[SOLVED] core 124 - sftp-support for SSH is missing now

Help on building IPFire & Feature Requests
Post Reply
doc
Posts: 153
Joined: June 5th, 2014, 12:33 pm
Location: Hannover

[SOLVED] core 124 - sftp-support for SSH is missing now

Post by doc » October 16th, 2018, 11:30 am

I read that some security enhancing patches were added to the SSH-server in core 124.
Problem is now to connect with Filezilla via sftp protocol. core 123 had no problem.

I saw in the sshd_config that "Subsystem sftp ..." is missing now. I readded this but sftp is still not possible.
Was this patched away? If so, how to reenable it and a note about this in the core 124 announcement would be helpful.
Last edited by doc on October 18th, 2018, 8:53 am, edited 1 time in total.
Image

jean
Posts: 19
Joined: May 28th, 2016, 9:44 am

Re: core 124 - sftp-support for SSH is missing now

Post by jean » October 18th, 2018, 7:08 am

Hi,

ich habe das gleiche Problem:
viewtopic.php?f=22&p=119650#p119650

Gibt es denn schon neue Erkenntnisse?

Viele Grüße

doc
Posts: 153
Joined: June 5th, 2014, 12:33 pm
Location: Hannover

Re: core 124 - sftp-support for SSH is missing now

Post by doc » October 18th, 2018, 8:16 am

jean wrote:
October 18th, 2018, 7:08 am
Gibt es denn schon neue Erkenntnisse?
No, not yet.
I tried different things but without any luck.
Port forwording is "broken" as well. I would have filed a bug but I think, new behavior is wanted of Peter Müller by design.

I need to transfer files to IPfire via sftp as well as I need to create tunnels to different clients over IPfire via SSH. Both is not possible after the update and setting the according options in sshd_config didn't make a change.

I hope that these options are not patched away as a side effect of increasing SSH security as stated in the release notes.
Image

doc
Posts: 153
Joined: June 5th, 2014, 12:33 pm
Location: Hannover

Re: core 124 - sftp-support for SSH is missing now

Post by doc » October 18th, 2018, 8:52 am

Strange.
Versterday I added the following line
Subsystem sftp /usr/lib/openssh/sftp-server
to sshd_config, and restarted the server several times via /etc/init.d/sshd restart
but sftp was not working.
After a reboot today, the line is still in place, it's fine!

So, Jean, add this line and do a reboot, perhabs stopping the SSH service via GUI may be fine, too.
Image

jean
Posts: 19
Joined: May 28th, 2016, 9:44 am

Re: [SOLVED] core 124 - sftp-support for SSH is missing now

Post by jean » October 18th, 2018, 4:46 pm

So, Jean, add this line and do a reboot, perhabs stopping the SSH service via GUI may be fine, too.
Jawoll! Das war's! Vielen Dank für den Hinweis, jetzt funktioniert es wieder.

Viele Grüße

Jean

Hellfire
Posts: 697
Joined: November 8th, 2015, 8:54 am

Re: [SOLVED] core 124 - sftp-support for SSH is missing now

Post by Hellfire » October 24th, 2018, 7:31 pm

Same here, before update to core 124 I could connect to IPFire using Filezilla without any issue and today I re-tried it to no avail.

The IPFire log tells me:
21:04:23 sshd[8684]: subsystem request for sftp by user root failed, subsystem not found
21:04:23 sshd[8684]: Accepted password for root from 192.168.21.1 port 58663 ssh2
21:04:17 sshd[8613]: subsystem request for sftp by user root failed, subsystem not found
21:04:17 sshd[8613]: Accepted password for root from 192.168.21.1 port 58662 ssh2
Can sbdy share some information on where I can find sshd_config and what's the best way to add this line using a SSH console? I'm not very keen on using vi, you know.
Edit: Found the file: /etc/ssh/

Btw, I guess this is a bug with core 124. Anyone already submitted a ticket?

Michael
Image

Post Reply