You are not logged in. Please login or register.
MySecureShell forum → Posts by Ideaxis
Pages 1
Hi,
But it isn't possible to keep SSH default on port 22 and SFTP on another one?
Our servers is configured to have SSH (22) access on the internal NIC, but it is blocked for the external NIC. Though there's need for SFTP access on the external NIC without having SSH access fully open.
Is it possible to run the SFTP Server on another port different from the SSH port 22?
Kind regards,
J.
Hello,
I've found the solution for my problem. The problem was that FTP clients use multiple connections and the 'LimitConnectionByUser' was set to 1. Changed this value to a higher one solved my problem.
Kind regards,
Jurgen
Hello deimos,
Thx for your help so far. Can you give me the link where I can download the source files of version 1.1rc5.
I'm looking at http://66.102.9.104/translate_c?hl=fr&a … LqyR6gtndA but it isn't there.
Kind regards,
Jurgen
This may be a stupid question but I'm a newbie to this.
I installed MySecureShell with apt-get on Debian. How do I install this latest version? Can I do this with apt-get upgrade?
I just was to happy apparently. In WinSCP it appears to work, except edit files doesn't work. But when I try the same with FileZilla I still have the same problem.
Apparently now it works. It must say that in meantime I've reïnstalled my entire computer and installed all latest software.
Thanks for you help.
Please try this command:
MySecureShell --configtest
Below the output of the configtest
--- root ---
GlobalDownload = 0 bytes/s
GlobalUpload = 0 bytes/s
Download = 5120 bytes/s
Upload = 5120 bytes/s
StayAtHome = true
VirtualChroot = true
LimitConnection = 10
LimitConnectionByUser = 1
LimitConnectionByIP = 2
Home = /home/root
Shell = (null)
ResolveIP = true
IdleTimeOut = 300
IgnoreHidden = false
DirFakeUser = false
DirFakeGroup = false
DirFakeMode = {default}
HideFiles = {nothing}
HideNoAccess = true
ByPassGlobalDownload = false
ByPassGlobalUpload = false
MaxOpenFilesForUser = 0
MaxReadFilesForUser = 0
MaxWriteFilesForUser = 0
ShowLinksAsLinks = false
PathDenyFilter = (null)
SftpProtocol = {default}
LogFile = {default}
ConnectionMaxLife = 0s
DisableAccount = false
IsAdmin = false
IsSimpleAdmin = false
Charset = ISO-8859-15
GMTTime = {nothing}
CanRemoveDir = false
CanRemoveFile = false
ExpireDate = {nothing}
MinimumRights = 0000 0000
DefaultRights = 0640 0750
Config is valid.
Thanks for your help
Kind regards,
Jurgen
hi,
You can find here the forced protocol version for MySecureShell server :
http://translate.google.com/translate?u … &tl=enBut you needn't to force it. In WinSCP you can set this value to 5 and try like that.
Could we take a look at your configuration ? Thanks
Thanks
I already set the SFTP version to 5 in WinSCP.
