The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Problems enabling sftp within openssh
Author: Brad Cox 
Date:   09-12-02 13:41

I'm running freebsd on a box colocated with Interland on the opposite coast, so the complication here is that I can't endanger the existing ssh install while enabling openssh.

Problem is that sftp clients connect, then hang once the password is provided, without reporting anything in /var/log/messages. The complication in diagnosing this is that I'm not sure which ssh config files and executables are in play, not which daemon (sshd or openssh's equivalent) is executing. With both ssh and openssh installed, it is very confusing to know what's going on, particularly since /usr/local/etc contains a ssh sub directory with several config files/keys, while the same files appear in the parent directory (/usr/local/etc), presumably from earlier install attempts.

To simplify things, I moved ssh* and sftp* from /usr/local/etc and /usr/local/bin to backup directories and reinstalled opensh as follows:

bash-2.04# pkg_add openssh-3.5.tgz
pkg_add: command '[ -f /usr/local/etc/ssh_host_rsa_key ] && [ ! -f /usr/local/etc/ssh/ssh_host_rsa_key ] && ln /usr/local/etc/ssh_host_rsa_key /usr/local/etc/ssh/ssh_host_rsa_key' failed
pkg_add: command '[ -f /usr/local/etc/ssh_host_rsa_key.pub ] && [ ! -f /usr/local/etc/ssh/ssh_host_rsa_key.pub ] && ln /usr/local/etc/ssh_host_rsa_key.pub /usr/local/etc/ssh/ssh_host_rsa_key.pub' failed
pkg_add: command '[ ! -f /usr/local/etc/ssh/ssh_config ] && cp /usr/local/etc/ssh/ssh_config-dist /usr/local/etc/ssh/ssh_config' failed
pkg_add: command '[ ! -f /usr/local/etc/ssh/sshd_config ] && cp /usr/local/etc/ssh/sshd_config-dist /usr/local/etc/ssh/sshd_config' failed
>> Generating a secret RSA host key.
Generating public/private rsa key pair.
Your identification has been saved in /usr/local/etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /usr/local/etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
52:8a:a9:a6:b4:f4:49:8c:32:2b:5c:4e:30:1d:71:b4 root@virtualschool.edu
sshd:*:22:
sshd:*:22:22::0:0:sshd privilege separation:/usr/local/empty:/nonexistent

I've no idea what is causing the above errors, nor what to do about them. Since the indicated files do exist in /usr/local/etc/ssh, I'm assuming for now that these errors are spurious.

My current assumption is that the installation was successful, but that sftp connection attempts are failing because the old nonopen sshd is still running. I can't endanger this because I need it to connect to this machine.

Can someone provide suggestions about how to proceed?

PS: /usr/local/etc/ssh/sshd_config and /etc/ssh/sshd_config both contain
Subsystem sftp /usr/local/libexec/sftp-server

Reply To This Message
 
 Re: Problems enabling sftp within openssh
Author: Travis 
Date:   16-12-02 01:07

One trick that I've used when testing SSH configs is to run it on a different port. You can call new config files this way and turn up debugging without screwing with your current configs or connection.

If you need to mess with the primary connection the opposite works as well - bring up a couple windows on an alternate port and use them to make the changes to the main port 22 config.

Reply To This Message
 
 Re: Problems enabling sftp within openssh
Author: jared 
Date:   22-12-02 08:51

there's got to be another way to tell which daemon is answering requests. (ssh or openssh)

$ ps auwx |grep ssh
root 127 0.0 0.8 2104 1312 ?? Is Sun06PM 0:06.43 /usr/local/sbin/sshd

it is kind of confusing.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org