while I got to learn my way around vyos. Cut happens around 2022-03-31 and 2022-04-18 where the before mentioned rollback occurred.

Troubles started again 2022-04-29 and I have no clue why.

I figured out that the override.conf file had fsattr immutable and append set. By removing the file attributes, I was could enable SSH via the CLI again.

Thanks,
Christian

c-po · May 1, 2022, 6:19am

The question is … why - did you change the permissions ?

910 2022-04-29T15:33:07+0000 sudo chmod 766 /etc/systemd/system/ssh.service.d/override.conf

We actually use 644 file permissions in this one.

tux19 · May 14, 2022, 8:06am

Hi,

Sorry for the delay, life got in the way.

Actually, I have no clue what/who added the immutable and append flags. They are not there on a clean installation. Removing them fixed it.

I upgraded now to a 1.4.x release and never saw the issue. It must have been caused by a “I don’t know what I’m doing” step that I can’t recall anymore.

I consider this closed

Thanks for the help!

system · May 16, 2022, 8:07am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.