# Proxmox FAQ Q: I can't connect to CT/VM by ssh after install it \ A: check if sshd are running or not by using command: ----------------------------------------------------------- ``` // check sshd status sudo systemctl status sshd // if not running you can turn it on with command below sudo systemctl start sshd ``` If you can connect but can't login as root with password, make sure to add permit login ``` // open sshd config sudo nano /etc/ssh/sshd_config // Change // PermitRootLogin without-password // to // PermitRootLogin yes // Remove the // before the PermitRootLogin, save the file, CTRL+X , Y , Enter // Restart sshd services with command below sudo systemctl restart sshd ``` *** Q: I can't connect my local machine from outside (i have my public ip setup already to the machine), I want to use 1 ip for all vm/ct. or vm can't connect to internet.\ A: Use port forwarding to make it possible. ------------------------------------------- **Enable eth0 route localnet** {% hint style="danger" %} replace **eth0** with your own public interface {% endhint %} ``` sudo sed -i '/net.ipv4.conf.eth0.route_localnet/d' /etc/sysctl.conf sudo sed -i -e '$anet.ipv4.conf.eth0.route_localnet=1' /etc/sysctl.conf sudo sysctl -p ``` **Create Firewall Script** {% hint style="warning" %} Please change the PUBLICIP and LOCALIP to your own!\ You can also change PUBLICIP to 0.0.0.0/0\ Every port can be forwarded on each line of the scripts. {% endhint %} ``` #!/bin/bash /usr/sbin/iptables -t nat -A POSTROUTING -j MASQUERADE /usr/sbin/iptables -t nat -A PREROUTING -p tcp -d PUBLICIP --dport 10001 -j DNAT --to-destination LOCALIP:10001 /usr/sbin/iptables -t nat -A PREROUTING -p tcp -d PUBLICIP --dport 10002 -j DNAT --to-destination LOCALIP:10002 ``` **Create Crontab** ``` crontab -e ``` then add code below ``` @reboot /bin/bash /root/firewall.sh >> /root/firewall.log 2>&1 ``` {% hint style="info" %} this firewall rule will be activated everytime your machine are restarted. also the logs are available on /root/firewall.log if you meet some problem. {% endhint %} **Checking Active Rule** ``` sudo iptables -t nat -v -L PREROUTING -n --line-number ``` **Deleting Rule without restarting machine** ``` // check active rule first, then there is a line number of the rule // for example you want to delete rule number 4 use command below: sudo iptables -t nat -D PREROUTING 4 // this only delete on this session, if you need to make it permanent, // don't forget to remove the rule from firewall.sh ``` **Add Rule without restarting machine** ``` iptables -t nat -A PREROUTING -p tcp -d PUBLICIP --dport 36657 -j DNAT --to-destination LOCALIP:26657 // this only delete on this session, if you need to make it permanent, // don't forget to add the rule from firewall.sh using the ``` ## Q: unsupported Ubuntu version '24.04' A: comment / disable enterprise repository and add the non-pve ``` nano /etc/apt/sources.list.d/ceph.list // add # in front of all repository listed // save file (CTRL + X, Y, Enter) nano /etc/apt/sources.list.d/pve-enterprise.list // add # in front of all repository listed // save file (CTRL + X, Y, Enter) nano /etc/apt/sources.list // add on last line: deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription // save file (CTRL + X, Y, Enter) apt update apt full-upgrade // after full-upgrade success, create CT again ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.codeblocklabs.com/other/proxmox/proxmox-faq.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.