IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,088
- I moved SSH to port 44 and opened it in the firewall
- I followed the instructions here: How to install mod_sftp into ProFTPD and changed the port to 22
- In the firewall plugin I can see ssh on 44 on sshd and proftpd on 21 and 22.
Using FileZilla:
- I can log in ftp - and the localhost telnet test works fine
- I can log in ftps explicit - and the localhost telnet test works fine
- I cannot log sftp SFTP - and the localhost telnet test does NOT work and returns this:
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
- I turned the firewall off and it made no difference.
Update:
- With ftps working, we know ProFTPd has no problem finding keys and authenticating users for ftps on port 21.
- /var/log/proftpd/sftp.log shows:
2021-11-06 17:12:31,257 mod_sftp/1.0.1[55154]: no available host keys, unable to handle session
- The fact that it posted the error from a connection attempt on port 22 proves that ProFTPd is reading the /etc/proftpd.sftp.conf where port 22 is specified rather than the original port 23.
- /etc/proftpd.sftp.conf shows:
SFTPHostKey /etc/ssh/ssh_host_rsa_key (/etc/ssh/ssh_host_rsa_key exists in that location)
SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys (no authorized_keys file exists anywhere on disk)
Error Message from FileZilla
Status: Connecting to xxx.xxx.xxx.xx
Response: fzSftp started, protocol_version=11
Command: open "[email protected]@xxx.xxx.xxx.xx" 22
Error: Could not connect to server
Error Message from WinSCP
The server rejected SFTP connection, but it listens for FTP connections.
Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
What am I missing?
- I followed the instructions here: How to install mod_sftp into ProFTPD and changed the port to 22
- In the firewall plugin I can see ssh on 44 on sshd and proftpd on 21 and 22.
Using FileZilla:
- I can log in ftp - and the localhost telnet test works fine
- I can log in ftps explicit - and the localhost telnet test works fine
- I cannot log sftp SFTP - and the localhost telnet test does NOT work and returns this:
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
- I turned the firewall off and it made no difference.
Update:
- With ftps working, we know ProFTPd has no problem finding keys and authenticating users for ftps on port 21.
- /var/log/proftpd/sftp.log shows:
2021-11-06 17:12:31,257 mod_sftp/1.0.1[55154]: no available host keys, unable to handle session
- The fact that it posted the error from a connection attempt on port 22 proves that ProFTPd is reading the /etc/proftpd.sftp.conf where port 22 is specified rather than the original port 23.
- /etc/proftpd.sftp.conf shows:
SFTPHostKey /etc/ssh/ssh_host_rsa_key (/etc/ssh/ssh_host_rsa_key exists in that location)
SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys (no authorized_keys file exists anywhere on disk)
Error Message from FileZilla
Status: Connecting to xxx.xxx.xxx.xx
Response: fzSftp started, protocol_version=11
Command: open "[email protected]@xxx.xxx.xxx.xx" 22
Error: Could not connect to server
Error Message from WinSCP
The server rejected SFTP connection, but it listens for FTP connections.
Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
What am I missing?
Last edited:
