I spoke too fast…
made a reboot and
Status: Connecting to oo.nn.zz.xxx…
Response: fzSftp started, protocol_version=4
Command: open “invite@oo.nn.zz.xxx” 22
Command: Pass: ********
Error: Server unexpectedly closed network connection
Error: Could not connect to server
Status: Waiting to retry…
still works with the osmc account
What the hell’s going on?
Olivier
okey have you uninstalled and reinstalled sshd, then you editing in sshd_config might have been undone.
Redo this then.
sudo nano /etc/ssh/sshd_config
This is VITAL else you sshd will stop working and no ssh login
Locate and comment out the following line,:
Subsystem sftp /usr/lib/openssh/sftp-server
then ad the following lines at the end of the file:
Subsystem sftp internal-sftp
Match user kids
ChrootDirectory %h
ForceCommand internal-sftp
yes, this is what I’ve done and it worked fine till…I decided to reboot my Raspberry pi2…
/etc/ssh/sshd_config content is still Ok
here is the debug info from Filezilla
Status: Connecting to <>…
Trace: Going to execute C:\Program Files\FileZilla FTP Client\fzsftp.exe
Response: fzSftp started, protocol_version=4
Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started, protocol_version=4)
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: open “external@<>” 22
Trace: Looking up host “<>”
Trace: Connecting to <> port 22
Trace: We claim version: SSH-2.0-PuTTY_Local:_Oct_16_2015_12:02:11
Trace: Server version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u1
Trace: Using SSH protocol version 2
Trace: Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Trace: Host key fingerprint is:
Trace: ssh-ed2551n 256 c5:a2:1c:35:bn:b6:d9:ea:ea:n6:f1:a5:dd:d4:20:b2
Trace: Initialised AES-256 SDCTR client->server encryption
Trace: Initialised HMAC-SHA-256 client->server MAC algorithm
Trace: Initialised AES-256 SDCTR server->client encryption
Trace: Initialised HMAC-SHA-256 server->client MAC algorithm
Command: Pass: ********
Trace: Sent password
Trace: Access granted
Trace: Opening session as main channel
Trace: Network error: Software caused connection abort
which ‘software caused…’ do you think is reason for my trouble ?
Thanks,
Olivier
it authentictes correctly, try to comment out the chroot variable in sshd_config.
sudo systemctl stop sshd
sudo systemctl start sshd
if it works then it’s a filerights problem
okey step by step,
/media/ directory should be: drwxr-xr-x root:root media
/media/Tera II/ directory should be: drwxr-xr-x root:root Tera II
/media/Tera II/FTP/ directory should be: drwxr-xr-x root:root FTP
This makes FTP folder not writeable from sftp/ftp so you got to make a upload folder and give the rights to the user to upload in it, as I said before.
looks like both Tera II and FTP folder is 777 (drwxrwxrwx)
sudo chomd 755 “/media/Tera II”
sudo chmod 755 “media/Tera II/FTP”
That should fix file rights Uncomment Chroot vaiable in sshd_config again, run systemctl stop/start sshd.
Ok I found the issue …
when rebooting, rights are put back to 777 by (??)
this means I might need to change this manually after each reboot, unless finding a solution to fix it
Anyway as a workaround I wrote a script
Thanks,
Olivier
Might be the how the usb-drive is mounted, since it’s an automount it’s abit over my head. I made a manual mount of the my usb-drive in fstab, since it’s allways hooked up to the Pi, and I got no problem with rebooting.
in /etc/fstab
LABEL=disken /mnt/disc1 ext3 defaults 0 0
That didn’t work, put back to 777 anyway
so…
I’ve added the sudo chmod 755 /media… in /etc/rc.local and that’s it
now I can reboot as often as I want…or it’s done
Olivier
ok, as long as it’s resolved. I’m still strugglling with the mount bind automated, to get a folder into the jailed users home folder.
solved it with a line in /etc/rc.local
sudo mount --bind /mnt/disc1/download /mnt/disc1/kids/download
that makes it posible for kids to view the folder outside their jailed enviroment, but I control which folders to let them have access to.