I am trying to connect to our remote server using winSCP. It was working before. But from today I am not able to connect to the server using SFTP. If I changed the protocol to SCP, then I am able to connect. Also I am able to connect using putty.
Following is the winSCP log. (removed host details)
. 2011-11-07 20:18:54.593 Using SFTP protocol.
. 2011-11-07 20:18:54.593 Doing startup conversation with host.
> 2011-11-07 20:18:54.593 Type: SSH_FXP_INIT, Size: 5, Number: -1
. 2011-11-07 20:18:54.593 Server sent command exit status 127
. 2011-11-07 20:18:54.593 Disconnected: All channels closed
* 2011-11-07 20:18:54.624 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 127.
* 2011-11-07 20:18:54.624 Cannot initialize SFTP protocol. Is the host running a SFTP server?
. 2011-11-07 20:31:40.036 Looking up host <<host name>>
. 2011-11-07 20:31:40.052 Connecting to <<ip>> port 22
. 2011-11-07 20:31:40.630 Server version: SSH-2.0-OpenSSH_5.8
. 2011-11-07 20:31:40.630 We claim version: SSH-2.0-WinSCP_release_4.1.6
. 2011-11-07 20:31:40.630 SSPI: acquired credentials for: <<username>>
. 2011-11-07 20:31:40.630 Constructed service principal name 'host/<<hostname>>'
. 2011-11-07 20:31:40.802 GSSKEX disabled: The specified target is unknown or unreachable
. 2011-11-07 20:31:40.802 Using SSH protocol version 2
. 2011-11-07 20:31:40.927 Doing Diffie-Hellman group exchange
. 2011-11-07 20:31:41.224 Doing Diffie-Hellman key exchange with hash SHA-1
. 2011-11-07 20:31:41.787 Host key fingerprint is:
. 2011-11-07 20:31:41.787 ssh-rsa 2048 b9:2a:b8:56:a0:72:ff:10:11:d2:3e:55:95:5f:54:e2
. 2011-11-07 20:31:41.787 Initialised AES-256 SDCTR client->server encryption
. 2011-11-07 20:31:41.787 Initialised HMAC-SHA1 client->server MAC algorithm
. 2011-11-07 20:31:41.787 Initialised AES-256 SDCTR server->client encryption
. 2011-11-07 20:31:41.787 Initialised HMAC-SHA1 server->client MAC algorithm
! 2011-11-07 20:31:42.068 Using username <<username>>.
. 2011-11-07 20:31:42.677 Keyboard-interactive authentication refused
. 2011-11-07 20:31:42.677 Prompt (6, SSH password, , &Password: )
. 2011-11-07 20:31:46.568 Sent password
. 2011-11-07 20:31:46.865 Access granted
. 2011-11-07 20:31:47.162 Opened channel for session
. 2011-11-07 20:31:47.475 Started a shell/command
. 2011-11-07 20:31:47.475 Doing startup conversation with host.
> 2011-11-07 20:31:47.475 Type: SSH_FXP_INIT, Size: 5, Number: -1
. 2011-11-07 20:31:47.475 Server sent command exit status 127
. 2011-11-07 20:31:47.475 Disconnected: All channels closed
* 2011-11-07 20:31:47.506 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 127.
* 2011-11-07 20:31:47.506 Cannot initialize SFTP protocol. Is the host running a SFTP server?
Recent happenings.
For some reason our site was not accessible yesterday. We informed our host and they rebooted the server. This problem is happening only after that.
I have issued "locate sftp-server", it returns two locations.
/usr/libexec/openssh/sftp-server /usr/local/libexec/sftp-server
It looks like the second folder (/usr/local/libexec/sftp-server) is created/updated the day before yesterday. Also sshd-config file got updated on the same day. From the rpmpkgs logs, it looks like vsftpd also updated on the same date.
I suspected some auto update had happened. I checked the yum-updatesd.conf, but auto updates disabled there.
How to make sftp-server work again? In sshd-config the Subsystem is pointing to /usr/libexec/openssh/sftp-server. Should I change that to /usr/local/libexec/sftp-server?
Can I restart sshd from putty? I don't want to screw up the ssh connection also. I would like to solve this without rebooting the system again.
Please let me know if you want any more info. Thanks in advance
You can safely restart an ssh server whilst connected to it. It specifically keeps your connection open to help avoid locking you out. But you should always open a second connection and check that you can initialise a new connection before closing the first one!
It sounds to me like that's one of two problems:
sftp-server falling over for some reason (missing libraries, segfault, etc).
The server is running a non-openssh sftp-server instead of the openssh version. This always causes problems.
As a quick test, see if you can run the sftp-server binary by hand without it crashing. It should just sit there waiting for input (kill it with ctrl-c). If it complains about missing libraries or it segfaults you'll know what the problem is.
I had a similar problem. If the sshd_config file permissions change then this is likely the problem. It should be 644.
see http://www-01.ibm.com/support/docview.wss?uid=isg3T1012888
Check the rights on the two sftp-servers. Make sure the execute permssion exits for all owner, group and other. I've seen updates clobber permissions.
I had same problem. I finally found that I forgot to trust IP of remote ssh server on firewall settings (for allowing to connect using ssh port 22)