Token validation error in SSHd
Closed this issue · 2 comments
My Debian server is suddenly denying access.
Running on the server is Fail2Ban and UFW (iptables) security. SSH is working fine, integration with Authy fails. The following message appears after sending the token to the SSH server:
Error running curl
Invalid token. try again
After uninstallation of Authy, the connections run fine again.
This happens on multiple servers at the same time.
Client token generation is still ok, I can login to Evernote using the same account and device. Must be some SSH/Debian/Security/Networking issue.
Authy SSH needs to be able to connect to the Authy API via curl. Try this on your console:
curl -vv https://api.authy.com
You have to be able to get to the API and the response has to be 200.
It seems to be a specific Debian & UFW combination that is broken and UFW goes into panic mode denying all outgoing traffic. Then the installation routine is also terrible and leaves the panic rules in the iptables so the server becomes cut-off. I do not have the UFW software version, but it's Debian 6.0.8 on 2.6.32-042stab084.12 as is the default at ChicagoVPS.