Menu
▾
▴
proftp-user — User support list for ProFTPD
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(356) |
Nov
(380) |
Dec
(318) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(439) |
Feb
(396) |
Mar
(326) |
Apr
(364) |
May
(331) |
Jun
(300) |
Jul
(345) |
Aug
(367) |
Sep
(567) |
Oct
(690) |
Nov
(454) |
Dec
(328) |
| 2003 |
Jan
(507) |
Feb
(507) |
Mar
(556) |
Apr
(482) |
May
(529) |
Jun
(528) |
Jul
(534) |
Aug
(271) |
Sep
(333) |
Oct
(348) |
Nov
(340) |
Dec
(241) |
| 2004 |
Jan
(319) |
Feb
(331) |
Mar
(283) |
Apr
(259) |
May
(172) |
Jun
(212) |
Jul
(186) |
Aug
(264) |
Sep
(201) |
Oct
(138) |
Nov
(136) |
Dec
(107) |
| 2005 |
Jan
(130) |
Feb
(154) |
Mar
(116) |
Apr
(79) |
May
(123) |
Jun
(151) |
Jul
(65) |
Aug
(121) |
Sep
(113) |
Oct
(109) |
Nov
(134) |
Dec
(78) |
| 2006 |
Jan
(26) |
Feb
(83) |
Mar
(150) |
Apr
(83) |
May
(145) |
Jun
(80) |
Jul
(102) |
Aug
(99) |
Sep
(93) |
Oct
(26) |
Nov
(39) |
Dec
(46) |
| 2007 |
Jan
(78) |
Feb
(65) |
Mar
(77) |
Apr
(39) |
May
(63) |
Jun
(59) |
Jul
(53) |
Aug
(50) |
Sep
(93) |
Oct
(85) |
Nov
(35) |
Dec
(22) |
| 2008 |
Jan
(56) |
Feb
(26) |
Mar
(58) |
Apr
(45) |
May
(52) |
Jun
(52) |
Jul
(41) |
Aug
(34) |
Sep
(27) |
Oct
(75) |
Nov
(31) |
Dec
(69) |
| 2009 |
Jan
(54) |
Feb
(55) |
Mar
(57) |
Apr
(39) |
May
(40) |
Jun
(79) |
Jul
(49) |
Aug
(30) |
Sep
(46) |
Oct
(72) |
Nov
(89) |
Dec
(71) |
| 2010 |
Jan
(48) |
Feb
(73) |
Mar
(52) |
Apr
(28) |
May
(32) |
Jun
(48) |
Jul
(29) |
Aug
(38) |
Sep
(14) |
Oct
(32) |
Nov
(70) |
Dec
(46) |
| 2011 |
Jan
(33) |
Feb
(30) |
Mar
(79) |
Apr
(24) |
May
(29) |
Jun
(63) |
Jul
(22) |
Aug
(38) |
Sep
(27) |
Oct
(49) |
Nov
(41) |
Dec
(69) |
| 2012 |
Jan
(28) |
Feb
(21) |
Mar
(18) |
Apr
(50) |
May
(30) |
Jun
(16) |
Jul
(22) |
Aug
(15) |
Sep
(35) |
Oct
(37) |
Nov
(23) |
Dec
(19) |
| 2013 |
Jan
(40) |
Feb
(76) |
Mar
(18) |
Apr
(17) |
May
(27) |
Jun
(17) |
Jul
(67) |
Aug
(30) |
Sep
(27) |
Oct
(43) |
Nov
(13) |
Dec
(13) |
| 2014 |
Jan
(37) |
Feb
(36) |
Mar
(31) |
Apr
(3) |
May
(40) |
Jun
(20) |
Jul
(18) |
Aug
(23) |
Sep
(15) |
Oct
(28) |
Nov
(26) |
Dec
(20) |
| 2015 |
Jan
(10) |
Feb
(16) |
Mar
(8) |
Apr
(11) |
May
(6) |
Jun
(8) |
Jul
(6) |
Aug
(12) |
Sep
(4) |
Oct
(26) |
Nov
(13) |
Dec
(6) |
| 2016 |
Jan
(30) |
Feb
(19) |
Mar
(12) |
Apr
(15) |
May
(3) |
Jun
(20) |
Jul
|
Aug
(19) |
Sep
(17) |
Oct
(7) |
Nov
(15) |
Dec
(33) |
| 2017 |
Jan
(19) |
Feb
(18) |
Mar
(25) |
Apr
(25) |
May
(10) |
Jun
(2) |
Jul
(5) |
Aug
(9) |
Sep
|
Oct
(5) |
Nov
(18) |
Dec
(4) |
| 2018 |
Jan
(17) |
Feb
(14) |
Mar
(4) |
Apr
(8) |
May
(9) |
Jun
(9) |
Jul
(12) |
Aug
(26) |
Sep
(10) |
Oct
(2) |
Nov
(6) |
Dec
(2) |
| 2019 |
Jan
(4) |
Feb
(2) |
Mar
(4) |
Apr
(2) |
May
(16) |
Jun
(2) |
Jul
(5) |
Aug
(16) |
Sep
(13) |
Oct
(16) |
Nov
(7) |
Dec
(18) |
| 2020 |
Jan
(4) |
Feb
(6) |
Mar
(9) |
Apr
(21) |
May
(33) |
Jun
(15) |
Jul
(12) |
Aug
(2) |
Sep
(9) |
Oct
(2) |
Nov
(17) |
Dec
(9) |
| 2021 |
Jan
(16) |
Feb
(21) |
Mar
(8) |
Apr
(5) |
May
(4) |
Jun
(10) |
Jul
(13) |
Aug
(12) |
Sep
|
Oct
|
Nov
(5) |
Dec
(6) |
| 2022 |
Jan
(9) |
Feb
(3) |
Mar
(18) |
Apr
(7) |
May
(4) |
Jun
(5) |
Jul
(10) |
Aug
(4) |
Sep
(4) |
Oct
(2) |
Nov
(6) |
Dec
(8) |
| 2023 |
Jan
(3) |
Feb
(4) |
Mar
(24) |
Apr
(13) |
May
(1) |
Jun
|
Jul
(21) |
Aug
(1) |
Sep
(10) |
Oct
(5) |
Nov
|
Dec
(2) |
| 2024 |
Jan
(9) |
Feb
|
Mar
(1) |
Apr
|
May
(5) |
Jun
|
Jul
(1) |
Aug
(13) |
Sep
(5) |
Oct
(2) |
Nov
(9) |
Dec
(1) |
| 2025 |
Jan
(3) |
Feb
(12) |
Mar
(1) |
Apr
|
May
|
Jun
(5) |
Jul
(13) |
Aug
(8) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Lists <li...@se...> - 2025-08-21 18:52:46
|
So I’m seeing lots of idle processes in ps output for proftpd. Most are only a few minutes old. Seems a concern. Thoughts? Sent from my iPhone |
|
From: Metal S. <me...@sl...> - 2025-08-18 07:55:14
|
> I suspect that this Include -- which says to read all files in '/etc/proftpd/conf.d/' as if they each contained more ProFTPD configuration directives -- is the source of this reported behavior: > > > Starting up gives me the following errors:"fatal: unknown configuration > > directive" followed by the first line in the virtual users password file > > (/etc/proftpd/ftpd.passwd). Hi TJ, You are correct! I put the files ftpd.passwd and ftpd.group intp /etc/proftpd, restarted proftpd and the errors disappeared! Additionally, your observation about the owner's UID of /srv/ftp was spot on! I suddenly realized that the directory I wanted to use (/srv/ftp) was owned by user ftp, while proftpd was running as user proftpd! I don't know why this didn't register in my mind when I was working on this last week! My brain is tofu sometimes! Thanks very much again, TJ!! Regards, pascal chong |
|
From: Mathias M. <ma...@gm...> - 2025-08-16 15:49:23
|
FTR: I needed to add back keyboard-interactive in SFTPAuthMethods "Mathias MICHEL via Proftp-user" pro...@li... – 18 juillet 2025 00:50 > Hello, > > I'm trying to setup an SFTP server on a RedHat 9 machine where users authenticate with winbind. > > I have those settings enabled: > SFTPPAMEngine on > SFTPPAMServiceName proftpd > AuthOrder mod_auth_pam.c mod_auth_unix.c > > So local users can also connect (mostly for tests) > > My current proftp PAM file looks like: > #%PAM-1.0 > session optional pam_keyinit.so force revoke > auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed > auth required pam_shells.so > auth include password-auth > account include password-auth > session required pam_loginuid.so > session include password-auth > > Local users can connect (I guess thanks to mod_auth_unix.c) > Network users cannot. > I tried replacing password-auth with system-auth but that did not help. > > My guess is that some changes are needed in the PAM config file, but I have no clue what to change, and with which value. > > Any help welcome. > > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > > |
|
From: TJ S. <tj...@ca...> - 2025-08-16 15:41:16
|
> Corrected the config file to this: > > DefaultRoot /srv/ftp > RequireValidShell off > AuthPAM off > AuthUserFile /etc/proftpd/ftpd.passwd > AuthGroupFile /etc/proftpd/ftpd.group > >> Here, you are creating an AuthUserFile, using the `ftpassswd` utility, located at '/etc/proftpd/conf.d/ftpd.passwd'. However, above you have configured AuthUserFile to point to '/etc/proftpd/ftpd.passwd', which is a different path. Which is correct? > Good catch! I found duplicates. Now I have deleted the ftpd.passwd and > ftpd.group files inside /etc/proftpd. I will only be using the > ftpd.passwd and ftpd.group inside /etc/proftpd/conf.d Hmm. I would recommend keeping '/etc/proftpd/ftpd.passwd' and '/etc/proftpd/ftpd.group', to match your configuration: AuthUserFile /etc/proftpd/ftpd.passwd AuthGroupFile /etc/proftpd/ftpd.group and removing the copies in '/etc/proftpd/conf.d/'. Why? Because of this line, at the bottom of the default '/etc/proftpd/proftpd.conf' file installed by the "proftpd-core" package: # Include other custom configuration files # !! Please note, that this statement will read /all/ file from this subdir, # i.e. backup files created by your editor, too !!! # Eventually create file patterns like this: /etc/proftpd/conf.d/*.conf # Include /etc/proftpd/conf.d/ I suspect that this Include -- which says to read all files in '/etc/proftpd/conf.d/' as if they each contained more ProFTPD configuration directives -- is the source of this reported behavior: > Starting up gives me the following errors:"fatal: unknown configuration > directive" followed by the first line in the virtual users password file > (/etc/proftpd/ftpd.passwd). Hope this helps, TJ |
|
From: Metal S. <me...@sl...> - 2025-08-16 13:35:48
|
Thanks very much, TJ! My goodness, I made so many mistakes! I don't know what I was even thinking when I was working on this. >> 2. Modified proftpd.conf >> >> DefaultRoot /srv/ftp >> RequireValidShell off >> AuthUserFile /etc/proftpd/ftpd.passwd >> AuthGroupFile /etc/proftpd/ftpd.group<https://ftpd.group> >> AuthOrder mod_auth_file.c Corrected the config file to this: DefaultRoot /srv/ftp RequireValidShell off AuthPAM off AuthUserFile /etc/proftpd/ftpd.passwd AuthGroupFile /etc/proftpd/ftpd.group > Here, you are creating an AuthUserFile, using the `ftpassswd` utility, located at '/etc/proftpd/conf.d/ftpd.passwd'. However, above you have configured AuthUserFile to point to '/etc/proftpd/ftpd.passwd', which is a different path. Which is correct? Good catch! I found duplicates. Now I have deleted the ftpd.passwd and ftpd.group files inside /etc/proftpd. I will only be using the ftpd.passwd and ftpd.group inside /etc/proftpd/conf.d > Could you provide the contents of your '/usr/lib/systemd/system/proftpd.service' file? I ask because sometimes the systemd unit file provided by a distribution may point to a different ProFTPD config file than the one edited, and/or provide other unexpected options. My file looks like this: root@ftp-ub-1:~# cat /usr/lib/systemd/system/proftpd.service [Unit] Description=ProFTPD FTP Server Documentation=man:proftpd(8) Wants=network-online.target After=network-online.target nss-lookup.target local-fs.target remote-fs.target [Service] Type=forking Environment=OPTIONS= CONFIG_FILE=/etc/proftpd/proftpd.conf EnvironmentFile=-/etc/default/proftpd ExecStartPre=/usr/sbin/proftpd --configtest -c $CONFIG_FILE $OPTIONS ExecStart=/usr/sbin/proftpd -c $CONFIG_FILE $OPTIONS ExecReload=/bin/kill -HUP $MAINPID PIDFile=/run/proftpd.pid [Install] WantedBy=multi-user.target > > Using an Ubuntu 24.04 Docker image, it looks to be: > > # cat /usr/lib/systemd/system/proftpd.service > [Unit] > Description=ProFTPD FTP Server > Documentation=man:proftpd(8) > Wants=network-online.target > After=network-online.target nss-lookup.target local-fs.target remote-fs.target > > [Service] > Type=forking > Environment=OPTIONS= CONFIG_FILE=/etc/proftpd/proftpd.conf > EnvironmentFile=-/etc/default/proftpd > ExecStartPre=/usr/sbin/proftpd --configtest -c $CONFIG_FILE $OPTIONS > ExecStart=/usr/sbin/proftpd -c $CONFIG_FILE $OPTIONS > ExecReload=/bin/kill -HUP $MAINPID > PIDFile=/run/proftpd.pid > > [Install] > WantedBy=multi-user.target I'll try again tomorrow morning. Too tired to think tonight and I don't want to mess things up again. Thanks very much again, TJ!! |
|
From: TJ S. <tj...@ca...> - 2025-08-14 21:06:22
|
