On Tue, 2010-03-30 at 12:57 +0200, Gianfranco Durin wrote: > On 03/29/2010 07:23 PM, Rick Sewill wrote: > > On 03/29/2010 10:23 AM, Gianfranco Durin wrote: > >> On 03/29/2010 03:28 PM, Aaron Konstam wrote: > >>> On Mon, 2010-03-29 at 11:07 +0200, Gianfranco Durin wrote: > >>>> On 03/25/2010 03:51 PM, Marvin Kosmal wrote: > >>>>> Could start with which sftp on the Fedora machine. > >>>>> > >>>>> YMMV > >>>>> > >>>>> Marvin > >>>>> > >>>> > >>>> Thanks, > >>>> I use openssh > >>>> > >>>> and I have > >>>> > >>>> Subsystem sftp /usr/libexec/sftp-server > >>>> > >>>> enable in my sshd.config file. > >>>> > >>>> Is it enough? > >>>> > >>>> Gianfranco > >>> This is the line in my sshd.conf file > >>> Subsystem sftp /usr/libexec/openssh/sftp-server > >>> > >>> The file you reference does not exist on my machine. > >> > >> Yes, sorry, you are right, this is the very same I have > >> > >> Gianfranco > > > > Can you ssh successfully from the client side to the server side? > > > > Sorry if you already answered this question. > > I started looking at this thread in the middle. > > > > If you cannot ssh, that will give us some hints. > > > > If you can ssh successfully, please check your /etc/hosts.allow and > > /etc/hosts.deny files on the server side. I believe openssh-server is > > built to examine those files. I believe those files can authenticate or > > block connections on a per service per user per host basis. > > > > I can do ssh, this is what I cannot understand > > > On the client side, can you do sftp -v .... > > > > Does anyone know if multiple sftp -v -v -v increase the logging level as > > it does in ssh -v -v -v ? > > > > If using multiple -v does increase the logging level, can you do > > sftp -v -v -v ... > > > > > Ahah, very good idea! > Yes, using multiple -v -v increase the logging level. > > Ok, now I try to do both ssh and sftp on my localhost (using -v). These > are the outputs I get after I enter the password: > > ========================== > ssh -v localhost > > debug1: Authentication succeeded (password). > debug1: channel 0: new [client-session] > debug1: Requesting no-more-sessions@xxxxxxxxxxx > debug1: Entering interactive session. > debug1: Sending environment. > debug1: Sending env XMODIFIERS = @im=none > debug1: Sending env LANG = en_US.UTF-8 > > So it works. But let's check the output of -v -v > =========================== > ssh -v -v localhost > debug2: we sent a password packet, wait for reply > debug1: Authentication succeeded (password). > debug1: channel 0: new [client-session] > debug2: channel 0: send open > debug1: Requesting no-more-sessions@xxxxxxxxxxx > debug1: Entering interactive session. > debug2: callback start > debug2: client_session2_setup: id 0 > debug2: channel 0: request pty-req confirm 1 > debug1: Sending environment. > debug1: Sending env XMODIFIERS = @im=none > debug2: channel 0: request env confirm 0 > debug1: Sending env LANG = en_US.UTF-8 > debug2: channel 0: request env confirm 0 > debug2: channel 0: request shell confirm 1 > debug2: fd 3 setting TCP_NODELAY > debug2: callback done > debug2: channel 0: open confirm rwindow 0 rmax 32768 > debug2: channel_input_status_confirm: type 99 id 0 > debug2: PTY allocation request accepted on channel 0 > debug2: channel 0: rcvd adjust 2097152 > debug2: channel_input_status_confirm: type 99 id 0 > debug2: shell request accepted on channel 0 > > =========================== > Now, let's try: sftp -v localhost > > debug1: Authentication succeeded (password). > debug1: channel 0: new [client-session] > debug1: Requesting no-more-sessions@xxxxxxxxxxx > debug1: Entering interactive session. > debug1: Sending environment. > debug1: Sending env XMODIFIERS = @im=none > debug1: Sending env LANG = en_US.UTF-8 > debug1: Sending subsystem: sftp > debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0 > debug1: client_input_channel_req: channel 0 rtype eow@xxxxxxxxxxx reply 0 > debug1: channel 0: free: client-session, nchannels 1 > debug1: fd 0 clearing O_NONBLOCK > Transferred: sent 1872, received 2040 bytes, in 0.1 seconds > Bytes per second: sent 23294.9, received 25385.4 > debug1: Exit status -1 > Connection closed Sorry the output in my last message was wrong since I had a publickey stored in .ssh/knownhosts. Below is the output I would expect you would see. Did you remove lines from the output you posted? Connecting to localhost... OpenSSH_5.3p1, OpenSSL 1.0.0-fips-beta4 10 Nov 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/akonstam/.ssh/id_rsa type 1 debug1: identity file /home/akonstam/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is e9:5f:b7:85:a9:88:7e:f9:cc:e8:fe:25:85:d3:77:c2. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Offering public key: /home/akonstam/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Trying private key: /home/akonstam/.ssh/id_dsa debug1: Next authentication method: password akonstam@localhost's password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@xxxxxxxxxxx debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env XMODIFIERS = @im=none debug1: Sending env LANG = en_US.UTF-8 debug1: Sending subsystem: sftp sftp> -- ======================================================================= Ferguson's Precept: A crisis is when you can't say "let's forget the whole thing." ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
