Solved

ssh works, ftp works, but sftp doesn't work

Posted on 2009-04-03
8
1,945 Views
Last Modified: 2013-12-09
i have a standard debian-based lamp server running. ssh and ftp both work fine, but when i try to connect via sftp it doesn't connect. can anyone help?

OpenSSH_4.3p2 Debian-9etch3, SSH protocols 1.5/2.0, OpenSSL 0x0090803f
 - ProFTPD Version 1.3.1
0
Comment
Question by:smueller72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 3

Author Comment

by:smueller72
ID: 24059838
and this is the standard message i am receiving from cuteftp:
STATUS:>        [4/3/2009 9:11:41 AM] Getting listing ""...
STATUS:>        [4/3/2009 9:11:41 AM] Initializing SFTP21 module...
STATUS:>        [4/3/2009 9:11:41 AM] Connecting to SFTP server... [ip]:22 (ip = [ip])...
ERROR:>         [4/3/2009 9:11:47 AM] Connection to the server was lost, and the operation could not be performed.
ERROR:>         [4/3/2009 9:11:47 AM] Can't connect to [ip]:22. SFTP21 error = #7.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24059917
Hi,
is the sftp subserver enabled at the server side? Examine the "Subsystem" configuration in sshd_config.
I once saw (on AIX) that the sftp-server binary had explicitly to be made executable (by means of 'chmod +x'), as it was shipped without that flag.
Cheers
wmp
0
 
LVL 3

Author Comment

by:smueller72
ID: 24059953
here is my sshd_config
#       $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $
 
# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.
 
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
 
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.
 
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
 
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
 
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
 
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
 
# Authentication:
 
#LoginGraceTime 2m
#PermitRootLogin yes
DenyUsers web0
#StrictModes yes
 
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys
 
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
 
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
 
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
 
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
 
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes
 
# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes
 
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
 
# no default banner path
#Banner /some/path
 
# override default of no subsystems
Subsystem       sftp    /usr/libexec/sftp-server

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 24059967
... and /usr/libexec/sftp-server exists and is executable?
0
 
LVL 3

Author Comment

by:smueller72
ID: 24059996
i noticed /usr/libexec/sftp-server doesn't exist, but /usr/lib/sftp-server does. i will try changing it over.

i am getting some other premissions error now when editing sshd_config, but i will report back when i have it changed.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060026
Don't forget to recycle sshd!
0
 
LVL 3

Author Comment

by:smueller72
ID: 24060132
that was it, thanks a bunch. i continue to be amazed at the quickness of all the smart people here :)
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060156
Hey, you're always welcome!
Thanks for the points!
Cheers
wmp
 
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question