Since I've not been absent minded enough in the past to actually lock myself out of a server (aside those younger days of 'forgetting the root pass" -- this is a first for me, yes I'm a locked out virgin. Special hey ?
And don't do this if you want continued access via root, or anything else. Sure http and https are available for public facing, but thats it.
So , I ran ---
iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -j REJECT iptables -A FORWARD -j REJECT
After saving iptables permanently , opened another shell logged in with the new user also created to take the place of root with the proper permissions, login was fine for that user.
After reboot I realized what I had mistakenly forgotten in the chain. See it ? lol Yes thats right , the ssh port - duh-me ? And a couple other things that render the hosts reporting scripts locked out, ah yes there it is - dummy lol
As I can see it , the only way to get access would be to have host flush iptables from main server node root. Yes, no ? Idea's ?