enabling firewall on a vps to secure my docker containers and forgetting to add openssh to allowed list --> ssh blocked 😃🔫

@gitpush
I did something similar in an experiment to limit server access to only freenode servers, messed up my iptables rules and blocked myself out from it. So I just destroyed it and let it be for another day

@ChainsawBaby in my case I was lucky Vultr portal bypasses those and was able to access the server as root enabled ssh and was able to go back in. it was a close call lol

@gitpush I forgot the kvm password, and it was a brand new server, so destroying it wasn’t dangerous

@ChainsawBaby wow that's soooo bad :/

@gitpush I still want to try it again.
If you have some iptables examples for blocking all outgoing connections except certain IPs, I’ll gladly accept

@ChainsawBaby I am searching for one but in my case openssh was not allowed through firewall, I don't think by default anything is allowed, check "ufw status" and see its output, remove what you don't want.
but in this case @Linux will be more of a help than me

@gitpush
Firewall in Vultr UI or the server?

@Linux my server, ufw the default one

@gitpush
Ubuntu right?
It should be as simple as this:
sudo ufw allow ssh
Or
sudo ufw allow allow 22

@Linux what I did was ufw allow openssh
It gave me access again luckily, but what is the difference between allow ssh and openssh?

@gitpush
I am not 100% sure how ufw handles that actually, but it could be that it only allows openssh clients/servers to talk to it.
If you allow "ssh", you allow the protocoll ssh and not certain applications.

In either case, you should be good :)

@Linux you learn something new everyday. Thanks man :D

Same here :p

Who haven't accidently locked em'selfs out when trying to harden a box.. :D

@lotd & @Jifuna this is a relief lol knowing I have not gone insane, I just made a mistake like everyone does :D

@gitpush errare humanum est :)

@lotd thanks to Google Translate, I know what to reply to you :P
And yes you are 100% true, nothing to be ashamed of

@gitpush and because I was really unexperienced I didn't know how to use the resque system so I had to reset my server ;)

@Jifuna whats that? For me I accessed from Vultr user panel and whitelsited my IP

@gitpush for example of you fuck up your system so badly it doesn't boot anymore you can still boot in the resque system where you're hdd is mounted. You can chroot in it and fix the problem

@Jifuna oh don't mind me I"m a windows user newly switching to linux server, the ubuntu desktop I use, I don't do that much on it other than coding.

In windows it is called Safe Mode, so know I understand what you meant :D
Ya but for me I'd rather to have a snapshot if its a vm or if on bare metal then yes do it your way

@gitpush almost, its more like you have a partition with a clean windows system with access to your hd because as far as I know resque mode doesnt use any files from your main system. Snapshots are indeed nice too.

@Jifuna that is even better, though the great thing about Linux (at least ubuntu) you can live boot from USB but of course performance will be bad but its an option

@gitpush Thats, indeed nice