LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-25-2014, 10:28 PM   #1
linuxmantra
Member
 
Registered: Dec 2013
Posts: 110

Rep: Reputation: Disabled
STPF issue (proftpd.conf)


My issues goes like this:
1. Server is running RHEL 6.4. Installed proftpd and configured it to start at port 2222. DefaultRoot ~sftpuser,!users (set default chroot directory). Everything is configured as per my company need.

2. comment out following lines from /etc/ssh/sshd_config
Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp interal-sftp

3. created separate file system and mounted at /home/sftpuser.Now all sftpuser will be inside /home/sftpuser. Below are directory permission
drwxrwxrwx. 5 root users 4096 Jun 25 21:24 /home/sftpuser/
created directory inside /home/sftpuser for user maxsftp with permission as:
drwxrwxrwx. 2 root users 4096 Jun 25 20:47 maxsftp

4. Added user ‘maxsftp‘ with following line directly copy pasted to /etc/passwd (not used like useradd –d /….. so on)
maxsftp:x:706:51::/home/sftpuser/maxsftp:/sbin/nologin

and copy pasted following line to /etc/group
sftpuser:x:51:maxsftp

5. set password for user with #passwd maxsftp
Now when I perform following task to test sftp , got following error

a) [root@server1] # sftp –oPort=2222 maxsftp@server2
Connecting to server2...
maxsftp@server2 password:
Permission denied, please try again.
maxsftp@server2 password:
……

(server 1 and server 2 both running proftpd daemon and sftp occur at 2222)

Help is really appreciated…

Last edited by linuxmantra; 06-25-2014 at 10:33 PM.
 
Old 06-26-2014, 01:27 AM   #2
rhoekstra
Member
 
Registered: Aug 2004
Location: The Netherlands
Distribution: RedHat 2, 3, 4, 5, Fedora, SuSE, Gentoo
Posts: 372

Rep: Reputation: 42
Try inspecting the log files as for why the password failed
 
Old 06-27-2014, 09:54 AM   #3
linuxmantra
Member
 
Registered: Dec 2013
Posts: 110

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by rhoekstra View Post
Try inspecting the log files as for why the password failed
For the time being: i performed to test sftp in localhost

#sftp maxsftp@localhost -p2222
maxsftp@server01's password:
subsystem request failed on channel 0
Couldn't read packet: Connection reset by peer

here are the logs:

root@server01:~# tail -f /var/log/secure

Jun 27 10:06:01 server01 sshd[28918]: Did not receive identification string from 10.239.30.1
Jun 27 10:06:01 server01 sshd[28918]: Did not receive identification string from 10.239.30.1
Jun 27 10:06:01 server01 sshd[28918]: Did not receive identification string from 10.239.30.1

root@server01:~# tail -f /var/log/messages
Jun 27 10:07:13 server01 proftpd[28966]: 10.239.61.111 (::ffff:10.239.30.1[::ffff:10.239.30.1]) - SSH2 session closed.
Jun 27 10:07:15 server01 proftpd[28967]: 10.239.61.111 (::ffff:10.239.30.1[::ffff:10.239.30.1]) - FTP session opened.
Jun 27 10:07:13 server01 proftpd[28966]: 10.239.61.111 (::ffff:10.239.30.1[::ffff:10.239.30.1]) - SSH2 session closed.
Jun 27 10:07:15 server01 proftpd[28967]: 10.239.61.111 (::ffff:10.239.30.1[::ffff:10.239.30.1]) - FTP session opened.

root@server01:~# tail -f /var/log/proftpd/sftp.log
Jun 27 10:50:45 mod_sftp/0.9.7[30647]: disconnecting client (received EOF)
Jun 27 10:50:48 mod_sftp/0.9.7[30650]: using '/etc/ssh/ssh_host_rsa_key' as RSA hostkey
Jun 27 10:50:48 mod_sftp/0.9.7[30650]: using '/etc/ssh/ssh_host_dsa_key' as DSA hostkey
Jun 27 10:50:48 mod_sftp/0.9.7[30650]: disconnecting client (received EOF)
Jun 27 10:50:50 mod_sftp/0.9.7[30651]: using '/etc/ssh/ssh_host_rsa_key' as RSA hostkey
Jun 27 10:50:50 mod_sftp/0.9.7[30651]: using '/etc/ssh/ssh_host_dsa_key' as DSA hostkey
Jun 27 10:50:50 mod_sftp/0.9.7[30651]: disconnecting client (received EOF)


Any suggestion...
 
Old 07-01-2014, 08:55 AM   #4
rhoekstra
Member
 
Registered: Aug 2004
Location: The Netherlands
Distribution: RedHat 2, 3, 4, 5, Fedora, SuSE, Gentoo
Posts: 372

Rep: Reputation: 42
- Why didn't you just use useradd and chose to copy paste user info in the /etc/passwd directly?
- have you got selinux disabled? (hopefully not, but you could try 'setenforce 0' temporarily t see if it changes functionality).

Are you planning on using password authentication or publickey authentication? with the latter, realize the key has to have a specific format:
Code:
ssh-keygen -e -f ~username/.ssh/authorized_keys >/etc/proftpd/authorized_keys/<username>
This did the trick for me, following this page: https://www.digitalocean.com/communi...instead-of-ftp

For password authentication, the SFTPAuthMethods set to password should suffice.

I noticed though, that the DefaultRoot should have no comma seperated values or the authentication fails. use a space instead.

That made it possible for me to get it working.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPd - Change proftpd.conf location ('not found' error) varney Linux - Newbie 1 02-22-2008 01:51 AM
Proftpd conf gloomz Linux - Server 2 12-31-2006 10:16 AM
proftpd.conf question axis Linux - Networking 1 07-18-2003 12:16 AM
Another ProFTPD conf file? KillerCheeto Linux - Newbie 1 04-24-2003 11:28 PM
proftpd --- need help? could someone post a working proftpd.conf i could look at ZooRoPa Linux - Networking 1 04-02-2003 06:56 PM


All times are GMT -5. The time now is 02:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration