Hi Folks,
I'm trying to set up the ftp for the local galaxy instance. I got the
regular ftp working, but not the sftp. After a few hours attempts, I'm
wondering what I'm missing. Here is the related info:
1. Configure the build
install_user=bioinfoadmin install_group=bioinfoadmin ./configure
--prefix=/media/libraryfiles/proftpd --enable-openssl
--with-modules=mod_sql:mod_sql_postgres:mod_sql_passwd
--with-modules=mod_sftp:mod_tls
make
make install
2. Start the server
sudo sbin/proftpd --config /media/libraryfiles/proftpd/etc/proftpd.conf -n
-d 10
I notice that even though I start it using sudo, the real user that is
running proftpd is 'nobody'.
3. Config file snippet, I inserted the following piece to the original
config file, Add 'VirtualHost' or no doesn't change anything in result
<IfModule mod_sftp.c>
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
AuthOrder mod_auth_unix.c mod_sql.c
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
#SFTPAuthMethods publickey
SFTPAuthMethods password
# Enable compression
SFTPCompression delayed
</IfModule>
Now when I start the server, and then when I try to test the login, I got
this:
$ sftp -P 2222 localhost
packet_write_wait: Connection to 127.0.0.1 port 2222: Broken pipe
Couldn't read packet: Connection reset by peer
Accordingly, I got the following segfault in log:
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65: ROOT PRIVS at
main.c:1227
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65: RELINQUISH
PRIVS at main.c:1231
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65: no matching
vhost found for 127.0.0.1#2222, using 'ProFTPD Default Installation'
listening on wildcard address
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at main.c:1034
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): SETUP PRIVS at main.c:1039
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): session requested from client in unknown class
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): performing module session initializations
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): mod_cap/1.1: adding CAP_SETUID and CAP_SETGID
capabilities
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at mod_sftp.c:1674
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at mod_sftp.c:1677
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at keys.c:2001
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at keys.c:2008
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at keys.c:703
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at keys.c:710
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at keys.c:703
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at keys.c:710
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at keys.c:2001
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at keys.c:2008
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): mod_sql/4.3: defaulting to 'postgres' backend
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): mod_ident/1.0: ident lookup disabled
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at mod_delay.c:1756
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at mod_delay.c:1759
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ROOT PRIVS at mod_auth.c:140
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): opening scoreboard
'/media/libraryfiles/proftpd/var/proftpd.scoreboard'
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): RELINQUISH PRIVS at mod_auth.c:142
2017-03-22 00:51:14,786 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): AuthOrder in effect, resetting auth module order
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): connected - local : 127.0.0.1:2222
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): connected - remote : 127.0.0.1:58014
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): SSH2 session opened.
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): dispatching LOG_CMD command 'KEXINIT' to mod_sql
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): dispatching LOG_CMD command 'KEXINIT' to mod_log
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): dispatching LOG_CMD command 'ECDH_INIT' to mod_sql
2017-03-22 00:51:14,787 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): dispatching LOG_CMD command 'ECDH_INIT' to mod_log
2017-03-22 00:51:14,789 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ProFTPD terminating (signal 11)
2017-03-22 00:51:14,789 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): ProFTPD terminating (signal 11)
2017-03-22 00:51:14,789 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): mod_sftp/0.9.9: scrubbing 2 passphrases from memory
2017-03-22 00:51:14,789 cal-hsl-65 proftpd[56922] cal-hsl-65
(localhost[127.0.0.1]): SSH2 session closed.
Seems that it is connected in the middle...
And the /var/log/proftpd/sftp.log shows things like(many identical
snippets, I just picked one randomly):
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: sent server version
'SSH-2.0-mod_sftp/0.9.9'
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: received client version
'SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1'
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: handling connection from
SSH2 client 'OpenSSH_7.2p2 Ubuntu-4ubuntu2.1'
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session key exchange:
ecdh-sha2-nistp256
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session server hostkey:
ssh-rsa
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session client-to-server
encryption: aes128-ctr
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session server-to-client
encryption: aes128-ctr
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session client-to-server
MAC: umac-64(a)openssh.com
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session server-to-client
MAC: umac-64(a)openssh.com
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session client-to-server
compression: none
2017-03-22 01:16:06,753 mod_sftp/0.9.9[58288]: + Session server-to-client
compression: none
The version of proftpd is 1.3.5d on ubuntu 16.04.2. Not sure if anyone has
seen this before. Any input will be greatly appreciated.
Thanks,
Rui