Sftp does not work after upgrade fo F12

Aaron Konstam akonstam at sbcglobal.net
Tue Mar 30 14:30:08 UTC 2010


On Tue, 2010-03-30 at 12:57 +0200, Gianfranco Durin wrote: 
> On 03/29/2010 07:23 PM, Rick Sewill wrote:
> > On 03/29/2010 10:23 AM, Gianfranco Durin wrote:
> >> On 03/29/2010 03:28 PM, Aaron Konstam wrote:
> >>> On Mon, 2010-03-29 at 11:07 +0200, Gianfranco Durin wrote:
> >>>> On 03/25/2010 03:51 PM, Marvin Kosmal wrote:
> >>>>> Could start with which sftp on the Fedora machine.
> >>>>>
> >>>>> YMMV
> >>>>>
> >>>>> Marvin
> >>>>>
> >>>>
> >>>> Thanks,
> >>>> I use openssh
> >>>>
> >>>> and I have
> >>>>
> >>>> Subsystem sftp /usr/libexec/sftp-server
> >>>>
> >>>> enable in my sshd.config file.
> >>>>
> >>>> Is it enough?
> >>>>
> >>>> Gianfranco
> >>> This is the line in my sshd.conf file
> >>> Subsystem       sftp    /usr/libexec/openssh/sftp-server
> >>>
> >>> The file you reference does not exist on my machine.
> >>
> >> Yes, sorry, you are right, this is the very same I have
> >>
> >> Gianfranco
> >
> > Can you ssh successfully from the client side to the server side?
> >
> > Sorry if you already answered this question.
> > I started looking at this thread in the middle.
> >
> > If you cannot ssh, that will give us some hints.
> >
> > If you can ssh successfully, please check your /etc/hosts.allow and
> > /etc/hosts.deny files on the server side.  I believe openssh-server is
> > built to examine those files.  I believe those files can authenticate or
> > block connections on a per service per user per host basis.
> >
> 
> I can do ssh, this is what I cannot understand
> 
> > On the client side, can you do sftp -v ....
> >
> > Does anyone know if multiple sftp -v -v -v increase the logging level as
> > it does in ssh -v -v -v ?
> >
> > If using multiple -v does increase the logging level, can you do
> > sftp -v -v -v ...
> >
> >
> Ahah, very good idea!
> Yes, using multiple -v -v increase the logging level.
> 
> Ok, now I try to do both ssh and sftp on my localhost (using -v). These 
> are the outputs I get after I enter the password:
> 
> ==========================
> ssh -v localhost
> 
> debug1: Authentication succeeded (password).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug1: Sending environment.
> debug1: Sending env XMODIFIERS = @im=none
> debug1: Sending env LANG = en_US.UTF-8
> 
> So it works. But let's check the output of -v -v
> ===========================
> ssh -v -v localhost
> debug2: we sent a password packet, wait for reply
> debug1: Authentication succeeded (password).
> debug1: channel 0: new [client-session]
> debug2: channel 0: send open
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug2: callback start
> debug2: client_session2_setup: id 0
> debug2: channel 0: request pty-req confirm 1
> debug1: Sending environment.
> debug1: Sending env XMODIFIERS = @im=none
> debug2: channel 0: request env confirm 0
> debug1: Sending env LANG = en_US.UTF-8
> debug2: channel 0: request env confirm 0
> debug2: channel 0: request shell confirm 1
> debug2: fd 3 setting TCP_NODELAY
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug2: channel_input_status_confirm: type 99 id 0
> debug2: PTY allocation request accepted on channel 0
> debug2: channel 0: rcvd adjust 2097152
> debug2: channel_input_status_confirm: type 99 id 0
> debug2: shell request accepted on channel 0
> 
> ===========================
> Now, let's try:  sftp -v localhost
> 
> debug1: Authentication succeeded (password).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug1: Sending environment.
> debug1: Sending env XMODIFIERS = @im=none
> debug1: Sending env LANG = en_US.UTF-8
> debug1: Sending subsystem: sftp
> debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
> debug1: client_input_channel_req: channel 0 rtype eow at openssh.com reply 0
> debug1: channel 0: free: client-session, nchannels 1
> debug1: fd 0 clearing O_NONBLOCK
> Transferred: sent 1872, received 2040 bytes, in 0.1 seconds
> Bytes per second: sent 23294.9, received 25385.4
> debug1: Exit status -1
> Connection closed
Sorry the output in my last message was wrong since I had a publickey
stored in .ssh/knownhosts.

Below is the output I would expect you would see. Did you remove lines
from the output you posted?

Connecting to localhost...
OpenSSH_5.3p1, OpenSSL 1.0.0-fips-beta4 10 Nov 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/akonstam/.ssh/id_rsa type 1
debug1: identity file /home/akonstam/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is e9:5f:b7:85:a9:88:7e:f9:cc:e8:fe:25:85:d3:77:c2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more
information
Credentials cache file '/tmp/krb5cc_500' not found

debug1: Unspecified GSS failure.  Minor code may provide more
information
Credentials cache file '/tmp/krb5cc_500' not found

debug1: Unspecified GSS failure.  Minor code may provide more
information


debug1: Next authentication method: publickey
debug1: Offering public key: /home/akonstam/.ssh/id_rsa
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/akonstam/.ssh/id_dsa
debug1: Next authentication method: password
akonstam at localhost's password: 
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=none
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending subsystem: sftp
sftp> 



--
=======================================================================
Ferguson's Precept: A crisis is when you can't say "let's forget the
whole thing."
=======================================================================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam at sbcglobal.net



More information about the users mailing list