Page 1 of 1

SFTP server issues

Posted: Wed Jun 30, 2010 2:10 pm
by mandrews
We have two servers set up. One is v4.0.0.8 and SFTP works fine. The second is v4.0.2.2 and we're having trouble.

It seems like there is a client incompatibility. Filezilla and WinSCP both work fine. The client on the other end is an automated system so changing that is not an option. Here is a snip of the log. The client constantly connects and disconnects and is unable to transfer files. I have used a small stand alone SFTP server to verify that the issue is with Cerberus and not the client. The same client connects to the 4.0.0.8 server and has no issues.

What can I do to fix this? Can I roll back to 4.0.0.8? Is there a patch or setting that I'm missing?


[2010-06-30 14:02:23]:CONNECT [ 129] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:23]:CONNECT [ 129] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:23]:CONNECT [ 129] - The client closed the connection
[2010-06-30 14:02:23]:CONNECT [ 129] - Connection terminated
[2010-06-30 14:02:23]:CONNECT [ 130] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:23]:CONNECT [ 130] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:23]:CONNECT [ 130] - Key Exchange Algorithm Negotiation Success: Proceeding with key exchange
[2010-06-30 14:02:23]:CONNECT [ 130] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1, none' S2C : 'aes128-cbc, hmac-sha1, none'
[2010-06-30 14:02:23]:CONNECT [ 130] -
[2010-06-30 14:02:24]:CONNECT [ 128] - Client username: '********' password: '***********'
[2010-06-30 14:02:24]:CONNECT [ 128] - Incorrect password for user '********'
[2010-06-30 14:02:24]: INFO [ 130] - DH Key sizes: Server Public '1022', Private '1023', Client Public '1024'
[2010-06-30 14:02:24]:CONNECT [ 128] - Client username: '********' password: '***********'
[2010-06-30 14:02:24]:CONNECT [ 128] - Native user '********' authenticated
[2010-06-30 14:02:24]: SYSTEM [ 128] - Channel Open: 'session', Sender Channel: 0, Init Window Size: 131070, Max Packet Size: 34000
[2010-06-30 14:02:24]:CONNECT [ 128] - Creating local channel: 1056
[2010-06-30 14:02:24]:CONNECT [ 128] - Channel Request: 'subsystem', Recipient Channel: 1056, Subsystem Name: 'sftp', Reply: true
[2010-06-30 14:02:24]:CONNECT [ 130] - Client username: '********' password: '***********'
[2010-06-30 14:02:24]:CONNECT [ 130] - Incorrect password for user '********'
[2010-06-30 14:02:24]:CONNECT [ 130] - Client username: '********' password: '***********'
[2010-06-30 14:02:24]:CONNECT [ 130] - Native user '********' authenticated
[2010-06-30 14:02:24]: SYSTEM [ 130] - Channel Open: 'session', Sender Channel: 0, Init Window Size: 131070, Max Packet Size: 34000
[2010-06-30 14:02:24]:CONNECT [ 130] - Creating local channel: 1072
[2010-06-30 14:02:24]:CONNECT [ 130] - Channel Request: 'subsystem', Recipient Channel: 1072, Subsystem Name: 'sftp', Reply: true
[2010-06-30 14:02:54]:CONNECT [ 128] - Disconnect reason: The user disconnected the application
[2010-06-30 14:02:54]:CONNECT [ 128] - The client closed the connection
[2010-06-30 14:02:54]:CONNECT [ 128] - Connection terminated
[2010-06-30 14:02:54]:CONNECT [ 130] - Disconnect reason: The user disconnected the application