> 2. Modified proftpd.conf > > DefaultRoot /srv/ftp > RequireValidShell off > AuthUserFile /etc/proftpd/ftpd.passwd > AuthGroupFile /etc/proftpd/ftpd.group <https://ftpd.group> > AuthOrder mod_auth_file.c The AuthGroupFile directive only takes a single path; '/etc/proftpd/ftpd.group' in this case. Any additional parameters may cause config parsing errors. > 3. Create user using ftpasswd: > ftpasswd --passwd --file=/etc/proftpd/conf.d/ftpd.passwd --name=user1 > --uid=105 --gid=65534 --shell=/bin/false Here, you are creating an AuthUserFile, using the `ftpassswd` utility, located at '/etc/proftpd/conf.d/ftpd.passwd'. However, above you have configured AuthUserFile to point to '/etc/proftpd/ftpd.passwd', which is a different path. Which is correct? > 4. Start proftpd: systemctl start proftpd Could you provide the contents of your '/usr/lib/systemd/system/proftpd.service' file? I ask because sometimes the systemd unit file provided by a distribution may point to a different ProFTPD config file than the one edited, and/or provide other unexpected options. Using an Ubuntu 24.04 Docker image, it looks to be: # cat /usr/lib/systemd/system/proftpd.service [Unit] Description=ProFTPD FTP Server Documentation=man:proftpd(8) Wants=network-online.target After=network-online.target nss-lookup.target local-fs.target remote-fs.target [Service] Type=forking Environment=OPTIONS= CONFIG_FILE=/etc/proftpd/proftpd.conf EnvironmentFile=-/etc/default/proftpd ExecStartPre=/usr/sbin/proftpd --configtest -c $CONFIG_FILE $OPTIONS ExecStart=/usr/sbin/proftpd -c $CONFIG_FILE $OPTIONS ExecReload=/bin/kill -HUP $MAINPID PIDFile=/run/proftpd.pid [Install] WantedBy=multi-user.target > Starting up gives me the following errors:"fatal: unknown configuration > directive" followed by the first line in the virtual users password file > (/etc/proftpd/ftpd.passwd). This error occurs twice, but the weird thing > is I am still able to login as user1. Could you provide the exact errors you see on startup, please? > Reddit's AI says that proftpd is looking for a format in > Apache format <User>....</User> In this case, Reddit's AI is incorrect. ProFTPD does not use that Apache format; see: http://www.proftpd.org/docs/howto/AuthFiles.html > The main problem though, is that after logging in successfully, I can > download files from /srv/ftp, but I cannot upload ("Permission denied"). > The directory ownership of /srv/ftp is the same as the user running > proftpd (ftp:nogroup), but I suspect that I am missing some directive in > proftpd.conf, but I have no idea. Am I missing a step perhaps? If you are able to run ProFTPD in debugging mode (which can itself be more challenging than expected, when dealing with systemd), it should log more details about why the uploads are not working as expected: http://www.proftpd.org/docs/howto/Debugging.html Cheers, TJ |
|
From: TJ S. <tj...@ca...> - 2025-08-14 21:06:20
|
On Thu, Aug 14, 2025, at 13:48, TJ Saunders wrote: >> 2. Modified proftpd.conf >> >> DefaultRoot /srv/ftp >> RequireValidShell off >> AuthUserFile /etc/proftpd/ftpd.passwd >> AuthGroupFile /etc/proftpd/ftpd.group <https://ftpd.group> >> AuthOrder mod_auth_file.c > > The AuthGroupFile directive only takes a single path; > '/etc/proftpd/ftpd.group' in this case. Any additional parameters may > cause config parsing errors. > >> 3. Create user using ftpasswd: >> ftpasswd --passwd --file=/etc/proftpd/conf.d/ftpd.passwd --name=user1 >> --uid=105 --gid=65534 --shell=/bin/false > > Here, you are creating an AuthUserFile, using the `ftpassswd` utility, > located at '/etc/proftpd/conf.d/ftpd.passwd'. However, above you have > configured AuthUserFile to point to '/etc/proftpd/ftpd.passwd', which > is a different path. Which is correct? > >> 4. Start proftpd: systemctl start proftpd > > Could you provide the contents of your > '/usr/lib/systemd/system/proftpd.service' file? I ask because > sometimes the systemd unit file provided by a distribution may point to > a different ProFTPD config file than the one edited, and/or provide > other unexpected options. > > Using an Ubuntu 24.04 Docker image, it looks to be: > > # cat /usr/lib/systemd/system/proftpd.service > [Unit] > Description=ProFTPD FTP Server > Documentation=man:proftpd(8) > Wants=network-online.target > After=network-online.target nss-lookup.target local-fs.target remote-fs.target > > [Service] > Type=forking > Environment=OPTIONS= CONFIG_FILE=/etc/proftpd/proftpd.conf > EnvironmentFile=-/etc/default/proftpd > ExecStartPre=/usr/sbin/proftpd --configtest -c $CONFIG_FILE $OPTIONS > ExecStart=/usr/sbin/proftpd -c $CONFIG_FILE $OPTIONS > ExecReload=/bin/kill -HUP $MAINPID > PIDFile=/run/proftpd.pid > > [Install] > WantedBy=multi-user.target > >> Starting up gives me the following errors:"fatal: unknown configuration >> directive" followed by the first line in the virtual users password file >> (/etc/proftpd/ftpd.passwd). This error occurs twice, but the weird thing >> is I am still able to login as user1. > > Could you provide the exact errors you see on startup, please? > >> Reddit's AI says that proftpd is looking for a format in >> Apache format <User>....</User> > > In this case, Reddit's AI is incorrect. ProFTPD does not use that > Apache format; see: > > http://www.proftpd.org/docs/howto/AuthFiles.html > >> The main problem though, is that after logging in successfully, I can >> download files from /srv/ftp, but I cannot upload ("Permission denied"). >> The directory ownership of /srv/ftp is the same as the user running >> proftpd (ftp:nogroup), but I suspect that I am missing some directive in >> proftpd.conf, but I have no idea. Am I missing a step perhaps? > > If you are able to run ProFTPD in debugging mode (which can itself be > more challenging than expected, when dealing with systemd), it should > log more details about why the uploads are not working as expected: > > http://www.proftpd.org/docs/howto/Debugging.html Using the same Ubuntu 24.04 Docker image, I think I found another issue you may be encountering: # ls -aldn /srv/ftp/ drwxr-x--- 2 101 65534 4096 Aug 14 20:45 /srv/ftp/ This says that only the UID 101 has write permissions (thus upload permissions) to create files in this directory. In the command to create your AuthUserFile: # ftpasswd --passwd --file=/etc/proftpd/conf.d/ftpd.passwd --name=user1 --uid=105 --gid=65534 --shell=/bin/false You assigned UID 105, GID 65534 to the user that is logging in. Thus your session will use UID 105 when attempting to upload the file -- not UID 101. This might be why you see "Permission denied" errors for your uploads. Hope this helps, TJ |
|
From: Metal S. <me...@sl...> - 2025-08-14 01:59:20
|
Hi all, I haven't used ProFTPd in more than a decade, and things seem to have changed a lot, or maybe I have forgotten most of what I learned back then! Hoping that someone can help me out here! I started with a plain vanilla setup on Ubuntu, with a PAM user with a shell, and that worked well, as expected. Then I configured it for virtual user and a single FTP location, and I was getting a bunch of errors. I used several websites as reference, but some seem to be outdated. And I used Reddit's AI, and it gave me more weird advice, but it made me think that maybe some things may have changed in the past few years. Anyway, this is the main website I used as reference: https://www.mybluelinux.com/proftpd-server-with-virtual-users-and-in-sftp-mode/ (but I was not interested in the SFTP part) This is what I have: OS: Ubuntu 24.04.3 LTS proFTPd version: 1.3.8b This is what I did: 1. Install proftpd : sudo apt install proftpd-core 2. Modified proftpd.conf DefaultRoot /srv/ftp RequireValidShell off AuthUserFile /etc/proftpd/ftpd.passwd AuthGroupFile /etc/proftpd/ftpd.group <https://ftpd.group> AuthOrder mod_auth_file.c 3. Create user using ftpasswd: ftpasswd --passwd --file=/etc/proftpd/conf.d/ftpd.passwd --name=user1 --uid=105 --gid=65534 --shell=/bin/false 4. Start proftpd: systemctl start proftpd === Starting up gives me the following errors:"fatal: unknown configuration directive" followed by the first line in the virtual users password file (/etc/proftpd/ftpd.passwd). This error occurs twice, but the weird thing is I am still able to login as user1. I tried using a wrong password, and it blocked me, so proftpd is accepting the format of the users password file. Reddit's AI says that proftpd is looking for a format in Apache format <User>....</User> The main problem though, is that after logging in successfully, I can download files from /srv/ftp, but I cannot upload ("Permission denied"). The directory ownership of /srv/ftp is the same as the user running proftpd (ftp:nogroup), but I suspect that I am missing some directive in proftpd.conf, but I have no idea. Am I missing a step perhaps? Thanks in advance!! pascal chong |
|
From: Mathias M. <ma...@gm...> - 2025-07-17 22:49:44
|
Hello, I'm trying to setup an SFTP server on a RedHat 9 machine where users authenticate with winbind. I have those settings enabled: SFTPPAMEngine on SFTPPAMServiceName proftpd AuthOrder mod_auth_pam.c mod_auth_unix.c So local users can also connect (mostly for tests) My current proftp PAM file looks like: #%PAM-1.0 session optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required pam_shells.so auth include password-auth account include password-auth session required pam_loginuid.so session include password-auth Local users can connect (I guess thanks to mod_auth_unix.c) Network users cannot. I tried replacing password-auth with system-auth but that did not help. My guess is that some changes are needed in the PAM config file, but I have no clue what to change, and with which value. Any help welcome. |
|
From: Lists <li...@se...> - 2025-07-12 13:31:34
|
We customize the location of the config file as well. Sent from my iPhone > On Jul 11, 2025, at 6:32 PM, christian.audebert--- via Proftp-user <pro...@li...> wrote: > > Encountered similar problem just today. > > mod_sftp.c wasn't loaded, because It wasn't present with the install like > apt -y install proftpd proftpd-mod-mysql > > after fighting to resolve, founded that just add proftpd-mod-crypto on install resolve the problem. > So now, i use > apt -y install proftpd proftpd-mod-mysql proftpd-mod-crypto > and mod_sftp.c and mod_sftp.so are presents and usable. > > Claude.ai helped me a lot to find the solution. > > > -----Message d'origine----- > De : Matus UHLAR - fantomas <uh...@fa...> > Envoyé : vendredi 11 juillet 2025 20:13 > À : pro...@li... > Objet : Re: [Proftpd-user] Unknown configuration > >> On 11.07.25 13:52, Lists wrote: >> I was missing: >> >> LoadModule mod_sftp.c >> >> From my config. >> >> Sorry for the bother. > > No problem. > I just don't know where RH/clones do put their configs. > in debian it's /etc/proftpd/modules.conf > > it's not on mine but I often hugely modify my configs so it may be installed in original > >>>> On Jul 11, 2025, at 1:41 PM, Lists <li...@se...> wrote: >>> Odd. Proftpd -l does not list the module. Makes sense. But on my rhel8 sftp works yet proftpd does not list it either. Am I missing something? > >>>>> On 11.07.25 10:08, Lists wrote: >>>>> I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. > >>>>> On Jul 11, 2025, at 12:40 PM, Matus UHLAR - fantomas <uh...@fa...> wrote: >>>> it might not be loaded in modules.conf or other included config > > -- > Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Atheism is a non-prophet organization. > > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > > > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html |