Below the configuration, it's just the default config I suppose, didn't make any changes:
## MySecureShell Configuration File ##
#Default rules for everybody
<Default>
GlobalDownload 0 #total speed download for all clients
# o -> bytes k -> kilo bytes m -> mega bytes
GlobalUpload 0 #total speed download for all clients (0 for unlimited)
Download 5k #limit speed download for each connection
Upload 5k #unlimit speed upload for each connection
StayAtHome true #limit client to his home
VirtualChroot true #fake a chroot to the home account
LimitConnection 10 #max connection for the server sftp
LimitConnectionByUser 1 #max connection for the account
LimitConnectionByIP 2 #max connection by ip for the account
Home /home/$USER #overrite home of the user but if you want you can use
# environment variable (ie: Home /home/$USER)
IdleTimeOut 300 #(in second) deconnect client is idle too long time
ResolveIP true #resolve ip to dns
# IgnoreHidden true #treat all hidden files as if they don't exist
# DirFakeUser true #Hide real file/directory owner (just change displayed permissions)
# DirFakeGroup true #Hide real file/directory group (just change displayed permissions)
# DirFakeMode 0400 #Hide real file/directory rights (just change displayed permissions)
#Add execution right for directory if read right is set
# HideFiles "^(lost\+found|public_html)$" #Hide file/directory which match
#this extented POSIX regex
HideNoAccess true #Hide file/directory which user has no access
# MaxOpenFilesForUser 20 #limit user to open x files on same time
# MaxWriteFilesForUser 10 #limit user to x upload on same time
# MaxReadFilesForUser 10 #limit user to x download on same time
DefaultRights 0640 0750 #Set default rights for new file and new directory
# MinimumRights 0400 0700 #Set minimum rights for files and dirs
# PathDenyFilter "^\." #deny upload of directory/file which match this extented POSIX regex
ShowLinksAsLinks false #show links as their destinations
# ConnectionMaxLife 1d #limits connection lifetime to 1 day
Charset "ISO-8859-15" #set charset of computer
# GMTTime +1 #set GMT Time (change if necessary)
</Default>
#Rules only for group ftp
#<Group ftp>
# Download 25 k/s
# LogFile /var/log/sftp-server_ftp.log #Change logfile
# ExpireDate "2007-02-28 18:31:01"
#</Group>
#<Group sftp_administrator>
# IsAdmin true #can admin the server
# VirtualChroot false #you must disable chroot to have a full support of admin
# StayAtHome true
# IdleTimeOut 0
#</Group>
#<Group old_client>
# SftpProtocol 3 #force protocol SFTP
# DisableAccount true #disable account
#</Group>
#Rules only for group ftpnolimit
#<Group ftpnolimit>
# Download 0 #0 = unlimited
# IdleTimeOut 0 #no timeout
# DirFakeUser false #show real user on file/directory
# DirFakeGroup false #show real group on file/directory
# DirFakeMode 0 #show real rights on file/directory
# HideFiles "" #show all files
# MaxReadFilesForUser 0 #0 = unlimited but still have the restriction MaxOpenFilesForUser
#</Group>
#<IpRange 192.168.0.1-192.168.0.5>
# ByPassGlobalDownload true #bypass GlobalDownload restriction
# ByPassGlobalUpload true #bypass GlobalUpload restriction
# Download 0
# DisableAccount false #enable account
# IdleTimeOut 0 #disable timeout
# LimitConnectionByIP 0 #no limit
#</IpRange>
#<Group trusted_users>
# Shell /bin/tcsh #give a shell access to TRUSTED clients !!!
#</Group>
#<VirtualHost *:22>
# DirFakeUser false #show real user on file/directory
# DirFakeGroup false #show real group on file/directory
# DirFakeMode 0 #show real rights on file/directory
# HideNoAccess false
# IgnoreHidden false
#</VirtualHost>
#Include /etc/my_sftp_config_file #include this valid configuration file
I use MySecureShell version 1, openssl version 0.9.8c-4etch3 and ssh version 4.3p2-9etch3. OS Debian Etch.
Where can I find the SFTP version?
Thanks for your help.
Kind regards,
Jurgen
Hello,
I've got the following problem.
I can connect to the SFTP server correctly using WinSCP. Besides that I'm in a chroot jail as wanted and I can create directories and move files. So far it's working correctly, but when I try to download or upload some files I get the following error.
"Cannot initialize SFTP protocol. Is the host running a SFTP server?"
sftp-server.log:
2008-09-23 15:04:29 [27772]New client [test] from [netid.ideaxis.local]
2008-09-23 15:04:55 [27772][test][netid.ideaxis.local]Quit.
auth.log:
Sep 23 16:20:14 playground sshd[15905]: Accepted password for test from 192.168.0.77 port 1701 ssh2
Sep 23 16:20:14 playground sshd[15907]: (pam_unix) session opened for user test by (uid=0)
Sep 23 16:20:14 playground sshd[15907]: subsystem request for sftp
Sep 23 16:20:14 playground sshd[15907]: (pam_unix) session closed for user test
Sep 23 16:20:16 playground sshd[15706]: (pam_unix) session closed for user test
Homedir rights:
/home
drwxr-xr-x 3 test test 4096 Sep 23 11:00 test
Any ideas?
Kind regards,
Jurgen
Pages 1
MySecureShell forum → Posts by Ideaxis
Powered by PunBB, supported by Informer Technologies, Inc.
