03-26-2008
SCP / SFTP successful but locks out target account
Hi,
We have an interesting problem with F-Secure SSH (v 3.1.0) running on HP-UX. It seems that when scp or sftp commands are issued they are successful but it counts as a 'strike' against the target user locking the account out after 3 attempts.
When the user is re-enabled in SAM - it reports that the user was locked for too any unsuccessful login attempts. This is strange as the password is being accepted and the scp/sftp command successful.
An error is written to the syslog - "ssh-pam-client returned packet SSH_PAM_OP_ERROR. (err_num: 32, err_msg
![Smilie Smilie](https://www.unix.com/images/smilies/smile.gif)
General Comercial Security error"
Is this a "feature" of my now outdated SSH client? The problem is not present after SSH keys are set-up. Also it is only apparent in SCP & SFTP but not in straightforward SSH or FTP.
Has anyone seen this before?
Cheers.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
My transmit rates are waaay faster using scp over sftp....anyone know why scp is faster than sftp? I am using solaris 8 for my unix systems.
-S (2 Replies)
Discussion started by: Sowser
2 Replies
2. Shell Programming and Scripting
Hi,
I have to do SFTP from Linux machine to Salaries SFTP folder.
Using psftp I got the following fingur print and I know using scp I can go the sftp transfer. But I believe I need public key file generated. Can some one pls let me know how to generate the public file using following finger... (1 Reply)
Discussion started by: iamakshay
1 Replies
3. AIX
hi,
i have a weird problem
i have to copy the file with caret(^) in it. but when i tries to copy with
scp. It(scp) says that it cant use ^file_name
scp mohit^narang user@machine/mohit^narang
the error comes in the second parameter.if i used user@machine/mohit_narang(under score) instead... (2 Replies)
Discussion started by: narang.mohit
2 Replies
4. Solaris
Hi,
I am doing sftp from remote server1 to remote server2. This is done through a script.
This script was working fine. But if i am tranfer files of 120 MB only some part of the file gets transferred (around 9 MB).
Incase i put the same file manually it gets uploaded successfully.
Can... (1 Reply)
Discussion started by: subiksha
1 Replies
5. Shell Programming and Scripting
All,
I am using a for loop to SCP a bunch of files in a directory. I am having it then drop a .ready file name. Is there a way to check for the success of all iterations and then email upon fail or success?
Example of part of my script:
for file in $ORIGLOC/*
do
] &&... (2 Replies)
Discussion started by: markdjones82
2 Replies
6. Shell Programming and Scripting
Hi All,
I have to make an automated script that needs to do SFTP or SCP from my Unix server to another Unix server.
I have gone through search of this website for sftp and scp.
I really get confused when it talk about ssh key or rsh key and sftp -b thing
I would really appreciate if... (4 Replies)
Discussion started by: pinnacle
4 Replies
7. Shell Programming and Scripting
Hi,
I was provided with sftp servername, user and password and the requirement is to connect to sftp server using credentials provided and drop the file.
Manually i am able to connect with commands like
sftp user@servername
and after clicking enter, i was asked for a password and entering... (4 Replies)
Discussion started by: forums123456
4 Replies
8. Shell Programming and Scripting
First off, I know this is sort of a rehash of similar questions that have been asked in other closed threads, but I haven't been able to figure out how to apply the answers provided in those threads to my scenario and make it work.
I am working on a script in KSH on AIX 5.1 that will do a bulk... (1 Reply)
Discussion started by: derndingle
1 Replies
9. Shell Programming and Scripting
hi,
how can i check whether the sftp connectivity is successful or not??
i am using expect script to connect to sftp..
sftp_script
spawn /usr/bin/sftp abc@ftp.xyz.com
expect "abc@ftp.xyz.com's password:"
send "password\r"
expect "sftp>"
send "mput *.txt\r"
expect "sftp>"
send "bye\r"... (8 Replies)
Discussion started by: Little
8 Replies
10. Shell Programming and Scripting
Hi All,
We are working on linux with putty terminal for file transferring using SFTP server...
here we want to know /We have Urgent Requirement
If SFTP connection is successfull then we should get .txt log file in target locaton as "Success/Failure"
Please provide batch script for above... (7 Replies)
Discussion started by: sravanreddy
7 Replies
LEARN ABOUT LINUX
sftp-server
SFTP-SERVER(8) BSD System Manager's Manual SFTP-SERVER(8)
NAME
sftp-server -- SFTP server subsystem
SYNOPSIS
sftp-server [-ehR] [-f log_facility] [-l log_level] [-u umask]
DESCRIPTION
sftp-server is a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin. sftp-server is not
intended to be called directly, but from sshd(8) using the Subsystem option.
Command-line flags to sftp-server should be specified in the Subsystem declaration. See sshd_config(5) for more information.
Valid options are:
-e Causes sftp-server to print logging information to stderr instead of syslog for debugging.
-f log_facility
Specifies the facility code that is used when logging messages from sftp-server. The possible values are: DAEMON, USER, AUTH,
LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
-h Displays sftp-server usage information.
-l log_level
Specifies which messages will be logged by sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1,
DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that sftp-server performs on behalf of the client. DEBUG and DEBUG1 are
equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
-R Places this instance of sftp-server into a read-only mode. Attempts to open files for writing, as well as other operations that
change the state of the filesystem, will be denied.
-u umask
Sets an explicit umask(2) to be applied to newly-created files and directories, instead of the user's default mask.
For logging to work, sftp-server must be able to access /dev/log. Use of sftp-server in a chroot configuration therefore requires that
syslogd(8) establish a logging socket inside the chroot directory.
SEE ALSO
sftp(1), ssh(1), sshd_config(5), sshd(8)
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material.
HISTORY
sftp-server first appeared in OpenBSD 2.8.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
January 9, 2010 BSD