Ubuntu 14.04: enabled ufw and forgot to allow ssh

3

1

Last night I did a most annoying mistake. On a Ubuntu 14.04 server I enables ufw and forgot to allow ssh. Then I logged off.

Naturally I am now locked out with ssh.

Fortunately my hoster provides a repair feature that enables me to access ther servers file system to repair such stuff.

How can I either disable the firewall completely manually using the filesystem?

or

How can I manually add a rule into ufw that allows ssh access?

I tried to set a rule in /lib/ufw/user.rules but it did not work.

Any help is appreciated.

caliph

Posted 2016-01-22T11:15:33.760

Reputation: 171

Answers

4

I found a quite easy way to overcome the situation.

in

/etc/ufw/ufw.conf

there is

ENABLED=yes

set it to

ENABLED=no

And ufw will not start at the next reboot. Worked for me

caliph

Posted 2016-01-22T11:15:33.760

Reputation: 171

1

ufwis a front end for iptables.

The rules of iptables are located in files on /etc/iptables.*.

And in ufw stores them in /var/lib/ufw/user.rules.

Deleting the files or emptying them should work, and after a reboot you won't have rules on iptables so every type of traffic will connect.

If you can't remove the files then you could try add this to /etc/rc.local:

#!/bin/sh -e
sudo iptables -X
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

It will re-write the iptables rules, so after a reboot the server will accept connections.

jcbermu

Posted 2016-01-22T11:15:33.760

Reputation: 15 868

Thanks for your answer. I was about to go forward with your solution and then I saw the "enabled = yes" switch in the ufw config file. This was even easier. – caliph – 2016-01-22T20:21:39.297

Asked: 2016-01-22T11:15:33.760

Viewed: 2 368 times

Active: 2016-01-22T20:19:40.553