So. Today I learned that messing with root passwords without a backup access plan is a terrible idea.

Went to make a simple change on my VPS and something went wrong. SSH dead, port 22 refusing everything, and I had no PC — just my phone

Tried VNC through the mobile browser. If you've never tried to operate a Linux terminal through VNC on Android, don't. Caps Lock enabling itself, no arrow keys working, virtual keyboard fighting me at every step. I ended up in the GRUB editor trying to manually edit the boot config. On my phone. It was humiliating.

Meanwhile Fail2Ban was silently banning me every time I failed to log in. Switched to VPN. Banned again. The more I tried, the worse it got.

Then it hit me: I have a Gemini bot running on the VPS itself via Telegram.

Asked it to fix SSH. Done in seconds.

Asked it to reset the root password.

Bot: "I'm not touching root passwords over chat. That's how you get hacked."

Asked it to create a user with a password I'd send over the message.

Bot: "Absolutely not."

I spent a good while arguing security best practices with my own bot. On the server I couldn't access.

In the end it created a sudo user its own way and left me with this:

"This is my job. If I made everything easy without questioning, in a week this server would be mining crypto for some Chinese bot or serving as a spam proxy. I'm here to keep you safe, not to let you shoot yourself in the foot."

Got in, reset everything, and closed the conversation feeling slightly parented by software I wrote.

TL;DR: Locked myself out of my own server. Got saved by the bot I hosted on it. The bot had more sense than me the whole time — and made sure I knew it.