|
From: <chr...@wa...> - 2025-07-11 22:30:37
|
Encountered similar problem just today. mod_sftp.c wasn't loaded, because It wasn't present with the install like apt -y install proftpd proftpd-mod-mysql after fighting to resolve, founded that just add proftpd-mod-crypto on install resolve the problem. So now, i use apt -y install proftpd proftpd-mod-mysql proftpd-mod-crypto and mod_sftp.c and mod_sftp.so are presents and usable. Claude.ai helped me a lot to find the solution. -----Message d'origine----- De : Matus UHLAR - fantomas <uh...@fa...> Envoyé : vendredi 11 juillet 2025 20:13 À : pro...@li... Objet : Re: [Proftpd-user] Unknown configuration On 11.07.25 13:52, Lists wrote: >I was missing: > >LoadModule mod_sftp.c > >From my config. > >Sorry for the bother. No problem. I just don't know where RH/clones do put their configs. in debian it's /etc/proftpd/modules.conf it's not on mine but I often hugely modify my configs so it may be installed in original >> On Jul 11, 2025, at 1:41 PM, Lists <li...@se...> wrote: >> Odd. Proftpd -l does not list the module. Makes sense. But on my rhel8 sftp works yet proftpd does not list it either. Am I missing something? >>>> On 11.07.25 10:08, Lists wrote: >>>> I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. >>>> On Jul 11, 2025, at 12:40 PM, Matus UHLAR - fantomas <uh...@fa...> wrote: >>> it might not be loaded in modules.conf or other included config -- Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Atheism is a non-prophet organization. _______________________________________________ ProFTPD Users List <pro...@pr...> Unsubscribe problems? http://www.proftpd.org/list-unsub.html |
|
From: Matus U. - f. <uh...@fa...> - 2025-07-11 18:13:27
|
On 11.07.25 13:52, Lists wrote: >I was missing: > >LoadModule mod_sftp.c > >From my config. > >Sorry for the bother. No problem. I just don't know where RH/clones do put their configs. in debian it's /etc/proftpd/modules.conf it's not on mine but I often hugely modify my configs so it may be installed in original >> On Jul 11, 2025, at 1:41 PM, Lists <li...@se...> wrote: >> Odd. Proftpd -l does not list the module. Makes sense. But on my rhel8 sftp works yet proftpd does not list it either. Am I missing something? >>>> On 11.07.25 10:08, Lists wrote: >>>> I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. >>>> On Jul 11, 2025, at 12:40 PM, Matus UHLAR - fantomas <uh...@fa...> wrote: >>> it might not be loaded in modules.conf or other included config -- Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Atheism is a non-prophet organization. |
|
From: Lists <li...@se...> - 2025-07-11 17:52:48
|
I was missing: LoadModule mod_sftp.c From my config. Sorry for the bother. Sent from my iPhone > On Jul 11, 2025, at 1:41 PM, Lists <li...@se...> wrote: > > Odd. Proftpd -l does not list the module. Makes sense. But on my rhel8 sftp works yet proftpd does not list it either. Am I missing something? > > > Sent from my iPhone > >>> On Jul 11, 2025, at 12:40 PM, Matus UHLAR - fantomas <uh...@fa...> wrote: >>> >>> On 11.07.25 10:08, Lists wrote: >>> I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. >> >> it might not be loaded in modules.conf or other included config >> >> -- >> Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ >> Warning: I wish NOT to receive e-mail advertising to this address. >> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. >> Spam is for losers who can't get business any other way. >> >> >> _______________________________________________ >> ProFTPD Users List <pro...@pr...> >> Unsubscribe problems? >> http://www.proftpd.org/list-unsub.html |
|
From: Lists <li...@se...> - 2025-07-11 17:42:08
|
Odd. Proftpd -l does not list the module. Makes sense. But on my rhel8 sftp works yet proftpd does not list it either. Am I missing something? Sent from my iPhone > On Jul 11, 2025, at 12:40 PM, Matus UHLAR - fantomas <uh...@fa...> wrote: > > On 11.07.25 10:08, Lists wrote: >> I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. > > it might not be loaded in modules.conf or other included config > > -- > Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Spam is for losers who can't get business any other way. > > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html |
|
From: Matus U. - f. <uh...@fa...> - 2025-07-11 16:39:22
|
On 11.07.25 10:08, Lists wrote: >I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. it might not be loaded in modules.conf or other included config -- Matus UHLAR - fantomas, uh...@fa... ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam is for losers who can't get business any other way. |
|
From: Lists <li...@se...> - 2025-07-11 15:56:41
|
I see that mod_sftp.so is installed via proftpd rpm on rhel9, but I get unknown configuration directive ‘SFTPEngine’ error when starting proftpd. Suggestions? Thanks Geoffrey Myers Sent from my iPhone |
|
From: Cosmin N. <cos...@az...> - 2025-07-07 12:28:54
|
Hi guys, I'm trying to use mod_ifsession to change the DisplayLogin banner for a particular sftp user, with IfUser condition. This is the relevant setup used : DisplayLogin /opt/proftpd-sftp/etc/DisplayLogin #Global DisplayLogin <IfModule mod_ifsession.c> <IfUser regex ^cosmin$> DisplayLogin /opt/proftpd-sftp/etc/cosminDisplayLogin #PerUser DisplayLogin </IfUser> </IfModule> I also tried matching the user like: <IfUser cosmin> But no matter how I set it up, the DisplayLogin under IfUser seems to be ignored, and only showing the DisplayLogin globally configured, even though in the debug logs I see the IfUser directive is being matched. 2025-07-07 11:30:16,284 azno-ftp-protftp-test proftpd[1557058] 172.18.34.129 (172.18.248.148[172.18.248.148]): user 'cosmin' authenticated by mod_sql.c 2025-07-07 11:30:16,284 azno-ftp-protftp-test proftpd[1557058] 172.18.34.129 (172.18.248.148[172.18.248.148]): mod_ifsession/1.3.1: merging <IfUser regex ^cosmin$> directives in So, can anyone with experience in using IfUser directive, tell me please if I'm doing something wrong in the way I'm trying to use it? Best regards, Cosmin Neagu Network Architect Phone +40.744.625.033 ________________________________ From: Cosmin Neagu via Proftp-user <pro...@li...> Sent: Wednesday, July 2, 2025 11:29 AM To: ProFTPD Users <pro...@li...>; tj...@ca... <tj...@ca...> Cc: Cosmin Neagu <cos...@az...> Subject: Re: [Proftpd-user] PROFTPD - ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) You were spot on TJ, that was actually the only difference between Test Server and Production server. On the test server, I had the DisplayLogin directive, but was pointing to a non-existent file. Once I created the login file, started to get the same error with the test instance as well. Any idea if there's another way (maybe not too complicated) to circumvent this for a particular SFTP client type? Other than removing the DisplayLogin banner? Kind of reluctant to disable the login banner in production, just for one sftp client - we have hundreds of clients. Best regards, Cosmin Neagu Network Architect Phone +40.744.625.033 ________________________________ From: TJ Saunders <tj...@ca...> Sent: Tuesday, June 24, 2025 8:34 PM To: ProFTPD Users <pro...@li...> Cc: Cosmin Neagu <cos...@az...> Subject: Re: [Proftpd-user] PROFTPD - ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) > I have proftpd version 1.3.8b installed on 2 production servers, and a > client using TurboFTP client, complains about getting this error, after > succesfull authentication: > *unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error > #77)* Packet type 95 means that that unexpected packet is SSH2_MSG_CHANNEL_EXTENDED_DATA. It's not exactly common, which is why your particular SFTP client might be be handling it like other SFTP clients. In this case, the mod_sftp module uses SSH2_MSG_CHANNEL_EXTENDED_DATA to convey the contents of your DisplayLogin file to the client. You might try commenting out that DisplayLogin directive, restarting ProFTPD, and seeing if your SFTP client works without encountering that issue. Hope this helps, TJ |
|
From: Dieter B. <pr...@bl...> - 2025-07-07 07:54:53
|
Hello Benny, thank you for your answer! On Fri, Jul 04, Benny Pedersen via Proftp-user wrote: > Dieter Bloms via Proftp-user skrev den 2025-07-04 12:54: > > > > Then use "pkill -f '^proftpd: .* IDLE$”' to kill all IDLE sessions and > > then terminate the master process. > > if this works its a bug, master process should not allow hanging process to > exists, and i belive no one would not talk to the ctrl tool what to do > > i just have expirense from dovecot and postfix, when master is stopped, > hopefully proftpd is not diffrent :) Maybe I didn't express myself clearly. I have two proftpd instances behind a load balancer. If I want to restart the container with a new OCI image, then active uploads/downloads should not be cancelled. However, active sessions in IDLE mode (users are logged in, but not doing anything) should be terminated gradually so that only the master process is still running. As proftpd no longer allows new logins (ftpshut), it has run empty and can then be started with a new OCI image. Technically it works quite well. One problem is that during the transfer of a large file, the process name of the instance repeatedly has IDLE in its name, although data is definitely being actively transferred here. As a result, I would then cancel this active transfer and have an incorrect, incomplete file. -- Regards Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field. |
|
From: Benny P. <me...@ju...> - 2025-07-04 12:46:52
|
Dieter Bloms via Proftp-user skrev den 2025-07-04 12:54: > > Then use "pkill -f '^proftpd: .* IDLE$”' to kill all IDLE sessions and > then terminate the master process. if this works its a bug, master process should not allow hanging process to exists, and i belive no one would not talk to the ctrl tool what to do i just have expirense from dovecot and postfix, when master is stopped, hopefully proftpd is not diffrent :) |
|
From: Dieter B. <pr...@bl...> - 2025-07-04 11:13:32
|
