[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Enabling SFTP under Debian 4.0r0

On Sat, Jul 07, 2007 at 02:24:52 -0500, ArcticFox wrote:
> On Jul 6, 2007, at 11:54 PM, Kent West wrote:
> > ArcticFox wrote:

[ snip: sftp does not work from Apple box to Debian server, while ssh
  does work. ]

> > You might "tail /var/log/auth.log" for clues.
> All that tells me is there was a ssh session opened for root then
> closed a second later. No error messages or anything useful.

I would first try to get it working for a normal user (see below).


> > > Also, I don't know if this is related, but attempting to connect
> > > through ssh as root gets a "Bad Password" message, yet the
> > > password is accepted when used locally.
> >
> > IIRC, it used to be that sshd_config had "PermitRootLogin=no", but I
> > think in more recent times it's set to yes (which seems unwise to
> > me).

Have a look at /etc/pam.d/login, you will probably see this:

# Disallows root logins except on tty's listed in /etc/securetty
# (Replaces the `CONSOLE' setting from login.defs)
auth       requisite  pam_securetty.so

AFAIK, this can block remote root logins even if sshd_config allows

I agree with Kent that it is better not to allow remote root logins. 

It would be nice to have more debugging output from the client. Try to
run this on the Apple box:

sftp -v username@host

and post the output here. (Replace "username" and "host" as is
appropriate for your Debian system; you will be prompted for the

(I hope that OS X, being BSD based, still has the normal sftp utility.)

Regards,            | http://users.icfo.es/Florian.Kulzer
          Florian   |

Reply to: