New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Already contacted them through the contact center email. The same Luca also is the contact center so he already know the problem from my communication with him in the DMs for over a week. In the email he denied the issue and kept asking me to reinstall an os again when the issue at the first place is the installation of their isos and the network problem that he knew about.
Don't know why, the name C1V always make me remember ChicagoVps days!
But I still have an OpenVZ with ChicagoVPS and it's working rock solid, 200 days of uptime strides. I'm also selling it BTW
I don't understand understand what is the point in paying for WHMCS licence. No tickets, email for support, service are activated manually as well. 😁
@nvme every customer is special & VIP at c1vhosting.
If we get MITM kind of stuff over SSH something is totally fucked up. Some server motherboards have a remote management protocol. Hopefully that's not exposed to the world.
I could not figure the issue with their setup. I usually remove the SSH host key and then try to connect, the new connection has the same key so I am not sure there was any change with it. Try to compare both keys with yours.
Might be just as simple as having 2 VM's allocated the same IP using DHCP.
Does not mean its MITM, could be though.
I entered the password and logged into the new host though. It was mine.
then check the SSH keys in the VPS, is it changed?
Nope, from the backups I see that all the keys are the same since the day of installation.
I don't want to be pessimistic but this looks pessimistic.
which SSH client you using?
The usual, openssh-client.
This is not just an ssh problem, when the key changes for me both openvpn and the webserver connections are down too. I can login through the vnc console though! I do not think it is a MITM.
I also had half the nodejs processes lose connectivity, and remained unreachable until the LXC container was rebooted. That's when the SSH server started to serve wrong keys.
They don't have DHCP in their routers.
Seems like Luca gave us the goodnight.
Yaaawn.
But admittedly it's understandable, 98% of his income is mailed to the Italian tax office. The remaining 2% are bribes to avoid paying more.
I think there is a MITM because the pub key generated from the host's private key does not exist in the client's
known_hosts
.To verify, you can wipe the
~/.ssh/known_hosts
file on the client (take backup), then connect to the host forcing ECDSA, like so:this will prompt you to accept the "new" key from the host (because you deleted the existing keys in
known_hosts
) and will insert the SSH server's key into your newknown_hosts
.Then, from the host type
this prints the public ECDSA key of the host, which MUST exist in the client's
known_hosts
file.YET IT DOES NOT.
I think the SSH client is connecting to a third party.
I stopped the SSH service and stopped/shutdown the vps but it still asks me for a password.
@c1vhosting you can comment here, this is not a support request.
The server status (also the vnc console)
uptime
Because you have password-less authentication? What if you SSH into the server from the same server? Maybe the MITM doesn't grab the pub key to spoof the password-less authentication.
The vps is down/stopped but its IP is still pingable and ssh seems to think there is a server running and asks me for a password (yes I do password-less authentication!). I tried pinging the vps ip from different locations and the seems to be up and I think this is why my monitor is not detecting the c1vhosting downtime.
That’s clear, thank you! Please dm with service id/ IPv4 so I can fix your issue in a while
Hey Luca,
Already sent this to you two week ago, in the DMs, panel tickets and "contact center" email.
Please just DM me it thanks
For others to know about this. My offer is through DMs, he already have my email and he previously requested a support ticket ID that I sent to him two weeks ago. Previous screenshot shows the time of the autoreply from their system.
My support ticket: #138307 (since 14 September)
Thank you!
Yeah but consider the price, and the fraction he actually gets of that. He basically makes zero or even loses on these deals.
Yeah, it is charity at this point.
A fully-taxed charity
It feels sad to acknowledge that this business with international competitors runs from Italy.
I'm really happy to have a MITM for this price.