Tag Archives: ssh

SFTP allow user to login via SFTP

If we are just allowing both on AllowUsers in file /etc/ssh/sshd_config, new users won’t be allowed to access the server.

So!, lets edit it a add the new user. Find AllowUser line and add it there.

sudo nano /etc/ssh/sshd_config

This should look something like

#PermitRootLogin without-password
PermitRootLogin no
StrictModes yes
AllowUsers bofh newuser

Save and Exit!
Restart SSH

service ssh restart

Now the user!

addgroup --system filetransf

usermod -G filetransf username
chown root:root /home/username
chmod 755 /home/username

cd /home/username
chown username:filetransf *

 

Hooray!

 

fatal: no matching mac found

One of my clients was trying to connect, for the first time, on his brand new server..
Somehow he wasn’t able to connect….

He showed me the following *log/report*…

Status:    Waiting to retry...
Status:    Connecting to 37.XX.XX.XX...
Response:  fzSftp started
Command:   open "[email protected]" 22
Error:     Server unexpectedly closed network connection
Error:     Could not connect to server

and this is the auth.log on the server…

fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$

Solution?
Update the SFTP client – in this case filezilla -.

Readings?
https://forum.filezilla-project.org/viewtopic.php?t=31738
https://en.wikibooks.org/wiki/OpenSSH/Logging

Host key verification failed.

RSA host key for 188.166.XXX.XXX has changed and you have requested strict checking.
Host key verification failed.

So, I’v rebuild a droplet on DigitalOcean, and logically, when I tried to ssh it, SSH Keys were different…. Easy so solve it…

On a Mac OSX, on console, lets change to root

sudo bash

Lets edit known_hosts

nano /Users/YOUR_USERNAME/.ssh/known_hosts

Remove the entry of the respective host/ip.
Save and exit nano, exit root.. and ssh it! 🙂

SFTP/SSH Write failed: Broken pipe

I was trying to access via SFTP and SSH to a host, and I was getting some strange errors…
yesterday it was okay….

ssh [email protected]
[email protected]'s password:
Write failed: Broken pipe

I’v sshed with other user and changed to a root user.
Had to read the auth.log file to figure out what was going on.

root@sd-11111:/home/mike# tail -f /var/log/auth.log

So… this is what I got.

May 28 13:45:31 sd-11111 sshd[1676]: Accepted password for mike from 84.91.4.220 port 59004 ssh2
May 28 13:45:31 sd-11111 sshd[1676]: pam_unix(sshd:session): session opened for user mike by (uid=0)
May 28 13:45:31 sd-11111 systemd-logind[447]: Removed session 4.
May 28 13:45:31 sd-11111 systemd-logind[447]: New session 5 of user mike.
May 28 13:45:32 sd-11111 sshd[1694]: fatal: bad ownership or modes for chroot directory "/home/mike"
May 28 13:45:32 sd-11111 sshd[1676]: pam_unix(sshd:session): session closed for user mike

The solution was to do the following…

root@sd-11111:/home# sudo chown root:root /home/mike/
root@sd-11111:/home# sudo chmod 755 /home/mike/