1748085 Members
5050 Online
108758 Solutions
New Discussion юеВ

Re: sftp can't log in.

 
Johns Manville
Frequent Advisor

Re: sftp can't log in.

No, none.
Mel Burslan
Honored Contributor

Re: sftp can't log in.

where did you create the keys ? ON your server side or on the client side ?

you said it looks like it is recognizing your root key's instead of sftp user's keys. Are you sure you are initiating the connection after logging in to (or su'ing into) this sftp user with a "-", as in 'su - sftpuser', if you do, what you are telling about root's keys, doesn't make an iota of sense.

Last but not the least, if you created the key par, are you absolutely sure that you sent the private portion of the key to the client side and they placed it in the proper directory with the proper permissions. What you gave answers to, above, seems like the directory listings from the server and your problem is most probably residing on the client (i.e. remote) site.

Do you have access to this remote office server ? If so, can you check the ownership and permissions of .ssh directory and the files underneath it ?
________________________________
UNIX because I majored in cryptology...
Steven Schweda
Honored Contributor

Re: sftp can't log in.

> # ls -l
> [...]

Great. Now, if I could guess where you were
when you did that, then I might know
something useful.

There are two computers involved here, the
SFTP client and the SFTP server. (Or, for
testing purposes, perhaps one computer in two
roles, but exactly what you're doing where is
unclear.) The non-psychics in your audience
don't know where you're doing these things,
or as which user, or much else, unless you
reveal the relevant facts.

> I'm using this version of OpenSSH:
>
> OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL

> $ sftp -v username@hpux41
> Connecting to hpux41...
> OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005

And some of the things you say seem, well,
inconsistent?


> No, none.

Really? I know nothing, but I've never seen
an ssh/sftp login failure which left no
evidence in the system log file on the
server. Worst case, it is possible to run
the server daemon with a debug/verbose
option, which might tell you more.

> [...] will they need to send me their pub
> key? [...]

> [...] sent the private portion of the key
> to the client [...]

Many things are possible, but normally, the
key pair is generated at the client end, and
the public key is sent to the server end
(keeping the client's private key data
private).
Johns Manville
Frequent Advisor

Re: sftp can't log in.

OK. A useful person informed me that sftp does not have the capability to chroot or jail the user until OpenSSH version 5. That pretty much answers this question.

I apologize for not being more clear in my questions. Unfortunately, I swamped and have to help, so I wasn't as careful or detailed as I could have been. I usually do better.

I want to thank those of you who tried to be helpful without being demeaning. I will score him with a 0.
Johns Manville
Frequent Advisor

Re: sftp can't log in.

Chroot or jail capability is not available for sftp until OpenSSH version 5.
Steven Schweda
Honored Contributor

Re: sftp can't log in.

> OK. A useful person informed me that sftp
> does not have the capability to chroot or
> jail the user until OpenSSH version 5.

And we knew that you were trying to do this
because you told us where?

> Unfortunately, I swamped [...]

Not too busy to waste other people's time,
though.

> [...] demeaning.

If asking for a clear exposition of a problem
is demeaning, then count me in every time.

> I will score him with a 0.

The pain, the pain...