Hello, I am running proftpd 1.3.9 in a docker container. Before I roll out a new OCI image, I want to make sure that no more active transfers are taking place. IDLE connections (users are logged in, but no operations are taking place) may be terminated, because some users unfortunately do not log out. My idea is to first set proftpd to maintenance mode with ftpshut so that no new connections are accepted. Then use "pkill -f '^proftpd: .* IDLE$”' to kill all IDLE sessions and then terminate the master process. However, I have noticed that even when transferring at 100MBit/s, proftpd keeps showing IDLE for this session in the process table for a short time, even when transferring at high speed. IDLE and WRITE are displayed alternately every second. Now my question: Is it possible to set a time after which the IDLE status is displayed in the process table? Or is there another sensible way to end the IDLE sessions? -- Regards Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field. |
|
From: Cosmin N. <cos...@az...> - 2025-07-02 08:29:47
|
You were spot on TJ, that was actually the only difference between Test Server and Production server. On the test server, I had the DisplayLogin directive, but was pointing to a non-existent file. Once I created the login file, started to get the same error with the test instance as well. Any idea if there's another way (maybe not too complicated) to circumvent this for a particular SFTP client type? Other than removing the DisplayLogin banner? Kind of reluctant to disable the login banner in production, just for one sftp client - we have hundreds of clients. Best regards, Cosmin Neagu Network Architect Phone +40.744.625.033 ________________________________ From: TJ Saunders <tj...@ca...> Sent: Tuesday, June 24, 2025 8:34 PM To: ProFTPD Users <pro...@li...> Cc: Cosmin Neagu <cos...@az...> Subject: Re: [Proftpd-user] PROFTPD - ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) > I have proftpd version 1.3.8b installed on 2 production servers, and a > client using TurboFTP client, complains about getting this error, after > succesfull authentication: > *unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error > #77)* Packet type 95 means that that unexpected packet is SSH2_MSG_CHANNEL_EXTENDED_DATA. It's not exactly common, which is why your particular SFTP client might be be handling it like other SFTP clients. In this case, the mod_sftp module uses SSH2_MSG_CHANNEL_EXTENDED_DATA to convey the contents of your DisplayLogin file to the client. You might try commenting out that DisplayLogin directive, restarting ProFTPD, and seeing if your SFTP client works without encountering that issue. Hope this helps, TJ |
|
From: TJ S. <tj...@ca...> - 2025-06-24 17:51:37
|
> I have proftpd version 1.3.8b installed on 2 production servers, and a > client using TurboFTP client, complains about getting this error, after > succesfull authentication: > *unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error > #77)* Packet type 95 means that that unexpected packet is SSH2_MSG_CHANNEL_EXTENDED_DATA. It's not exactly common, which is why your particular SFTP client might be be handling it like other SFTP clients. In this case, the mod_sftp module uses SSH2_MSG_CHANNEL_EXTENDED_DATA to convey the contents of your DisplayLogin file to the client. You might try commenting out that DisplayLogin directive, restarting ProFTPD, and seeing if your SFTP client works without encountering that issue. Hope this helps, TJ |
|
From: Rob C. <rc...@gm...> - 2025-06-24 13:29:22
|
Ah sorry you will have to switch on tracing where you will see the negotiation of the client and the server in the log. That is where the client is identified and you can see things like the protocol version and so on being negotiated. I should have mentioned that my bad. Regards, Rob Coops On Tue, Jun 24, 2025 at 3:19 PM Cosmin Neagu <cos...@az...> wrote: > Hi Rob, > Thanks for the clarification. > Do you know how can I identify what version and what banner the client is > sending? Would need that to use SFTPClientMatch. Can't really catch it with > wireshark. > And maybe, what would be the default sftpProtocolVersion, cause it's not > stated in the docs. > > > Best regards, > > *Cosmin Neagu* > > Network Architect > > Phone +40.744.625.033 > ------------------------------ > *From:* Rob Coops <rc...@gm...> > *Sent:* Tuesday, June 24, 2025 3:49 PM > *To:* pro...@li... <pro...@li... > > > *Cc:* Cosmin Neagu <cos...@az...> > *Subject:* Re: [Proftpd-user] PROFTPD - ERROR:> unexp. packet type 95 in > respond to SSH_MSG_CHANNEL_REQUEST (error #77) > > Hi Cosmin, > > This looks very familiar, what is happening here is that the version of > the protocol used by the client and the server do not match. This happens > quite often when the client is slightly older. What happens is that the > client or the server but typically it is the client that does this has not > fully or correctly implemented the protocol version it claims to support. > As a result the one of the two sides will send a something over to the > other side that is unexpected and you end up with a disconnect because it > has no idea what to do with this. > > This part of the documentation: http://www.proftpd.org/docs/contrib/mod_sftp.html > [proftpd.org] > <https://urldefense.com/v3/__http://www.proftpd.org/docs/contrib/mod_sftp.html__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcyu3Ciqc$> > and specifically this part: *SFTPClientMatch* will help you do this. > Using sftpProtocolVersion to force a older version (typically 3 will work > for nearly any client I have encountered) other things that you might want > to mess with are: *channelWindowSize* and *channelPacketSize* you will > have to experiment with this a bit or try and find someone else that > figured this out for you by lookig for the client identifier and one of > these key words. > > Another option is change the client ot something that is better able to > handle the protocol version it claims to be using. If you have a sftp > server with many different clients connecting and especially clients that > you have no control over be ready to add more of these mentods to force > those clients to use an older version than the advertise especially in the > business world there are quite a few older clients around or clients that > are very recent but have not implemented the protocol correctly. > > I hope that helps, best regards, > > Rob Coops > > On Tue, Jun 24, 2025 at 2:24 PM Cosmin Neagu via Proftp-user < > pro...@li...> wrote: > > Hi Guys, > I have this peculiar error, which I'm having a hard time to troubleshoot > it. > > I have proftpd version 1.3.8b installed on 2 production servers, and a > client using TurboFTP client, complains about getting this error, after > succesfull authentication: > *unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77)* > > Getting this issue on both production server, even though I setup a test > instance, same version, copy paste the config, and there I cannot replicate > the issue, it works. > Other SFTP clients (filezila, winscp etc) do not have this error. > > Would appreciate if someone can point me in the right direction to > troubleshoot this. > > > > Below the error, and debugs, and config > > #TurboFTP logs > TurboFTP 64-bit Version 7.10 Build 1573 - WinSock 2.0 > Unregistered evaluation copy. The evaluation period will expire in 29 > days. > STATUS:> Connecting to A.B.C.D Port 22 (try #1) ... > Server version: SSH-2.0-Azets FTP > COMMAND:> Sent client version string 'SSH-2.0-TurboFTP_SSHM_2.680' > STATUS:> Crypto negotiation done, Server to client cipher:aes128-ctr, > mac:hmac-sha2-256, compression:none. > STATUS:> Crypto negotiation done, Client to server cipher:aes128-ctr, > mac:hmac-sha2-256, compression:none. > STATUS:> Key exchange done with ecdh-sha2-nistp256 and host key algo: > rsa-sha2-256 > STATUS:> Authenticating with method 'password' > STATUS:> Login successful. > ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error > #77) > STATUS:> Wait 10 seconds and try again... > > > #Proftpd config: > ubuntu@FTP-PROD3:/opt/proftpd-sftp/etc$ cat proftpd.conf > DisplayConnect /opt/proftpd-sftp/etc/DisplayConnect > DisplayQuit /opt/proftpd-sftp/etc/DisplayQuit > DisplayLogin /opt/proftpd-sftp/etc/DisplayLogin > ServerIdent on "Azets FTP" > ServerName "Azets File Transfer Server" > UseReverseDNS off > MaxInstances 1000 > MaxClients 999 "Max Clients reached!" > MaxClientsPerHost 50 "Max Clients per Host reached!" > MaxClientsPerUser 50 "Max Client per User reached!" > MaxLoginAttempts 3 > TimeoutLogin 120 > TimeoutIdle 300 > TimeoutNoTransfer 300 > TimeoutStalled 300 > ServerType standalone > DefaultServer on > UseIPv6 off > Umask 066 077 > User nobody > Group nogroup > DefaultRoot ~ > AllowOverwrite on > AuthOrder mod_sql.c > SQLAuthenticate users > SQLConnectInfo PROFTPD@dburl user pass > SQLUserInfo USERS USER PASS UID GID DIR NULL > SQLUserWhereClause "SFTP=1" > SQLAuthTypes Crypt > SQLMinID 1999 > SQLDefaultGID 2000 > SQLLog PASS updatecount > SQLNamedQuery updatecount UPDATE "COUNT=COUNT+1,LAST=now() WHERE > USER='%u'" USERS > CreateHome on > WtmpLog off > <IfModule mod_unique_id.c> > LogFormat logformat "%{%Y-%m-%d %H:%M:%S}t.