Visit Our UNIX and Linux User Community


Sftp does not work for particular user


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Sftp does not work for particular user
# 8  
Old 04-18-2019
Hey Rudi,

That makes sense, since SSH and SFTP both run over the same port 22, as I recall.

Good catch.
# 9  
Old 04-18-2019
Hi Rudic,

Yes, we have put password. SSH verbose log attached herewith.

Hi Neo,

We've checked and found keypair was not generated in system.

Code:
OID @vm-oid.banglalinkgsm.com:/home/infra/.ssh$pwd
/home/infra/.ssh
OID @vm-oid.banglalinkgsm.com:/home/infra/.ssh$ll -a
total 12
drwx------  2 infra dba   4096 Apr 18 09:20 .
drwx------ 18 infra users 4096 Apr 18 09:55 ..
-rw-r--r--  1 infra dba    797 Apr 18 11:13 known_hosts

Code:
OID @vm-oid.banglalinkgsm.com:/u02/infra/product/104/orcl$ssh -vvv infra@172.16.10.179
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 172.16.10.179 [172.16.10.179] port 22.
debug1: Connection established.
debug1: identity file /home/infra/.ssh/identity type -1
debug1: identity file /home/infra/.ssh/id_rsa type -1
debug1: identity file /home/infra/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 126/256
debug2: bits set: 507/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/infra/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Host '172.16.10.179' is known and matches the RSA host key.
debug1: Found key in /home/infra/.ssh/known_hosts:2
debug2: bits set: 480/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/infra/.ssh/identity ((nil))
debug2: key: /home/infra/.ssh/id_rsa ((nil))
debug2: key: /home/infra/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address 172.16.10.179.
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/infra/.ssh/identity
debug3: no such identity: /home/infra/.ssh/identity
debug1: Trying private key: /home/infra/.ssh/id_rsa
debug3: no such identity: /home/infra/.ssh/id_rsa
debug1: Trying private key: /home/infra/.ssh/id_dsa
debug3: no such identity: /home/infra/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
infra@172.16.10.179's password:
debug3: packet_send2: adding 64 (len 55 padlen 9 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 0
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 2 28
debug3: tty_make_modes: 3 127
debug3: tty_make_modes: 4 21
debug3: tty_make_modes: 5 4
debug3: tty_make_modes: 6 0
debug3: tty_make_modes: 7 0
debug3: tty_make_modes: 8 17
debug3: tty_make_modes: 9 19
debug3: tty_make_modes: 10 26
debug3: tty_make_modes: 12 18
debug3: tty_make_modes: 13 23
debug3: tty_make_modes: 14 22
debug3: tty_make_modes: 18 15
debug3: tty_make_modes: 30 0
debug3: tty_make_modes: 31 0
debug3: tty_make_modes: 32 0
debug3: tty_make_modes: 33 0
debug3: tty_make_modes: 34 0
debug3: tty_make_modes: 35 0
debug3: tty_make_modes: 36 1
debug3: tty_make_modes: 37 0
debug3: tty_make_modes: 38 1
debug3: tty_make_modes: 39 0
debug3: tty_make_modes: 40 0
debug3: tty_make_modes: 41 0
debug3: tty_make_modes: 50 1
debug3: tty_make_modes: 51 1
debug3: tty_make_modes: 52 0
debug3: tty_make_modes: 53 1
debug3: tty_make_modes: 54 1
debug3: tty_make_modes: 55 1
debug3: tty_make_modes: 56 0
debug3: tty_make_modes: 57 0
debug3: tty_make_modes: 58 0
debug3: tty_make_modes: 59 1
debug3: tty_make_modes: 60 1
debug3: tty_make_modes: 61 1
debug3: tty_make_modes: 62 0
debug3: tty_make_modes: 70 1
debug3: tty_make_modes: 71 0
debug3: tty_make_modes: 72 1
debug3: tty_make_modes: 73 0
debug3: tty_make_modes: 74 0
debug3: tty_make_modes: 75 0
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug1: Sending environment.
debug3: Ignored env HOSTNAME
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env HISTSIZE
debug3: Ignored env TMPDIR
debug3: Ignored env KDE_NO_IPV6
debug3: Ignored env QTDIR
debug3: Ignored env OLDPWD
debug3: Ignored env QTINC
debug3: Ignored env USER
debug3: Ignored env LD_LIBRARY_PATH
debug3: Ignored env LS_COLORS
debug3: Ignored env ORACLE_SID
debug3: Ignored env ORACLE_BASE
debug3: Ignored env KDEDIR
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env INPUTRC
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env KDE_IS_PRELINKED
debug3: Ignored env ORACLE_TERM
debug3: Ignored env PS1
debug3: Ignored env SSH_ASKPASS
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env TMP
debug3: Ignored env LOGNAME
debug3: Ignored env QTLIB
debug3: Ignored env CVS_RSH
debug3: Ignored env CLASSPATH
debug3: Ignored env LESSOPEN
debug3: Ignored env ORACLE_HOME
debug3: Ignored env G_BROKEN_FILENAMES
debug3: Ignored env HISTFILE
debug3: Ignored env _
debug2: channel 0: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
Last login: Thu Apr 18 11:39:16 2019 from vm-oid.banglalinkgsm.com
NO TIMEOUT For infra, Enjoy!!!
OID @vm-oid.banglalinkgsm.com:/u02/infra/product/104/orcl$

These 2 Users Gave Thanks to makauser For This Post:
# 10  
Old 04-18-2019
Quote:
Originally Posted by makauser
Hi Neo,

We've checked and found keypair was not generated in system.

