ell3zamb's questions -server

ell3zamb

Asked: 2024-10-18 01:37:51 +0800 CST

SSH Server error 1067 on Win Server 2019 when using internal-sftp subsystem to allow SFTP but disallow SSH

I've been using the internal-sftp subsystem approach since 2021 without problem to allow SFTP but disallow SSH.

My ssh_config file code is:

ForceCommand internal-sftp
Subsystem  sftp   sftp-server.exe -d \%
ChrootDirectory \%

PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no
AllowUsers sftpuser

As others, over the weekend following October 2024 Windows updates, I can't connect to the server via SSH.

On the server, the OpenSSH SSH server won't start and I get a 1067 error.

As recommended, when I delete the \ssh folder, the service can now be restarted successfully but the new ssh folder automatically created has the default ssh_config file code:

Match Group administrators
       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

When I replace this code with the internal-sftp code above I again get a 1067 error.

Wondering what makes this code incompatible with the new updates.

SSH Server error 1067 on Win Server 2019 when using internal-sftp subsystem to allow SFTP but disallow SSH

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?