Prevent being locked out when configuring SSH and iptables [duplicate]

ssh datacenter iptables

There was a similar question Configure iptables over SSH without getting locked out?

I post here the tips I gave in the previous question:

1) I backup the old iptables configuration file:

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

2) Before trying the new settings, execute this command to make sure you can connect back if something in the new settings locks you out (basically it replaces the old rules after 5 minutes):

echo "mv /etc/sysconfig/iptables.bak /etc/sysconfig/iptables && service iptables restart" | at now + 5min

3) Now you can safely modify iptables rules. If something goes bad you can connect back within 5 minutes.


If you need to modify the SSH config, e.g in /etc/ssh/sshd_config: Leave a session open in another terminal. This usually will stay open, but of course you can use a similar trick as in @shardan's post for the SSH config as well.

Related

AWS EC2 - No Space Left on Device
Which ports are required in order to authenticate against a ldap server in another domain which is behind a firewall?
Is it possible to create a generalized configuration file for installing Windows features using PowerShell?
Uninstall Docker when installed via curl
Ansible run ends up with MODULE FAILURE?
How do I remove a group policy without access to the domain (controller)?
Windows 10 OpenVPN Client connects but can't access anything
Streaming PostgreSQL pg_dump to S3
What is the difference between AWS site-to-site VPN and AWS client VPN?
Does orientation during storage affect CD-ROM or DVD lifespans?
How to redirect domain without breaking the email?
Why is "ps" output not resolving the uid of my process?