RE: sftp-server on solaris8

From: Kemi Olaofe (kemi.olaofe_at_maginus.com)
Date: 02/10/04

  • Next message: Rice.Dana_at_ic.gc.ca: "RE: AIX and w"
    To: 'Carl Holtje' <holtje@freeside.dnsalias.org>
    Date: Tue, 10 Feb 2004 11:16:56 -0000
    
    

    Carl,

    I traced the program through the debugger and discovered that the execve
    command was failing to execute the command "ksh -c
    /usr/local/libexec/sftp-server" as it could not find libz.

    The problem was that libz is in a non-standard directory within the build
    environment so it was not found on runtime; running using the "-P
    sftp_server path" option obviously inherited my current environment (which
    included the required directory in LD_LIBRARY_PATH) whereas tunnelling
    through sshd did not.

    I unset LD_LIBRARY_PATH and added the path to libz with the
    --with-ldflags=$LIBZ_DIR_PATH configuration option and it is all now
    working.

    Thanks for your suggestions.

    Kemi

    -----Original Message-----
    From: Carl Holtje [mailto:holtje@freeside.dnsalias.org]
    Sent: 09 February 2004 20:55
    To: Kemi Olaofe
    Cc: secureshell@securityfocus.com
    Subject: Re: sftp-server on solaris8

    Kemi-

    It seems to me that SSH and SFTP are having trouble talking remotely...
    the local SFTP server is ok, because, as the man page reports for the
    '-P switch', ssh isn't being used with the -P flag:

          -P sftp_server path
               Connect directly to a local sftp-server (rather than
               via ssh ) This option may be useful in debugging the
               client and server.

    I'd suggest ensuring that SSH is working happily for root and other
    users...

    Ensure that your clients are connecting with a valid protocol (ie, if
    you've disabled SSH v1 on the server, they're not trying to connect with
    v1).. I'm quite sure this would report a different error and debug
    trace, but just to be sure...

    Do your logs report anything interesting?

    Keep me posted...

    Carl

    Kemi Olaofe wrote:
    > Yes, root is allowed to connect. I also get the same problem if I try and
    > connect as any other user.
    >
    > -----Original Message-----
    >
    > Kemi-
    >
    > The first thing I notice is that you're connecting as root -- is this
    > allowed per your sshd.conf file?
    >
    > If not, that's at least your first problem...
    >
    > Hope it helps...
    >
    > Carl
    >
    > Kemi Olaofe wrote:
    >
    >>I am having a problem trying to use sftp over sshd on solaris8. sshd
    >
    > itself
    >
    >>works fine. I can run sftp directly by using the command
    >>
    >>sftp -P /usr/local/libexec/sftp-server root@localhost
    >>
    >>and my sshd config file has the following entry:
    >>
    >>Subsystem sftp /usr/local/libexec/sftp-server
    >>
    >>but when I try to use sftp over sshd using
    >>
    >>sftp root@localhost
    >>
    >>the system accepts the password and then times out! When I run the
    >
    > command
    >
    >>with debug level 2 I get the following:
    >>
    >>...
    >>root@localhost's password:
    >>debug2: we sent a password packet, wait for reply
    >>debug1: Authentication succeeded (password).
    >>debug2: fd 5 setting O_NONBLOCK
    >>debug2: fd 6 is O_NONBLOCK
    >>debug1: channel 0: new [client-session]
    >>debug2: channel 0: send open
    >>debug1: Entering interactive session.
    >>debug2: callback start
    >>debug2: ssh_session2_setup: id 0
    >>debug1: Sending subsystem: sftp
    >>debug2: channel 0: request subsystem
    >>debug2: callback done
    >>debug2: channel 0: open confirm rwindow 0 rmax 32768
    >>debug2: channel 0: rcvd adjust 131072
    >>debug2: channel 0: rcvd eof
    >>debug2: channel 0: output open -> drain
    >>debug2: channel 0: obuf empty
    >>debug2: channel 0: close_write
    >>debug2: channel 0: output drain -> closed
    >>debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
    >>debug2: channel 0: rcvd close
    >>debug2: channel 0: close_read
    >>debug2: channel 0: input open -> closed
    >>debug2: channel 0: almost dead
    >>debug2: channel 0: gc: notify user
    >>debug2: channel 0: gc: user detached
    >>debug2: channel 0: send close
    >>debug2: channel 0: is dead
    >>debug2: channel 0: garbage collecting
    >>debug1: channel 0: free: client-session, nchannels 1
    >>debug1: fd 0 clearing O_NONBLOCK
    >>debug2: fd 1 is not O_NONBLOCK
    >>debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
    >>debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
    >>debug1: Exit status -1
    >>Connection closed
    >>
    >>Any idea why it this could be occurring?
    >>Kemi Olaofe
    >>
    >>________________________________________________________________________
    >>This e-mail has been scanned for all viruses by Star Internet. The
    >>service is powered by MessageLabs. For more information on a proactive
    >>anti-virus service working around the clock, around the globe, visit:
    >>http://www.star.net.uk
    >>________________________________________________________________________
    >
    >

    ________________________________________________________________________
    This e-mail has been scanned for all viruses by Star Internet. The
    service is powered by MessageLabs. For more information on a proactive
    anti-virus service working around the clock, around the globe, visit:
    http://www.star.net.uk
    ________________________________________________________________________

    ________________________________________________________________________
    This e-mail has been scanned for all viruses by Star Internet. The
    service is powered by MessageLabs. For more information on a proactive
    anti-virus service working around the clock, around the globe, visit:
    http://www.star.net.uk
    ________________________________________________________________________


  • Next message: Rice.Dana_at_ic.gc.ca: "RE: AIX and w"

    Relevant Pages

    • Re: [SLE] ftp server how?
      ... How to set up the sftp and ssh? ... BTW i put pureftpd but the command is unkown for my system. ... >> Check the headers for your unsubscription address ...
      (SuSE)
    • Re: use sftp interactively from within a windows program
      ... SSH does use SSL. ... The scp program from SSH is much better suited to batch use than sftp. ... create the command file and call sftp with the proper options to perform the ... > Client is a windows machine with a java program. ...
      (comp.security.ssh)
    • Re: rssh testing
      ... This doesn't seem right, I would think I should get a command prompt, ... fact that sftp is allowed, ... configure commands via ssh. ... never get a prompt from the remote login shell. ...
      (comp.security.ssh)
    • Re: [opensuse] SFTP performance degradation under Dolphin and Konqueror
      ... Dolpin and konqueror use kio_sftp to use the sftp protocol. ... the libssh library. ... In KDE < 4.3 times, kio_sftp called the sftp command line binary. ...
      (SuSE)
    • Re: SFTP GET COMMAND QUESTION
      ... Subject: SFTP GET COMMAND QUESTION ... Look at z/os client parameters TRAILINGBLANKS, TRUNCATE, and WRAPRECORD. ... the end of line character. ...
      (bit.listserv.ibm-main)