Proftpd with mod_sftp don't start

napcok

Verified User
Joined
Dec 1, 2017
Messages
7
Location
Poland
Hello :)
CentOS 7.4 64bit

Following this howto -> https://help.directadmin.com/item.php?id=439

Proftp don't restart.
Code:
systemctl status proftpd -l
...proftpd[10200]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 13 of '/etc/proftpd.sftp.conf'
...proftpd[10200]: warning: unable to include '/etc/proftpd.sftp.conf': Operation not permitted
...proftpd[10200]: fatal: SFTPHostKey: unable to check '/etc/ssh/ssh_host_dsa_key': No such file or directory on line 90 of '/etc/proftpd.conf'
Code:
ls -l /etc/ssh/ssh_host_*
-rw-r----- 1 root ssh_keys  227 Nov 24 00:49 /etc/ssh/ssh_host_ecdsa_key
-rw-r--r-- 1 root root      162 Nov 24 00:49 /etc/ssh/ssh_host_ecdsa_key.pub
-rw-r----- 1 root ssh_keys  387 Nov 24 00:49 /etc/ssh/ssh_host_ed25519_key
-rw-r--r-- 1 root root       82 Nov 24 00:49 /etc/ssh/ssh_host_ed25519_key.pub
-rw-r----- 1 root ssh_keys 1675 Nov 24 00:49 /etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root      382 Nov 24 00:49 /etc/ssh/ssh_host_rsa_key.pub
How to fix that?
 
  • Like
Reactions: Kal

ikkeben

Verified User
Joined
May 22, 2014
Messages
799
Location
Netherlands Germany
Last edited:

Kal

Verified User
Joined
Nov 18, 2019
Messages
72
Location
Australia
I had the same issues, with an additional twist… OpenSSH keys don't work with mod_sftp (see: https://github.com/proftpd/proftpd/issues/793), which means I had to recreate both keys in older PEM format like this:
Code:
ssh-keygen -m PEM -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
ssh-keygen -m PEM -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa -b 2048
It would be great if DirectAdmin made it easier to switch to ProFTPD with mod_sftp. I imagine it's a fairly common requirement.
 
Top