#1  
Old 12th July 2013, 16:21
aldo aldo is offline
HowtoForge Supporter
 
Join Date: Jan 2011
Posts: 98
Thanks: 34
Thanked 3 Times in 3 Posts
Default unable to connect via SFTP

I just installed ISPConfig 3.0.5.2 on Debian 7 and no user can connect via SFTP.

Shell users (all Jailed) are correct because they can connect via SSH.

Using FileZilla SFTP I get:
Connection closed by server with exut code 1

Using Bitvise Tunnelier SFTP I get:
Opening new SFTP session
Closing SFTP session.

Using Bitvise Tunnelier SSH I can connect normally.

Thanks for any help.
Reply With Quote
Sponsored Links
  #2  
Old 12th July 2013, 19:44
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,034
Thanks: 826
Thanked 5,382 Times in 4,229 Posts
Default

Please see here for instructions to enable sftp for jailed users:

http://symka.blogspot.de/2013/05/jai...1204-sftp.html

The guide is for ubuntu but it should work for debian 7 as well.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
aldo (13th July 2013)
  #3  
Old 13th July 2013, 01:31
aldo aldo is offline
HowtoForge Supporter
 
Join Date: Jan 2011
Posts: 98
Thanks: 34
Thanked 3 Times in 3 Posts
Default

Sorry, not solved.

I modified the file /etc/jailkit/jk_init.ini (I have no jk.init.ini) as described and restarted fail2ban (/etc/init.d/fail2ban restart) with no luck.

I noticed that setting "Chroot shell" to "none" the accounts can connect but I need them to be jailed.
Reply With Quote
  #4  
Old 13th July 2013, 16:06
Croydon Croydon is offline
ISPConfig Developer
 
Join Date: Jul 2007
Location: Koblenz, Germany
Posts: 927
Thanks: 16
Thanked 261 Times in 208 Posts
Default

Have you tested with a newly created shell user? I think the changes do not apply to already existing users.
__________________
Marius Cramer

pixcept KG
Reply With Quote
  #5  
Old 14th July 2013, 09:39
aldo aldo is offline
HowtoForge Supporter
 
Join Date: Jan 2011
Posts: 98
Thanks: 34
Thanked 3 Times in 3 Posts
Default

Yes.

I deleted old users and re-created.
Reply With Quote
  #6  
Old 14th July 2013, 11:25
aldo aldo is offline
HowtoForge Supporter
 
Join Date: Jan 2011
Posts: 98
Thanks: 34
Thanked 3 Times in 3 Posts
Default

In /var/log/auth.log I can only see:

Code:
Jul 14 12:36:16 debian7 sshd[5601]: Accepted password for ngtest from 192.168.1.100 port 57656 ssh2
Jul 14 12:36:16 debian7 sshd[5601]: pam_unix(sshd:session): session opened for user ngtest by (uid=0)
Jul 14 12:36:16 debian7 sshd[5603]: subsystem request for sftp by user ngtest
Jul 14 12:36:16 debian7 jk_chrootsh[5608]: now entering jail /var/www/clients/client1/web2 for user ngtest (5005) with arguments -c /usr/lib/openssh/sftp-server
Jul 14 12:36:16 debian7 sshd[5601]: pam_unix(sshd:session): session closed for user ngtest
Any idea?

Last edited by aldo; 14th July 2013 at 12:51.
Reply With Quote
  #7  
Old 14th July 2013, 17:48
Croydon Croydon is offline
ISPConfig Developer
 
Join Date: Jul 2007
Location: Koblenz, Germany
Posts: 927
Thanks: 16
Thanked 261 Times in 208 Posts
Default

I meant creating one that did not exist before (and was deleted). Did you try this?
__________________
Marius Cramer

pixcept KG
Reply With Quote
The Following User Says Thank You to Croydon For This Useful Post:
aldo (14th July 2013)
  #8  
Old 14th July 2013, 20:14
aldo aldo is offline
HowtoForge Supporter
 
Join Date: Jan 2011
Posts: 98
Thanks: 34
Thanked 3 Times in 3 Posts
Default

Yes, I tried both, to re-create existing users and also to create new users but without success.

Now I tried to create a new client, a new website and a new shell user and this time it works. Thank you.

Is there a way to fix the existing sites/user or I have to re-create them?

Thank you very much.
Reply With Quote
  #9  
Old 14th July 2013, 20:25
Croydon Croydon is offline
ISPConfig Developer
 
Join Date: Jul 2007
Location: Koblenz, Germany
Posts: 927
Thanks: 16
Thanked 261 Times in 208 Posts
 
Default

I'm not exactly sure. You could try using the command line tool jk_cp

Something like
jk_cp -j /var/www/clients/clientX/webY/./home/userxyz /lib/x86_64-linux-gnu/libnsl.so.1 /lib/x86_64-linux-gnu/libnss*.so.2


Edit: maybe
jk_update -j /var/www/clients/clientX/webY/./home/userxyz
could work, too. I have not tried.
__________________
Marius Cramer

pixcept KG

Last edited by Croydon; 14th July 2013 at 20:27.
Reply With Quote
The Following User Says Thank You to Croydon For This Useful Post:
aldo (14th July 2013)
Reply

Bookmarks

Tags
sftp

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig "backend" completely unfunctional after a restart Xaymar Installation/Configuration 1 22nd August 2011 22:31
Email problem 'Cannot set my user or group id.' (using ISPConfig 3 + OpenSuSE 11.2) urosm Installation/Configuration 5 19th June 2010 22:41
can't send/receive mail fedora 12 - ispconfig 3 ev0css Installation/Configuration 9 17th May 2010 21:44
ISPConfig 3 Send/Receive mail not working. Acidut General 6 4th April 2010 11:24
Forbidden 403; Samba access; config of maildeamon fawkes Installation/Configuration 4 14th January 2010 18:16


All times are GMT +2. The time now is 00:16.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.