Solved

ssh works, ftp works, but sftp doesn't work

Posted on 2009-04-03
8
1,881 Views
Last Modified: 2013-12-09
i have a standard debian-based lamp server running. ssh and ftp both work fine, but when i try to connect via sftp it doesn't connect. can anyone help?

OpenSSH_4.3p2 Debian-9etch3, SSH protocols 1.5/2.0, OpenSSL 0x0090803f
 - ProFTPD Version 1.3.1
0
Comment
Question by:smueller72
  • 4
  • 4
8 Comments
 
LVL 3

Author Comment

by:smueller72
ID: 24059838
and this is the standard message i am receiving from cuteftp:
STATUS:>        [4/3/2009 9:11:41 AM] Getting listing ""...
STATUS:>        [4/3/2009 9:11:41 AM] Initializing SFTP21 module...
STATUS:>        [4/3/2009 9:11:41 AM] Connecting to SFTP server... [ip]:22 (ip = [ip])...
ERROR:>         [4/3/2009 9:11:47 AM] Connection to the server was lost, and the operation could not be performed.
ERROR:>         [4/3/2009 9:11:47 AM] Can't connect to [ip]:22. SFTP21 error = #7.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24059917
Hi,
is the sftp subserver enabled at the server side? Examine the "Subsystem" configuration in sshd_config.
I once saw (on AIX) that the sftp-server binary had explicitly to be made executable (by means of 'chmod +x'), as it was shipped without that flag.
Cheers
wmp
0
 
LVL 3

Author Comment

by:smueller72
ID: 24059953
here is my sshd_config
#       $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $
 

# This is the sshd server system-wide configuration file.  See

# sshd_config(5) for more information.
 

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
 

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented.  Uncommented options change a

# default value.
 

#Port 22

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::
 

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key
 

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 768
 

# Logging

#obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

#LogLevel INFO
 

# Authentication:
 

#LoginGraceTime 2m

#PermitRootLogin yes

DenyUsers web0

#StrictModes yes
 

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile     .ssh/authorized_keys
 

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes
 

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no
 

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes
 

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes
 

# GSSAPI options

#GSSAPIAuthentication no

#GSSAPICleanupCreds yes
 

# Set this to 'yes' to enable PAM authentication (via challenge-response)

# and session processing. Depending on your PAM configuration, this may

# bypass the setting of 'PasswordAuthentication'

#UsePAM yes
 

#AllowTcpForwarding yes

#GatewayPorts no

#X11Forwarding no

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#KeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression yes

#ClientAliveInterval 0

#ClientAliveCountMax 3

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10
 

# no default banner path

#Banner /some/path
 

# override default of no subsystems

Subsystem       sftp    /usr/libexec/sftp-server

Open in new window

0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 24059967
... and /usr/libexec/sftp-server exists and is executable?
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 3

Author Comment

by:smueller72
ID: 24059996
i noticed /usr/libexec/sftp-server doesn't exist, but /usr/lib/sftp-server does. i will try changing it over.

i am getting some other premissions error now when editing sshd_config, but i will report back when i have it changed.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060026
Don't forget to recycle sshd!
0
 
LVL 3

Author Comment

by:smueller72
ID: 24060132
that was it, thanks a bunch. i continue to be amazed at the quickness of all the smart people here :)
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24060156
Hey, you're always welcome!
Thanks for the points!
Cheers
wmp
 
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Samba is the de-facto standard program (or, more correctly: suite of programs) that UNIX and Linux systems use to share files with Microsoft Windows (and more recently, Mac OS-X) systems. Currently, there are 2 common versions of Samba available,…
Online collaboration is quickly becoming embedded in the workplace, and its benefits are tangible. See what the current landscape looks like and what the future holds for collaboration tools and the future of work.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now