[2010-06-30 14:02:54]:CONNECT [ 130] - The client closed the connection
[2010-06-30 14:02:54]:CONNECT [ 130] - Connection terminated
[2010-06-30 14:02:59]:CONNECT [ 131] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 131] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 131] - The client closed the connection
[2010-06-30 14:02:59]:CONNECT [ 131] - Connection terminated
[2010-06-30 14:02:59]:CONNECT [ 132] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 132] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 132] - Key Exchange Algorithm Negotiation Success: Proceeding with key exchange
[2010-06-30 14:02:59]:CONNECT [ 132] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1, none' S2C : 'aes128-cbc, hmac-sha1, none'
[2010-06-30 14:02:59]:CONNECT [ 132] -
[2010-06-30 14:02:59]: INFO [ 132] - DH Key sizes: Server Public '1024', Private '1023', Client Public '1024'
[2010-06-30 14:02:59]:CONNECT [ 133] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 133] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 133] - The client closed the connection
[2010-06-30 14:02:59]:CONNECT [ 133] - Connection terminated
[2010-06-30 14:02:59]:CONNECT [ 134] - Incoming connection request on interface 18 at *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 134] - SSH FTP Connection request accepted from *.*.*.*
[2010-06-30 14:02:59]:CONNECT [ 134] - Key Exchange Algorithm Negotiation Success: Proceeding with key exchange
[2010-06-30 14:02:59]:CONNECT [ 134] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1, none' S2C : 'aes128-cbc, hmac-sha1, none'
[2010-06-30 14:02:59]:CONNECT [ 134] -
[2010-06-30 14:03:00]:CONNECT [ 132] - Client username: '********' password: '***********'
[2010-06-30 14:03:00]:CONNECT [ 132] - Incorrect password for user '********'
[2010-06-30 14:03:00]: INFO [ 134] - DH Key sizes: Server Public '1024', Private '1023', Client Public '1024'
[2010-06-30 14:03:00]:CONNECT [ 132] - Client username: '********' password: '***********'
[2010-06-30 14:03:00]:CONNECT [ 132] - Native user '********' authenticated
[2010-06-30 14:03:00]: SYSTEM [ 132] - Channel Open: 'session', Sender Channel: 0, Init Window Size: 131070, Max Packet Size: 34000
[2010-06-30 14:03:00]:CONNECT [ 132] - Creating local channel: 1088
[2010-06-30 14:03:00]:CONNECT [ 132] - Channel Request: 'subsystem', Recipient Channel: 1088, Subsystem Name: 'sftp', Reply: true
[2010-06-30 14:03:00]:CONNECT [ 134] - Client username: '********' password: '***********'
[2010-06-30 14:03:00]:CONNECT [ 134] - Incorrect password for user '********'
[2010-06-30 14:03:00]:CONNECT [ 134] - Client username: '********' password: '***********'
[2010-06-30 14:03:00]:CONNECT [ 134] - Native user '********' authenticated
[2010-06-30 14:03:00]: SYSTEM [ 134] - Channel Open: 'session', Sender Channel: 0, Init Window Size: 131070, Max Packet Size: 34000
[2010-06-30 14:03:00]:CONNECT [ 134] - Creating local channel: 1104
[2010-06-30 14:03:00]:CONNECT [ 134] - Channel Request: 'subsystem', Recipient Channel: 1104, Subsystem Name: 'sftp', Reply: true
[2010-06-30 14:03:06]:CONNECT [ 134] - Connection terminated
[2010-06-30 14:03:07]:CONNECT [ 132] - Connection terminated

