RE: sftp-server on solaris8

• Previous message: Denis Heitbrock: "login with public keys"
• Maybe in reply to: Kemi Olaofe: "sftp-server on solaris8"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: 'Carl Holtje' <holtje@freeside.dnsalias.org>
Date: Tue, 10 Feb 2004 11:16:56 -0000

Carl,

I traced the program through the debugger and discovered that the execve
command was failing to execute the command "ksh -c
/usr/local/libexec/sftp-server" as it could not find libz.

The problem was that libz is in a non-standard directory within the build
environment so it was not found on runtime; running using the "-P
sftp_server path" option obviously inherited my current environment (which
included the required directory in LD_LIBRARY_PATH) whereas tunnelling
through sshd did not.

I unset LD_LIBRARY_PATH and added the path to libz with the
--with-ldflags=$LIBZ_DIR_PATH configuration option and it is all now
working.

Thanks for your suggestions.

Kemi

-----Original Message-----
From: Carl Holtje [mailto:holtje@freeside.dnsalias.org]
Sent: 09 February 2004 20:55
To: Kemi Olaofe
Cc: secureshell@securityfocus.com
Subject: Re: sftp-server on solaris8

Kemi-

It seems to me that SSH and SFTP are having trouble talking remotely...
the local SFTP server is ok, because, as the man page reports for the
'-P switch', ssh isn't being used with the -P flag:

      -P sftp_server path
           Connect directly to a local sftp-server (rather than
           via ssh ) This option may be useful in debugging the
           client and server.

I'd suggest ensuring that SSH is working happily for root and other
users...

Ensure that your clients are connecting with a valid protocol (ie, if
you've disabled SSH v1 on the server, they're not trying to connect with
v1).. I'm quite sure this would report a different error and debug
trace, but just to be sure...

Do your logs report anything interesting?

Keep me posted...

Carl

Kemi Olaofe wrote:
> Yes, root is allowed to connect. I also get the same problem if I try and
> connect as any other user.
>
> -----Original Message-----
>
> Kemi-
>
> The first thing I notice is that you're connecting as root -- is this
> allowed per your sshd.conf file?
>
> If not, that's at least your first problem...
>
> Hope it helps...
>
> Carl
>
> Kemi Olaofe wrote:
>
>>I am having a problem trying to use sftp over sshd on solaris8. sshd
>
> itself
>
>>works fine. I can run sftp directly by using the command
>>
>>sftp -P /usr/local/libexec/sftp-server root@localhost
>>
>>and my sshd config file has the following entry:
>>
>>Subsystem sftp /usr/local/libexec/sftp-server
>>
>>but when I try to use sftp over sshd using
>>
>>sftp root@localhost
>>
>>the system accepts the password and then times out! When I run the
>
> command
>
>>with debug level 2 I get the following:
>>
>>...
>>root@localhost's password:
>>debug2: we sent a password packet, wait for reply
>>debug1: Authentication succeeded (password).
>>debug2: fd 5 setting O_NONBLOCK
>>debug2: fd 6 is O_NONBLOCK
>>debug1: channel 0: new [client-session]
>>debug2: channel 0: send open
>>debug1: Entering interactive session.
>>debug2: callback start
>>debug2: ssh_session2_setup: id 0
>>debug1: Sending subsystem: sftp
>>debug2: channel 0: request subsystem
>>debug2: callback done
>>debug2: channel 0: open confirm rwindow 0 rmax 32768
>>debug2: channel 0: rcvd adjust 131072
>>debug2: channel 0: rcvd eof
>>debug2: channel 0: output open -> drain
>>debug2: channel 0: obuf empty
>>debug2: channel 0: close_write
>>debug2: channel 0: output drain -> closed
>>debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
>>debug2: channel 0: rcvd close
>>debug2: channel 0: close_read
>>debug2: channel 0: input open -> closed
>>debug2: channel 0: almost dead
>>debug2: channel 0: gc: notify user
>>debug2: channel 0: gc: user detached
>>debug2: channel 0: send close
>>debug2: channel 0: is dead
>>debug2: channel 0: garbage collecting
>>debug1: channel 0: free: client-session, nchannels 1
>>debug1: fd 0 clearing O_NONBLOCK
>>debug2: fd 1 is not O_NONBLOCK
>>debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
>>debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
>>debug1: Exit status -1
>>Connection closed
>>
>>Any idea why it this could be occurring?
>>Kemi Olaofe
>>
>>________________________________________________________________________
>>This e-mail has been scanned for all viruses by Star Internet. The
>>service is powered by MessageLabs. For more information on a proactive
>>anti-virus service working around the clock, around the globe, visit:
>>http://www.star.net.uk
>>________________________________________________________________________
>
>

________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

• Previous message: Denis Heitbrock: "login with public keys"
• Maybe in reply to: Kemi Olaofe: "sftp-server on solaris8"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]