Hi guys
I am running LEDE 17.01.6 and I added openssh-sftp-server.
I am able to connect over SSH with PUTTY, no troubles.
Instead I am not able to connect via Filezilla, connection is aborted by Filezilla for timeout after pass auth succeeded (whatever timeout is set)
System LOG from LEDE:
Sat Dec 21 19:42:38 2019 authpriv.info dropbear[2253]: Child connection from xx.xx.xx.xx:61312
Sat Dec 21 19:42:38 2019 authpriv.notice dropbear[2253]: Password auth succeeded for 'utente' from xx.xx.xx.xx:61312
Sat Dec 21 19:43:19 2019 authpriv.info dropbear[2253]: Exit (user): Error reading: Connection reset by peer
System LOG from Filezilla:
19:42:37 Status: Disconnected from server
19:42:37 Trace: CControlSocket::DoClose(66)
19:42:37 Trace: CControlSocket::DoClose(66)
19:42:37 Trace: CControlSocket::DoClose(66)
19:42:37 Trace: CFileZillaEnginePrivate::ResetOperation(0)
19:42:37 Status: Connecting to xx.xx.xx.xx:yy
19:42:37 Trace: CControlSocket::SendNextCommand()
19:42:37 Trace: CSftpConnectOpData::Send() in state 0
19:42:37 Trace: Going to execute .....
19:42:38 Response: fzSftp started, protocol_version=8
19:42:38 Trace: CSftpConnectOpData::ParseResponse() in state 0
19:42:38 Trace: CControlSocket::SendNextCommand()
19:42:38 Trace: CSftpConnectOpData::Send() in state 3
19:42:38 Command: open "myserver.ddns"
19:42:38 Trace: Connecting to xx.xx.xx.xx:yy
19:42:38 Trace: We claim version: SSH-2.0-FileZilla_3.46.0
19:42:38 Trace: Server version: SSH-2.0-dropbear
19:42:38 Trace: Using SSH protocol version 2
19:42:38 Trace: Doing ECDH key exchange with curve Curve25519 and hash SHA-256
19:42:38 Trace: Host key fingerprint is:
19:42:38 Trace: ssh-rsa 2048 [...]
19:42:38 Trace: CSftpControlSocket::SetAsyncRequestReply
19:42:38 Command: Trust new Hostkey: Once
19:42:38 Trace: Initialised AES-256 SDCTR client->server encryption
19:42:38 Trace: Initialised HMAC-SHA-256 client->server MAC algorithm
19:42:38 Trace: Initialised AES-256 SDCTR server->client encryption
19:42:38 Trace: Initialised HMAC-SHA-256 server->client MAC algorithm
19:42:38 Command: Pass: ******
19:42:38 Trace: Sent password
19:42:38 Trace: Access granted
19:42:38 Trace: Opening session as main channel
19:42:38 Trace: Opened main channel
19:43:18 Error: Connection timed out after 40 seconds of inactivity
19:43:19 Trace: CControlSocket::DoClose(2050)
19:43:19 Trace: CControlSocket::ResetOperation(2114)
19:43:19 Trace: CSftpConnectOpData::Reset(2114) in state 3
19:43:19 Error: Could not connect to server
19:43:19 Trace: CFileZillaEnginePrivate::ResetOperation(2114)
in /etc/passwd
user:x:1001:1001:user:/home/user:/bin/ash
Anyhow FYI it worked for 1 day after that no more. It’s very strange I know.
The only thing I noted was an offline issue from my internet provider:
Is it possible that internet provider filter traffic out of sftp connection?
I have dropbear + openssh-sftp-server installed and SFTP with dropbear works fine.
SFTP functionality
While the dropbear package provides SCP functionality, it does not contain anything for SFTP. Please install openssh-sftp-server if you want to use SFTP.
Seems like something is blocking the SFTP connection.
//edit
Looking at the logs....
SFTP runs over SSH, so it should also work, because the initial connection
to dropbear (SSH) works fine.
I suspect a problem with the openssh-sftp-server.
How should I check that? looking at HTOP output I do not see any process with "SFTP" string inside and the documentations says no Note that no additional startup scripts are required
You only need to install openssh-sftp-server and it should work.
