OpenSSH_3.5p1 server, PC clients cannot connect
From: John Mendenhall (john@surfutopia.net)
Date: 02/20/03
- Previous message: SBONNET@mediametrie.fr: "how to log connexion of SSH users in chroot environnement ?"
- Next in thread: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Maybe reply: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Maybe reply: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Feb 2003 16:20:15 -0800 From: John Mendenhall <john@surfutopia.net> To: secureshell@securityfocus.com
I have setup an OpenSSH_3.5p1 ssh/sftp server on my
SunOS 4.1.4 box. I can ssh to it just fine. The problem
is SFTP from certain clients.
I can SFTP to it using my OpenSSH_3.5p1 sftp client. I
can SFTP to it from MacSFTP from MacSSH.org, version 1.0.5.
However, I have several clients that cannot connect. I have
had them try CuteFTP Pro v2, v3, WS_FTP Pro v7.62, PuTTy
pSFTP. None are able to connect.
WS_FTP Pro gives the error:
Failed SSH Key Exchange
PuTTy gives the error message:
Fatal: unable to initialise SFTP: could not connect
CuteFTP just seems to hang there.
I have turned on DEBUG logging and they each appear to
stop at different places.
I did some searching and increased the Login time from 2 minutes
to 5 minutes. No change. I turned off PrivSep. No apparent
change. Compression is still on. I run the daemon with '-u0'
to increase DNS lookup speed. I have included my config
file below my signature.
Does anyone have any idea what I could be doing wrong? I would
really like this to work for my PC/Win clients. Please let me
know if you need any additional information to diagnose these
clients.
Thank you very much in advance.
JohnM
-- John Mendenhall john@surfutopia.net surf utopia internet services ----- sshd_config ----- # $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 HostKey /usr/local/etc/ssh_host_key # HostKeys for protocol version 2 HostKey /usr/local/etc/ssh_host_rsa_key HostKey /usr/local/etc/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 3600 #ServerKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging SyslogFacility AUTH #LogLevel INFO LogLevel DEBUG # Authentication: #LoginGraceTime 120 LoginGraceTime 300 #PermitRootLogin yes PermitRootLogin no #StrictModes yes #RSAAuthentication yes #RSAAuthentication no #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # rhosts authentication should not be used #RhostsAuthentication no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no # Set this to 'yes' to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of 'PasswordAuthentication' #PAMAuthenticationViaKbdInt no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #KeepAlive yes #UseLogin no # 20030219 jem turned off Privilege Separation for Putty pSFTP to work #UsePrivilegeSeparation yes UsePrivilegeSeparation no PermitUserEnvironment no #Compression yes #MaxStartups 10 # no default banner path #Banner /some/path #VerifyReverseMapping no # override default of no subsystems Subsystem sftp /usr/local/libexec/sftp-server
- Next message: Jan-Benedict Glaw: "Re: Hung OpenSSH 3.5p1 sessions/connections"
- Previous message: SBONNET@mediametrie.fr: "how to log connexion of SSH users in chroot environnement ?"
- Next in thread: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Maybe reply: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Maybe reply: Greg Paik: "RE: OpenSSH_3.5p1 server, PC clients cannot connect"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
