Solved

ssh works, ftp works, but sftp doesn't work

Posted on 2009-04-03
8
1,897 Views
Last Modified: 2013-12-09
i have a standard debian-based lamp server running. ssh and ftp both work fine, but when i try to connect via sftp it doesn't connect. can anyone help?

OpenSSH_4.3p2 Debian-9etch3, SSH protocols 1.5/2.0, OpenSSL 0x0090803f
 - ProFTPD Version 1.3.1
0
Comment
Question by:smueller72
  • 4
  • 4
8 Comments
 
LVL 3

Author Comment

by:smueller72
ID: 24059838
and this is the standard message i am receiving from cuteftp:
STATUS:>        [4/3/2009 9:11:41 AM] Getting listing ""...
STATUS:>        [4/3/2009 9:11:41 AM] Initializing SFTP21 module...
STATUS:>        [4/3/2009 9:11:41 AM] Connecting to SFTP server... [ip]:22 (ip = [ip])...
ERROR:>         [4/3/2009 9:11:47 AM] Connection to the server was lost, and the operation could not be performed.
ERROR:>         [4/3/2009 9:11:47 AM] Can't connect to [ip]:22. SFTP21 error = #7.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24059917
Hi,
is the sftp subserver enabled at the server side? Examine the "Subsystem" configuration in sshd_config.
I once saw (on AIX) that the sftp-server binary had explicitly to be made executable (by means of 'chmod +x'), as it was shipped without that flag.
Cheers
wmp
0
 
LVL 3

Author Comment

by:smueller72
ID: 24059953
here is my sshd_config
#       $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $
 

# This is the sshd server system-wide configuration file.  See

# sshd_config(5) for more information.
 

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
 

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented.  Uncommented options change a

# default value.
 

#Port 22

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::
 

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key
 

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 768
 

# Logging

#obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

#LogLevel INFO
 

# Authentication:
 

#LoginGraceTime 2m

#PermitRootLogin yes

DenyUsers web0

#StrictModes yes
 

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile     .ssh/authorized_keys
 

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes
 

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no
 

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes
 

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes
 

# GSSAPI options

#GSSAPIAuthentication no

#GSSAPICleanupCreds yes
 

# Set this to 'yes' to enable PAM authentication (via challenge-response)

# and session processing. Depending on your PAM configuration, this may

# bypass the setting of 'PasswordAuthentication'

#UsePAM yes
 

#AllowTcpForwarding yes

#GatewayPorts no

#X11Forwarding no

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#KeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression yes

#ClientAliveInterval 0

#ClientAliveCountMax 3

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10
 

# no default banner path

#Banner /some/path
 

# override default of no subsystems

Subsystem       sftp    /usr/libexec/sftp-server

Open in new window

0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 24059967
... and /usr/libexec/sftp-server exists and is executable?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 3

Author Comment

by:smueller72
ID: 24059996
i noticed /usr/libexec/sftp-server doesn't exist, but /usr/lib/sftp-server does. i will try changing it over.

i am getting some other premissions error now when editing sshd_config, but i will report back when i have it changed.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060026
Don't forget to recycle sshd!
0
 
LVL 3

Author Comment

by:smueller72
ID: 24060132
that was it, thanks a bunch. i continue to be amazed at the quickness of all the smart people here :)
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060156
Hey, you're always welcome!
Thanks for the points!
Cheers
wmp
 
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now