LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-18-2009, 01:59 PM   #1
vielmaj
LQ Newbie
 
Registered: Jun 2009
Posts: 24
Blog Entries: 1

Rep: Reputation: 0
ssh secure file transfer fails


I run the server in the physics department at Oregon State University and some of the users want to transfer there files using a windows program called "SSH Secure Shell". I get the following messages in auth.log

Sep 18 10:29:18 wngr497-pc08 sshd[12206]: Accepted password for vpodolsk from 128.193.96.98 port 3901 ssh2
Sep 18 10:29:18 wngr497-pc08 sshd[12206]: pam_unix(sshd:session): session opened for user vpodolsk by (uid=0)
Sep 18 10:29:18 wngr497-pc08 sshd[12220]: subsystem request for sftp
Sep 18 10:29:21 wngr497-pc08 sshd[12206]: pam_unix(sshd:session): session closed for user vpodolsk

But this person is not able to log in. It works for me and I get the following message in auth.log

Sep 15 08:24:53 wngr497-pc08 sshd[8224]: Accepted publickey for vielmaj from 128.193.96.44 port 51379 ssh2
Sep 15 08:24:53 wngr497-pc08 sshd[8224]: pam_unix(sshd:session): session opened for user vielmaj by (uid=0)

We are running Ubuntu now, but we used to run Suse, so all the old RSA pub keys no longer work. Does this look like the problem?

Jason
 
Old 09-18-2009, 08:08 PM   #2
jhwilliams
Senior Member
 
Registered: Apr 2007
Location: Portland, OR
Distribution: Debian, Android, LFS
Posts: 1,168

Rep: Reputation: 206Reputation: 206Reputation: 206
Hey Jason,

It looks like you're logging in without a password via a copy of your id_dsa.pub key in the server's authorized_keys2 file, yea? The user is trying to login with a username/password and so is triggering a different authentication path.

Instead of going to the trouble of debugging that, I would:

(1) reinstall openssh-server
(2) regenerate public keys unless you have some good motivation not to do so (they are signed by some company who charges you cash is one such reason I suppose.)

In /etc/ssh/sshd_config, Set the LogLevel to something higher so you can gather more information about what's going on. From sshd_config(5):

Quote:
LogLevel
Gives the verbosity level that is used when logging messages from sshd(8). The possible values are: SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1,
DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. Logging with a DEBUG
level violates the privacy of users and is not recommended.
 
Old 09-18-2009, 11:30 PM   #3
Smartpatrol
Member
 
Registered: Sep 2009
Posts: 196

Rep: Reputation: 38
...

Last edited by Smartpatrol; 03-11-2010 at 09:30 PM.
 
  


Reply

Tags
secure, sftp, shell, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Secure File Transfer Client in rbash lth0721 Linux - Software 2 03-05-2009 04:09 AM
Secure file transfer through SSH session Simsam Hijjawi Linux - Security 2 11-21-2007 12:36 AM
Secure file transfer server - tools ? taphagreg Linux - Security 1 03-19-2007 10:52 PM
Building a Secure File Transfer Gateway - thoughts please taphagreg Linux - Server 2 03-15-2007 01:43 PM
LXer: University of Michigan Selects SSH Tectia for Secure System Administration and Secure File Transfers LXer Syndicated Linux News 0 04-25-2006 12:54 AM


All times are GMT -5. The time now is 03:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration