2

I have setup a Debian 11 headless server in my local network. I want to connect to this box over SSH, but every time it boots up, it gets stuck in a login prompt, and I won't be able to SSH into this until I physically connect keyboard to this server and login.

The server won't establish Ethernet connectivity until I physically login to this server. Only after I physically login, this connects to Ethernet, and then I can SSH from other devices. This creates a problem, since anybody can connect a keyboard and a monitor to this server and access my data since auto-login is setup.

What is the appropriate way to setup or mitigate this behavior?

Edit-0: tl;dr : I want to disable tty login prompt on startup and only allow ssh login. I have no reason to have a tty since I want this to be completely headless.

Edit-1: I have fixed the issue and decided to keep the TTY login prompt so that it can be of help during an emergency

phnsh
  • 21
  • What you need to do is find out why the interactive login is needed in the first place. I can see several possibilities. It could be an "decrypt my disk" prompt. It could be a "disk needs fsck" It could be something overenginered to be a desktop. Are there any more details you can tell us? – David G. Oct 03 '22 at 23:45
  • Ditto. It should be totally possible to start networking and an SSH server before anyone logs in locally. Frankly I would call this setup standard. – Kamil Maciorowski Oct 04 '22 at 03:36
  • @DavidG. As soon as I start my Debian box, it boots up to a login prompt, just asking for my username and password. It does not show anything else. I had installed my Debian 11 with a desktop environment (xfce), and then I disabled it since I realized I did not require it. I guess when I installed with a DE, it was setup as a Desktop. I don't need any TTY login prompt at all. All I want is, as soon as the server boots up, it connects to Ethernet, starts SSH server, and waits until I login over SSH. Is it possible? – phnsh Oct 04 '22 at 09:19
  • @KamilMaciorowski I disabled xfce desktop environment because I later realized I don't need it anymore, and only require SSH login, and since there's no DE, it shows the login prompt. I don't want any TTY login, but only require SSH login. Is it possible to modify this behavior? – phnsh Oct 04 '22 at 09:21
  • OK. Suggestions: Uninstall XFCE if you haven't done so already, along with various X components. Similarly "network-manager". Similarly any optional "systemd" components. Then ensure your network is properly configured, and "auto" in "/etc/network/interfaces" or "/etc/network/interfaces.d/*". I believe network-manager and systemd are where the "overengineering" lives. – David G. Oct 04 '22 at 09:26
  • You haven't noted if this is a command line or graphic login prompt... If the later, yes, kill it (uninstalling X should do it, and save disk space too). If the former, it is a useful emergency capability and of minimal cost, but could still be killed. It is a configuration item in your init or systemd. With systemd I can't help, but for init/sysvinit it would be an entry in /etc/inittab. – David G. Oct 04 '22 at 09:32
  • @DavidG. I have disabled the graphical login, and now left with command line login prompt. But I have decided to keep the command line login, after I realized from your comment that it could be of use during an emergency, such as if the network goes down, or a fault SSH config, I can hook a keyboard and fix it. I will leave the command prompt login as it is, thank you! – phnsh Oct 05 '22 at 15:14
  • Does this solve the problem of not being able to remote login until you locally login, or is that still an issue? – David G. Oct 06 '22 at 03:10
  • @DavidG. Yes, finally fixed it an hour ago. The core issue was that my server was not establishing Ethernet connectivity until I logged into the box physically. So after I added "allow-hotplug enp1s0" in my /etc/network/interfaces, I no longer have that issue. I can now login to my box over SSH. I no longer have to plug keyboard/display to my box physically just so that it establishes Ethernet connectivity. – phnsh Oct 06 '22 at 18:09

1 Answers1

0

I finally fixed the issue. I edited the /etc/network/interfaces and added "allow-hotplug enp1s0" line. Now my Debian box will establish Ethernet connectivity (local network) on startup without my intervention, and once the connectivity is established, I can login over SSH.

Initially I tried with "auto" but it did not work (not sure why, I need to understand more about this), then I found this answer.

I have decided to keep the login prompt in the box as it is, so that it can be of help during an emergency, such as if the network goes down.

phnsh
  • 21