Re: SFTP server issues

Posted: Wed Jun 30, 2010 2:27 pm
by Serin
Hello,

There were several improvements made to SFTP between version 4.0.0.8 and 4.0.2.2 that generally improved compatibility with SFTP clients. It's possible we introduced an incompatibility but the log file doesn't indicate a problem. What is the SFTP client and is there an error message on the client end that can give an indication on why it is disconnecting?

Re: SFTP server issues

Posted: Wed Jun 30, 2010 2:40 pm
by mandrews
Thanks for getting back so quickly, this is becoming a nightmare. I don't have too many more details other than it's an automated system.

The client is shown as SSH-2.0-http://3sp.com_J2SSH_Maverick_1.3.9

Re: SFTP server issues

Posted: Wed Jun 30, 2010 2:54 pm
by Serin
I've never heard of that client or client library. Google search doesn't turn up much either. Without some idea of what the problem is or if you can't give us a copy of the SFTP client I don't think we can help figure out the problem. There simply isn't any information for us to go on.

Can you get us a copy of the client?

You can also copy the old

CerberusGUI.exe
gsoap.dll
libctemplate.dll
LIBEAY32.dll
log4cxx.dll
SSLEAY32.dll

files from version 4.0.0.8 (in C:\Program Files\Cerberus LLC\Cerberus FTP Server) over the files on the 4.0.2.2 machine to do a quick downgrade if you need to.

Make sure you backup the files you replace.

Re: SFTP server issues

Posted: Wed Jun 30, 2010 2:56 pm
by Serin
I did find a possible reference:

http://www.sshtools.co.uk/en/j2ssh-maverick/

Re: SFTP server issues

Posted: Wed Jun 30, 2010 3:11 pm
by mandrews
Thanks for the downgrade info. It's connecting now.

I don't have access to the client. It's an outside third party. From what I've been able to gather online, it looks to be a pretty old version of an obscure Java based SSH client.

Re: SFTP server issues

Posted: Fri Sep 29, 2017 3:51 pm
by Sergio
Hi,

I hate to bring up this super old issue, but I'm having the same problem. The client in question is identifying as the same Java SFTP client as the original poster. Logs are below. Our current FTP version is 9.0.0.6. I'm wondering if anyone found a resolution for this issue? The Java client is baked into a software product called Brocade Network Advisor so I can't change it, but I did upgrade it to the latest version 14.3.1 with no change. There is AD authentication going on, but making a local Cerberus user didn't change the behavior so I ruled that out. I also tweaked all the FTP options thinking that it might change the behavior as well, but it will hang in the same spot every time--the "Exec command: ver" line. Then it times out after 2 minutes. The software is installed on the same server as CFTP hence the incoming connection from the same server IP address (changing that to loopback didn't change anything either).

[2017-09-29 12:39:01]:CONNECT [ 3] - Incoming connection request on SSH SFTP interface 6 at 192.168.2.15 accepted from 192.168.2.15
[2017-09-29 12:39:01]: INFO [ 3] - Client Identification: SSH-2.0-http://J2SSH_Maverick_1.4.25__Brocade_Communications_Systems,_Inc.
[2017-09-29 12:39:01]:CONNECT [ 3] - Algorithm negotiation complete: Proceeding with key exchange
[2017-09-29 12:39:01]:CONNECT [ 3] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1, none' S2C : 'aes128-cbc, hmac-sha1, none'
[2017-09-29 12:39:01]: INFO [ 3] - DH Key sizes: Server Public '1023', Private '1023', Client Public '1024'
[2017-09-29 12:39:01]:CONNECT [ 3] - Authenticating password for user 'bna'
[2017-09-29 12:39:01]:CONNECT [ 3] - Could not authenticate Native user 'bna' : Unable to find user 'bna'
[2017-09-29 12:39:01]: WARN [ 3] - Unable to create home directory '\\fileserver\MISBackups\bna' for user 'bna' : Cannot create a file when that file already exists.
[2017-09-29 12:39:01]:CONNECT [ 3] - AD user 'bna' authenticated on domain 'CBSSC'
[2017-09-29 12:39:01]:CONNECT [ 3] - Channel Open: 'session', Sender Channel: 0, Init Window Size: 32768, Max Packet Size: 32768
[2017-09-29 12:39:01]:CONNECT [ 3] - Creating local channel: 32
[2017-09-29 12:39:01]:CONNECT [ 3] - Channel Request: 'pty-req', Recipient Channel: 32, Subsystem Name: '', Reply: true
[2017-09-29 12:39:01]:CONNECT [ 3] - Channel Request: 'exec', Recipient Channel: 32, Subsystem Name: '', Reply: true
[2017-09-29 12:39:01]: INFO [ 3] - Exec command: ver
[2017-09-29 12:41:03]:CONNECT [ 3] - Connection timed out - Shutting down connection...
[2017-09-29 12:41:03]:CONNECT [ 3] - Connection terminated

Re: SFTP server issues

Posted: Mon Oct 02, 2017 11:20 am
by pacman
Hello, Sergio.

Cerberus support SSH SFTP only. It is not an SSH shell program, nor does it support shell commands like "Exec command: ver"