%{millisecs} %{UNIQUE_ID}e %a > %{remote-port} %u \"%r\" %s %S %bbytes %Tsec %{transfer-status} > %{transfer-type} %{protocol}" > ExtendedLog /var/log/proftpd/sftp-extended.log > AUTH,INFO,DIRS,READ,WRITE,MISC,SEC,EXIT logformat > </IfModule> > <IfModule mod_sftp.c> > Port 22 > SFTPEngine on > SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.rsa.key > SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.ecdsa.key > SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys > SFTPOptions IgnoreSFTPUploadPerms IgnoreSFTPSetOwners IgnoreSFTPSetPerms > IgnoreSFTPSetTimes > </IfModule> > <Limit SITE_CHMOD> > DenyAll > </Limit> > > > > > #PROD session logs with debug level 10 > > proftpd 172.18.128.117 [172.18.128.117] > <https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: > ROOT PRIVS at main.c:1327 > proftpd 172.18.128.117 [172.18.128.117] > <https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: > RELINQUISH PRIVS at main.c:1331 > proftpd 172.18.128.117 [172.18.128.117] > <https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: > no matching vhost found for 172.18.128.117#22, using 'Azets File Transfer > Server' listening on wildcard address > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > main.c:1136 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at > main.c:1141 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): session requested > from client in unknown class > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): performing module > session initializations > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: > generating unique session ID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: > unique session ID is 'aFm4zqwSgHVaX+nEABOGqwi7' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:3644 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:3651 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:1026 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:1033 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:1026 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:1033 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:3644 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:3651 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sql/4.5: > defaulting to 'mysql' backend > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_delay.c:2111 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_delay.c:2114 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_log: opening > ExtendedLog '/var/log/proftpd/sftp-extended.log' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_log.c:1284 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_log.c:1287 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_auth.c:215 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening scoreboard > '/opt/proftpd-sftp/var/proftpd.scoreboard' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_auth.c:217 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder in > effect, resetting auth module order > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - local > : 172.18.128.117:22 [172.18.128.117] > <https://urldefense.com/v3/__http://172.18.128.117:22__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcQl-o9Vs$> > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - remote > : 90.95.233.196:40873 [90.95.233.196] > <https://urldefense.com/v3/__http://90.95.233.196:40873__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbceoM-eds$> > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session opened. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'KEXINIT' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'KEXINIT' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'ECDH_INIT' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'ECDH_INIT' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'NEWKEYS' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'NEWKEYS' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'SERVICE_REQUEST' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'SERVICE_REQUEST' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USER user1' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_auth > precatel be removed in a future version. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:1774 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:1777 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at > auth.c:403 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:405 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mkhome.c:326 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mkhome.c:371 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Config for Azets > File Transfer Server: > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Limit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DenyAll > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayConnect > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayQuit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayLogin > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ServerIdent > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClients > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerHost > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerUser > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxLoginAttempts > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutLogin > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutIdle > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutNoTransfer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutStalled > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultServer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Umask > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DirUmask > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserName > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupName > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultRoot > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AllowOverwrite > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthenticate > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLConnectInfo > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserTable > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUsernameField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLPasswordField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUidField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLGidField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLHomedirField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserWhereClause > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthTypes > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLMinID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLDefaultGID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLLog_PASS > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > SQLNamedQuery_updatecount > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): CreateHome > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): WtmpLog > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): LogFormat > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ExtendedLog > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Port > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPEngine > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > SFTPAuthorizedUserKeys > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPOptions > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:472 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening TransferLog > '/var/log/xferlog' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:513 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at > auth.c:166 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:171 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): set TZ environment > variable to 'UTC' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Preparing to chroot > to directory '/FTP/user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:1912 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:1915 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Environment > successfully chroot()ed > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:547 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at > auth.c:548 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:574 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at > auth.c:575 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): changed directory > to '/' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in > dir_check_full(): path = '/', fullpath = '/FTP/user1/' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in > dir_check_full(): setting umask to 0077 (was 0066) > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login > successful > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): user 'user1' > authenticated by mod_sql.c > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sftp > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_ls > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_auth.c:2175 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UseReverseDNS off, > returning IP address instead of DNS name > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_auth.c:727 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS: ID > switching disabled > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at > mod_auth.c:728 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS: > unable to seteuid(): Operation not permitted > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RootRevoke in > effect, dropped root privs > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_rlimit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_xfer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login > successful. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USERAUTH_REQUEST user1 password' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USERAUTH_REQUEST user1 password' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USERAUTH_REQUEST user1 password' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_OPEN session' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_OPEN session' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_REQUEST subsystem' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_REQUEST subsystem' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sftp/1.1.1: > scrubbing 2 passphrases from memory > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session closed. > > > Best regards, > > *Cosmin Neagu* > > Network Architect > > Phone +40.744.625.033 > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html [proftpd.org] > <https://urldefense.com/v3/__http://www.proftpd.org/list-unsub.html__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcgtDqle8$> > > |
|
From: Cosmin N. <cos...@az...> - 2025-06-24 13:19:39
|