,,,,
Are you planning to generate new key pairs and test them to ensure they are working properly?

Or did I misunderstand you?

Last edited by rbatte1; 04-18-2019 at 08:45 AM..
# 11  
Old 04-18-2019
Thanks for showing the ssh log. As it shows the same behaviour as the sftp login, we can be sure the error is not there. Still it's a good idea to implement the public keys. For your sftp problrm: Go along the line stomp proposed; I was going to answer the same as I had a similar problem some years ago, but just wanted to double check before posting.
# 12  
Old 04-28-2019
Hi Stomp and Rudic,

This is the output i got as per Stomp proposed. Please share us next wayaround.

Code:
OID @vm-oid.banglalinkgsm.com:/home/infra$ssh infra@172.16.10.179 /usr/bin/true
infra@172.16.10.179's password:
NO TIMEOUT For infra, Enjoy!!!
bash: /usr/bin/true: No such file or directory
OID @vm-oid.banglalinkgsm.com:/home/infra$

# 13  
Old 04-28-2019
So, what from the link posted by stomp did you try / incorporate / implement?



Quote:
If the above command produces any output, then you need to modify your shell initialization.

Last edited by RudiC; 04-28-2019 at 06:09 PM..

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Beginner : sftp doesnt work

Hello, I really appreciate any help on this. Have to connect to external server via sftp. Our server is Linux machine Linux our.server.com 3.10.0-514.26.2.el7.x86_64 #1 SMP Tue Jul 4 15:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I generated the keys, put them in /root/.ssh, sent... (3 Replies)
Discussion started by: billy5
3 Replies

2. Shell Programming and Scripting

Passwordless sftp using a different user than the runtime user

I am running a shell script as user A. In that script I need to execute a sftp that would transfer the file using another user B. I am using the below command: sftp -oPort22 B@remote server However, I am getting password prompts each time. I have done the following: Added the public... (4 Replies)
Discussion started by: mady135
4 Replies

3. Red Hat

No shell access to sftp user

I have created two users on our ftp server. They will use sftp to connect this server. But I do not want them to give direct ssh access. If I give /bin/false shell, sftp will not work. If I give /bin/nologin, it fails with below messages # sftp trdeo@bd01.xxx.com Connecting to bd01.xxx.com...... (6 Replies)
Discussion started by: solaris_1977
6 Replies

4. UNIX for Advanced & Expert Users

Sftp user chrooted in a directory

Hello, I have a task to create 3 users that must connect only via sftp on a machine, and must have only read access to a certain directory (thay shouldn;t be able to cd anywhere else) The problem is that the directory where these users must have access to, it's already created/owned by another... (0 Replies)
Discussion started by: black_fender
0 Replies

5. Shell Programming and Scripting

SFTP with domain user

Hello Guys, I need help on SFTP from Solaris to Windows. I am doing SFTP from Solaris to Windows and its working fine with COPSSH installed on windows. But when I want to login to windows (remote) with Domain user of windows network, I have no idea how to do it. Can you please help... (1 Reply)
Discussion started by: Deei
1 Replies

6. AIX

restricting sftp and ssh for a user

I want to know if there is any way to set up a users home directory access with a restricted shell and allow them to SFTP to the directory. I want to allow the user to SSH into their home directory but no where else on the AIX server. I also want the user to be able to SFTP files to their home... (1 Reply)
Discussion started by: daveisme
1 Replies

7. Shell Programming and Scripting

SFTP using user id and password

Hi, I am using below syntax - sftp -b passwordfile userid@ipaddress passwordfile is a file, in which I have just kept a password of userid. But by this, an error is coming like - Permission denied (publickey,password,keyboard-interactive). Please suggest me on this..as I dont... (6 Replies)
Discussion started by: Monalisa
6 Replies

8. UNIX for Dummies Questions & Answers

FTP or SFTP User

Hello there, is there any command in Unix to check that following ftp user is ftp or sftp user. Thanks. (1 Reply)
Discussion started by: ahhmedbilal
1 Replies

9. UNIX for Advanced & Expert Users

will sftp work with /bin/false

helo helo I have create user for the group and entry for the user in /etc/passwd file is liek this bhavin:x:2014:109:test:/home/pds_RBAC:/bin/false I have keep here /bin/false now i m accesing user through sftp ow when i access that user using sftp from the another linux pc for e.g... (1 Reply)
Discussion started by: amitpansuria
1 Replies

10. UNIX for Advanced & Expert Users

How to restrict user to sftp usage?

Hi everyone! I have a problem... I need to restrict user to sftp usage only from one computer to another... I mean that the user cannot login to the computer or even use sftp from other computer only from the one i allow. thanx for the help! (13 Replies)
Discussion started by: eliraza6
13 Replies

Featured Tech Videos