Lost SSH access to your VPS — recovery steps

Lost SSH access is recoverable in most cases—use your cloud provider’s out-of-band console first. Do not rebuild the server until you have tried console recovery.

Step 1: Provider console

Every major VPS host offers a browser console when port 22 fails:

• DigitalOcean — Droplet → Access → Launch Console
• Hetzner — Server → Console
• AWS — EC2 Instance Connect or serial console
• Linode / Akamai — LISH console

Log in with root or your user (password login must be enabled for console if keys broke).

Step 2: Diagnose from console

sudo systemctl status ssh
sudo ss -tlnp | grep 22
sudo ufw status
df -h

Finding	Action
sshd inactive	sudo systemctl start ssh and check journalctl -u ssh -n 30
Disk 100% full	Free disk—sshd may fail to write logs
ufw denies 22	sudo ufw allow OpenSSH or fix rule
Wrong sshd_config	Revert backup, sudo sshd -t, restart sshd

Step 3: SSH key issues

• Confirm your public key is in ~/.ssh/authorized_keys
• Permissions: chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys
• If you only locked yourself out with a new key, paste the correct key from console

Step 4: Provider rescue / recovery

If the OS will not boot:

• Mount disk in rescue mode
• chroot into the filesystem and fix /etc/fstab, sshd, or networking
• Last resort: snapshot disk, rebuild droplet, reattach volume

Prevent the next lockout

• Keep provider console credentials saved
• Test firewall rules before logging out
• Use sshd -t before restarting sshd
• Consider a second admin key or break-glass user

After you are back in

Run read-only health checks before big changes. Ohuriya AI is an AI DevOps Copilot that can help audit sshd and firewall settings—with approval on every command. About Ohuriya