Hi Rob, Thanks for the clarification. Do you know how can I identify what version and what banner the client is sending? Would need that to use SFTPClientMatch. Can't really catch it with wireshark. And maybe, what would be the default sftpProtocolVersion, cause it's not stated in the docs. Best regards, Cosmin Neagu Network Architect Phone +40.744.625.033 ________________________________ From: Rob Coops <rc...@gm...> Sent: Tuesday, June 24, 2025 3:49 PM To: pro...@li... <pro...@li...> Cc: Cosmin Neagu <cos...@az...> Subject: Re: [Proftpd-user] PROFTPD - ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) Hi Cosmin, This looks very familiar, what is happening here is that the version of the protocol used by the client and the server do not match. This happens quite often when the client is slightly older. What happens is that the client or the server but typically it is the client that does this has not fully or correctly implemented the protocol version it claims to support. As a result the one of the two sides will send a something over to the other side that is unexpected and you end up with a disconnect because it has no idea what to do with this. This part of the documentation: http://www.proftpd.org/docs/contrib/mod_sftp.html [proftpd.org]<https://urldefense.com/v3/__http://www.proftpd.org/docs/contrib/mod_sftp.html__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcyu3Ciqc$> and specifically this part: SFTPClientMatch will help you do this. Using sftpProtocolVersion to force a older version (typically 3 will work for nearly any client I have encountered) other things that you might want to mess with are: channelWindowSize and channelPacketSize you will have to experiment with this a bit or try and find someone else that figured this out for you by lookig for the client identifier and one of these key words. Another option is change the client ot something that is better able to handle the protocol version it claims to be using. If you have a sftp server with many different clients connecting and especially clients that you have no control over be ready to add more of these mentods to force those clients to use an older version than the advertise especially in the business world there are quite a few older clients around or clients that are very recent but have not implemented the protocol correctly. I hope that helps, best regards, Rob Coops On Tue, Jun 24, 2025 at 2:24 PM Cosmin Neagu via Proftp-user <pro...@li...<mailto:pro...@li...>> wrote: Hi Guys, I have this peculiar error, which I'm having a hard time to troubleshoot it. I have proftpd version 1.3.8b installed on 2 production servers, and a client using TurboFTP client, complains about getting this error, after succesfull authentication: unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) Getting this issue on both production server, even though I setup a test instance, same version, copy paste the config, and there I cannot replicate the issue, it works. Other SFTP clients (filezila, winscp etc) do not have this error. Would appreciate if someone can point me in the right direction to troubleshoot this. Below the error, and debugs, and config #TurboFTP logs TurboFTP 64-bit Version 7.10 Build 1573 - WinSock 2.0 Unregistered evaluation copy. The evaluation period will expire in 29 days. STATUS:> Connecting to A.B.C.D Port 22 (try #1) ... Server version: SSH-2.0-Azets FTP COMMAND:> Sent client version string 'SSH-2.0-TurboFTP_SSHM_2.680' STATUS:> Crypto negotiation done, Server to client cipher:aes128-ctr, mac:hmac-sha2-256, compression:none. STATUS:> Crypto negotiation done, Client to server cipher:aes128-ctr, mac:hmac-sha2-256, compression:none. STATUS:> Key exchange done with ecdh-sha2-nistp256 and host key algo: rsa-sha2-256 STATUS:> Authenticating with method 'password' STATUS:> Login successful. ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77) STATUS:> Wait 10 seconds and try again... #Proftpd config: ubuntu@FTP-PROD3:/opt/proftpd-sftp/etc$ cat proftpd.conf DisplayConnect /opt/proftpd-sftp/etc/DisplayConnect DisplayQuit /opt/proftpd-sftp/etc/DisplayQuit DisplayLogin /opt/proftpd-sftp/etc/DisplayLogin ServerIdent on "Azets FTP" ServerName "Azets File Transfer Server" UseReverseDNS off MaxInstances 1000 MaxClients 999 "Max Clients reached!" MaxClientsPerHost 50 "Max Clients per Host reached!" MaxClientsPerUser 50 "Max Client per User reached!" MaxLoginAttempts 3 TimeoutLogin 120 TimeoutIdle 300 TimeoutNoTransfer 300 TimeoutStalled 300 ServerType standalone DefaultServer on UseIPv6 off Umask 066 077 User nobody Group nogroup DefaultRoot ~ AllowOverwrite on AuthOrder mod_sql.c SQLAuthenticate users SQLConnectInfo PROFTPD@dburl user pass SQLUserInfo USERS USER PASS UID GID DIR NULL SQLUserWhereClause "SFTP=1" SQLAuthTypes Crypt SQLMinID 1999 SQLDefaultGID 2000 SQLLog PASS updatecount SQLNamedQuery updatecount UPDATE "COUNT=COUNT+1,LAST=now() WHERE USER='%u'" USERS CreateHome on WtmpLog off <IfModule mod_unique_id.c> LogFormat logformat "%{%Y-%m-%d %H:%M:%S}t.%{millisecs} %{UNIQUE_ID}e %a %{remote-port} %u \"%r\" %s %S %bbytes %Tsec %{transfer-status} %{transfer-type} %{protocol}" ExtendedLog /var/log/proftpd/sftp-extended.log AUTH,INFO,DIRS,READ,WRITE,MISC,SEC,EXIT logformat </IfModule> <IfModule mod_sftp.c> Port 22 SFTPEngine on SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.rsa.key SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.ecdsa.key SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys SFTPOptions IgnoreSFTPUploadPerms IgnoreSFTPSetOwners IgnoreSFTPSetPerms IgnoreSFTPSetTimes </IfModule> <Limit SITE_CHMOD> DenyAll </Limit> #PROD session logs with debug level 10 proftpd 172.18.128.117 [172.18.128.117]<https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: ROOT PRIVS at main.c:1327 proftpd 172.18.128.117 [172.18.128.117]<https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: RELINQUISH PRIVS at main.c:1331 proftpd 172.18.128.117 [172.18.128.117]<https://urldefense.com/v3/__http://172.18.128.117__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbc_megAu4$>: no matching vhost found for 172.18.128.117#22, using 'Azets File Transfer Server' listening on wildcard address proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at main.c:1136 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at main.c:1141 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): session requested from client in unknown class proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): performing module session initializations proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: generating unique session ID proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: unique session ID is 'aFm4zqwSgHVaX+nEABOGqwi7' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at keys.c:3644 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at keys.c:3651 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at keys.c:1026 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at keys.c:1033 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at keys.c:1026 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at keys.c:1033 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at keys.c:3644 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at keys.c:3651 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sql/4.5: defaulting to 'mysql' backend proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at mod_delay.c:2111 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at mod_delay.c:2114 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_log: opening ExtendedLog '/var/log/proftpd/sftp-extended.log' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at mod_log.c:1284 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at mod_log.c:1287 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at mod_auth.c:215 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening scoreboard '/opt/proftpd-sftp/var/proftpd.scoreboard' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at mod_auth.c:217 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder in effect, resetting auth module order proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - local : 172.18.128.117:22 [172.18.128.117]<https://urldefense.com/v3/__http://172.18.128.117:22__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcQl-o9Vs$> proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - remote : 90.95.233.196:40873 [90.95.233.196]<https://urldefense.com/v3/__http://90.95.233.196:40873__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbceoM-eds$> proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session opened. proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'KEXINIT' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'KEXINIT' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'ECDH_INIT' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'ECDH_INIT' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'NEWKEYS' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'NEWKEYS' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'SERVICE_REQUEST' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'SERVICE_REQUEST' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'USER user1' to mod_core proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'USER user1' to mod_core proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'USER user1' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'USER user1' to mod_auth proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'USER user1' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'USER user1' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'USER user1' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'USER user1' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'USER user1' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'PASS (hidden)' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth precatel be removed in a future version. proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 for user 'user1' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 for user 'user1' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at auth.c:1774 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at auth.c:1777 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at auth.c:403 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at auth.c:405 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at mkhome.c:326 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at mkhome.c:371 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Config for Azets File Transfer Server: proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Limit proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DenyAll proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayConnect proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayQuit proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayLogin proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ServerIdent proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClients proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerHost proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerUser proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxLoginAttempts proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutLogin proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutIdle proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutNoTransfer proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutStalled proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultServer proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Umask proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DirUmask proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserID proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserName proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupID proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupName proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultRoot proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AllowOverwrite proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthenticate proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLConnectInfo proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserTable proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUsernameField proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLPasswordField proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUidField proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLGidField proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLHomedirField proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserWhereClause proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthTypes proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLMinID proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLDefaultGID proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLLog_PASS proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLNamedQuery_updatecount proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): CreateHome proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): WtmpLog proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): LogFormat proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ExtendedLog proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Port proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPEngine proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPAuthorizedUserKeys proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPOptions proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at auth.c:472 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening TransferLog '/var/log/xferlog' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at auth.c:513 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at auth.c:166 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 for user 'user1' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at auth.c:171 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): set TZ environment variable to 'UTC' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Preparing to chroot to directory '/FTP/user1' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at auth.c:1912 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at auth.c:1915 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Environment successfully chroot()ed proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at auth.c:547 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at auth.c:548 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at auth.c:574 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at auth.c:575 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): changed directory to '/' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in dir_check_full(): path = '/', fullpath = '/FTP/user1/' proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in dir_check_full(): setting umask to 0077 (was 0066) proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login successful proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): user 'user1' authenticated by mod_sql.c proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_sftp proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_ls proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_auth proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at mod_auth.c:2175 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UseReverseDNS off, returning IP address instead of DNS name proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at mod_auth.c:727 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS: ID switching disabled proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at mod_auth.c:728 proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS: unable to seteuid(): Operation not permitted proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RootRevoke in effect, dropped root privs proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_rlimit proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_xfer proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'PASS (hidden)' to mod_core proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'PASS (hidden)' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'PASS (hidden)' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'PASS (hidden)' to mod_delay proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'PASS (hidden)' to mod_auth proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login successful. proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching POST_CMD command 'USERAUTH_REQUEST user1 password' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'USERAUTH_REQUEST user1 password' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'USERAUTH_REQUEST user1 password' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'CHANNEL_OPEN session' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'CHANNEL_OPEN session' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'CHANNEL_REQUEST subsystem' to mod_sql proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD command 'CHANNEL_REQUEST subsystem' to mod_log proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sftp/1.1.1: scrubbing 2 passphrases from memory proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session closed. Best regards, Cosmin Neagu Network Architect Phone +40.744.625.033 _______________________________________________ ProFTPD Users List <pro...@pr...<mailto:pro...@pr...>> Unsubscribe problems? http://www.proftpd.org/list-unsub.html [proftpd.org]<https://urldefense.com/v3/__http://www.proftpd.org/list-unsub.html__;!!KFYUDeg!kkrWP_ub1fTArad2euI0WfNqb7mTV2IzsgkN8xB_ZdFVT-HzOnrJc9uI_RSLwoaIrAHJqXbcgtDqle8$> |
|
From: Rob C. <rc...@gm...> - 2025-06-24 12:49:46
|
Hi Cosmin, This looks very familiar, what is happening here is that the version of the protocol used by the client and the server do not match. This happens quite often when the client is slightly older. What happens is that the client or the server but typically it is the client that does this has not fully or correctly implemented the protocol version it claims to support. As a result the one of the two sides will send a something over to the other side that is unexpected and you end up with a disconnect because it has no idea what to do with this. This part of the documentation: http://www.proftpd.org/docs/contrib/mod_sftp.html and specifically this part: *SFTPClientMatch* will help you do this. Using sftpProtocolVersion to force a older version (typically 3 will work for nearly any client I have encountered) other things that you might want to mess with are: *channelWindowSize* and *channelPacketSize* you will have to experiment with this a bit or try and find someone else that figured this out for you by lookig for the client identifier and one of these key words. Another option is change the client ot something that is better able to handle the protocol version it claims to be using. If you have a sftp server with many different clients connecting and especially clients that you have no control over be ready to add more of these mentods to force those clients to use an older version than the advertise especially in the business world there are quite a few older clients around or clients that are very recent but have not implemented the protocol correctly. I hope that helps, best regards, Rob Coops On Tue, Jun 24, 2025 at 2:24 PM Cosmin Neagu via Proftp-user < pro...@li...> wrote: > Hi Guys, > I have this peculiar error, which I'm having a hard time to troubleshoot > it. > > I have proftpd version 1.3.8b installed on 2 production servers, and a > client using TurboFTP client, complains about getting this error, after > succesfull authentication: > *unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error #77)* > > Getting this issue on both production server, even though I setup a test > instance, same version, copy paste the config, and there I cannot replicate > the issue, it works. > Other SFTP clients (filezila, winscp etc) do not have this error. > > Would appreciate if someone can point me in the right direction to > troubleshoot this. > > > > Below the error, and debugs, and config > > #TurboFTP logs > TurboFTP 64-bit Version 7.10 Build 1573 - WinSock 2.0 > Unregistered evaluation copy. The evaluation period will expire in 29 > days. > STATUS:> Connecting to A.B.C.D Port 22 (try #1) ... > Server version: SSH-2.0-Azets FTP > COMMAND:> Sent client version string 'SSH-2.0-TurboFTP_SSHM_2.680' > STATUS:> Crypto negotiation done, Server to client cipher:aes128-ctr, > mac:hmac-sha2-256, compression:none. > STATUS:> Crypto negotiation done, Client to server cipher:aes128-ctr, > mac:hmac-sha2-256, compression:none. > STATUS:> Key exchange done with ecdh-sha2-nistp256 and host key algo: > rsa-sha2-256 > STATUS:> Authenticating with method 'password' > STATUS:> Login successful. > ERROR:> unexp. packet type 95 in respond to SSH_MSG_CHANNEL_REQUEST (error > #77) > STATUS:> Wait 10 seconds and try again... > > > #Proftpd config: > ubuntu@FTP-PROD3:/opt/proftpd-sftp/etc$ cat proftpd.conf > DisplayConnect /opt/proftpd-sftp/etc/DisplayConnect > DisplayQuit /opt/proftpd-sftp/etc/DisplayQuit > DisplayLogin /opt/proftpd-sftp/etc/DisplayLogin > ServerIdent on "Azets FTP" > ServerName "Azets File Transfer Server" > UseReverseDNS off > MaxInstances 1000 > MaxClients 999 "Max Clients reached!" > MaxClientsPerHost 50 "Max Clients per Host reached!" > MaxClientsPerUser 50 "Max Client per User reached!" > MaxLoginAttempts 3 > TimeoutLogin 120 > TimeoutIdle 300 > TimeoutNoTransfer 300 > TimeoutStalled 300 > ServerType standalone > DefaultServer on > UseIPv6 off > Umask 066 077 > User nobody > Group nogroup > DefaultRoot ~ > AllowOverwrite on > AuthOrder mod_sql.c > SQLAuthenticate users > SQLConnectInfo PROFTPD@dburl user pass > SQLUserInfo USERS USER PASS UID GID DIR NULL > SQLUserWhereClause "SFTP=1" > SQLAuthTypes Crypt > SQLMinID 1999 > SQLDefaultGID 2000 > SQLLog PASS updatecount > SQLNamedQuery updatecount UPDATE "COUNT=COUNT+1,LAST=now() WHERE > USER='%u'" USERS > CreateHome on > WtmpLog off > <IfModule mod_unique_id.c> > LogFormat logformat "%{%Y-%m-%d %H:%M:%S}t.