The process name is sftp-server and is linked from /usr/libexec/sftp-server to /usr/lib/sftp-server
Is there something related to dropbear/sftp-server in the system log?
You can try: ps | grep sftp-server in a terminal session.
Output: 2876 root 3408 S /usr/libexec/sftp-server
FileZilla Log:
Status: Connecting to xxx.xxx.xxx.xxx:22...
Trace: CControlSocket::SendNextCommand()
Trace: CSftpConnectOpData::Send() in state 0
Trace: Going to execute S:\Downloads\FileZilla_3.46.2_win64\FileZilla-3.46.2\fzsftp.exe
Response: fzSftp started, protocol_version=9
Trace: CSftpConnectOpData::ParseResponse() in state 0
Trace: CControlSocket::SendNextCommand()
Trace: CSftpConnectOpData::Send() in state 2
Command: keyfile "S:\someky.ppk"
Trace: CSftpConnectOpData::ParseResponse() in state 2
Trace: CControlSocket::SendNextCommand()
Trace: CSftpConnectOpData::Send() in state 3
Command: open "root@xxx.xxx.xxx.xxx" 22
Trace: Looking up host "xxx.xxx.xxx.xxx" for SSH connection
Trace: Connecting to xxx.xxx.xxx.xxx port 22
Trace: We claim version: SSH-2.0-PuTTYFileZilla_3.46.2
Trace: Remote version: SSH-2.0-dropbear
Trace: Using SSH protocol version 2
Trace: Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
Trace: Server also has ssh-rsa host key, but we don't know it
Trace: Host key fingerprint is:
Trace: ecdsa-sha2-fingerprint
Trace: Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
Trace: Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
Trace: Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
Trace: Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
Trace: Successfully loaded 1 key pair from file
Trace: Offered public key from "S:\somekey.ppk"
Trace: Offer of public key accepted, trying to authenticate using it.
Trace: Sent public key signature
Trace: Access granted
Trace: Opening main session channel
Trace: Opened main channel
Trace: Started a shell/command
Status: Connected to xxx.xxx.xxx.xxx
Trace: Remote working directory is /root
Trace: CSftpConnectOpData::ParseResponse() in state 3
Trace: CControlSocket::ResetOperation(0)
Trace: CSftpConnectOpData::Reset(0) in state 3
Trace: CFileZillaEnginePrivate::ResetOperation(0)
Status: Retrieving directory listing...
Trace: CControlSocket::SendNextCommand()
Trace: CSftpListOpData::Send() in state 0
Trace: CSftpChangeDirOpData::Send() in state 0
Trace: CSftpChangeDirOpData::Send() in state 1
Command: pwd
Response: Current directory is: "/root"
Trace: CSftpChangeDirOpData::ParseResponse() in state 1
Trace: CControlSocket::ResetOperation(0)
Trace: CSftpChangeDirOpData::Reset(0) in state 1
Trace: CSftpListOpData::SubcommandResult(0) in state 1
Trace: CControlSocket::SendNextCommand()
Trace: CSftpListOpData::Send() in state 2
Trace: CControlSocket::ResetOperation(0)
Trace: CSftpListOpData::Reset(0) in state 2
Status: Directory listing of "/root" successful
Trace: CFileZillaEnginePrivate::ResetOperation(0)
@shm0 you are right, I just tried it and it works. I was under the impression that sftp server would also need openssh server.
However there is no running process of sftp in ps. The only thing needed was to install the package and then ran the Filezilla client. @frillicca
Are you able to sftp as root?
Post here also the dropbear config: uci export dropbear
config dropbear
option PasswordAuth 'on'
option Port '22'
anyhow as it suddenly stopped working now suddenly restarted working again!
The only additional thing I did is triggering dropbear restart.
Does it make sense? I do not know.
I have been trying to restart the router several time w/o any success.
Might it be restarting dropbear from terminal "made" something different?
I fear the reason being elsewhere and sftp server will again stop suddenly working first or later
I also looked for FileZilla but I dare to say the issue is on server side because the same trouble happens even using another client. When the issue “disappear” both clients work like a charm.
System log shows what I copied in my first post, it’s just two lines.
Any hint guys to better troubleshooting the serve side?