%{millisecs} %{UNIQUE_ID}e %a > %{remote-port} %u \"%r\" %s %S %bbytes %Tsec %{transfer-status} > %{transfer-type} %{protocol}" > ExtendedLog /var/log/proftpd/sftp-extended.log > AUTH,INFO,DIRS,READ,WRITE,MISC,SEC,EXIT logformat > </IfModule> > <IfModule mod_sftp.c> > Port 22 > SFTPEngine on > SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.rsa.key > SFTPHostKey /opt/proftpd-sftp/etc/sftp.azets.com.ecdsa.key > SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys > SFTPOptions IgnoreSFTPUploadPerms IgnoreSFTPSetOwners IgnoreSFTPSetPerms > IgnoreSFTPSetTimes > </IfModule> > <Limit SITE_CHMOD> > DenyAll > </Limit> > > > > > #PROD session logs with debug level 10 > > proftpd 172.18.128.117: ROOT PRIVS at main.c:1327 > proftpd 172.18.128.117: RELINQUISH PRIVS at main.c:1331 > proftpd 172.18.128.117: no matching vhost found for 172.18.128.117#22, > using 'Azets File Transfer Server' listening on wildcard address > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > main.c:1136 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at > main.c:1141 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): session requested > from client in unknown class > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): performing module > session initializations > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: > generating unique session ID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_unique_id/0.2: > unique session ID is 'aFm4zqwSgHVaX+nEABOGqwi7' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:3644 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:3651 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:1026 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:1033 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:1026 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:1033 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > keys.c:3644 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > keys.c:3651 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sql/4.5: > defaulting to 'mysql' backend > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_delay.c:2111 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_delay.c:2114 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_log: opening > ExtendedLog '/var/log/proftpd/sftp-extended.log' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_log.c:1284 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_log.c:1287 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_auth.c:215 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening scoreboard > '/opt/proftpd-sftp/var/proftpd.scoreboard' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_auth.c:217 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder in > effect, resetting auth module order > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - local > : 172.18.128.117:22 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): connected - remote > : 90.95.233.196:40873 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session opened. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'KEXINIT' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'KEXINIT' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'ECDH_INIT' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'ECDH_INIT' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'NEWKEYS' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'NEWKEYS' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'SERVICE_REQUEST' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'SERVICE_REQUEST' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'USER user1' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USER user1' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USER user1' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching PRE_CMD > command 'PASS (hidden)' to mod_auth > precatel be removed in a future version. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:1774 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:1777 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at > auth.c:403 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:405 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mkhome.c:326 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mkhome.c:371 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Config for Azets > File Transfer Server: > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Limit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DenyAll > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayConnect > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayQuit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DisplayLogin > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ServerIdent > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClients > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerHost > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxClientsPerUser > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): MaxLoginAttempts > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutLogin > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutIdle > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutNoTransfer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): TimeoutStalled > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultServer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Umask > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DirUmask > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UserName > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): GroupName > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): DefaultRoot > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AllowOverwrite > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): AuthOrder > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthenticate > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLConnectInfo > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserTable > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUsernameField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLPasswordField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUidField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLGidField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLHomedirField > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLUserWhereClause > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLAuthTypes > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLMinID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLDefaultGID > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SQLLog_PASS > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > SQLNamedQuery_updatecount > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): CreateHome > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): WtmpLog > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): LogFormat > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ExtendedLog > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Port > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPEngine > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPHostKey > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): > SFTPAuthorizedUserKeys > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SFTPOptions > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:472 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): opening TransferLog > '/var/log/xferlog' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:513 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER PRIVS 2003 at > auth.c:166 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): retrieved UID 2003 > for user 'user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:171 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): set TZ environment > variable to 'UTC' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Preparing to chroot > to directory '/FTP/user1' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:1912 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > auth.c:1915 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): Environment > successfully chroot()ed > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:547 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SETUP PRIVS at > auth.c:548 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > auth.c:574 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at > auth.c:575 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): changed directory > to '/' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in > dir_check_full(): path = '/', fullpath = '/FTP/user1/' > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): in > dir_check_full(): setting umask to 0077 (was 0066) > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login > successful > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): user 'user1' > authenticated by mod_sql.c > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sftp > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_ls > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RELINQUISH PRIVS at > mod_auth.c:2175 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): UseReverseDNS off, > returning IP address instead of DNS name > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS at > mod_auth.c:727 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): ROOT PRIVS: ID > switching disabled > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS at > mod_auth.c:728 > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): REVOKE PRIVS: > unable to seteuid(): Operation not permitted > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): RootRevoke in > effect, dropped root privs > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_rlimit > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_xfer > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'PASS (hidden)' to mod_core > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_delay > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'PASS (hidden)' to mod_auth > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): USER user1: Login > successful. > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching > POST_CMD command 'USERAUTH_REQUEST user1 password' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USERAUTH_REQUEST user1 password' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'USERAUTH_REQUEST user1 password' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_OPEN session' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_OPEN session' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_REQUEST subsystem' to mod_sql > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): dispatching LOG_CMD > command 'CHANNEL_REQUEST subsystem' to mod_log > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): mod_sftp/1.1.1: > scrubbing 2 passphrases from memory > proftpd 172.18.128.117 (90.95.233.196[90.95.233.196]): SSH2 session closed. > > > Best regards, > > *Cosmin Neagu* > > Network Architect > > Phone +40.744.625.033 > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > |
107 messages has been excluded from this view by a project administrator.
