Alex is farting around with FTP's again.... - Page 2

LeperousDust · 25-08-2008, 15:08

Right take 10, i've scraped what i was using as it was giving me immense hassle. I'm back to using something i tried earlier but this time i'm gonna make sure i get it working

So i'm using freeSSHd which is essentially based off openSSH i think. Now basically installed it pointed it to the root folder i want. Made one user (boatdrinks) with a SHA1 hash password (welcomeaboard) granted SFTP rights only. And started the SFTP service. Yet i still can't connect internally or externally with WinSCP, 've given up using FireFTP because tbh i think that was part of my original problems anyway it doesn't seem that good.

So the question is why can i still not connect

? =/

I'm using freeSSHd because i hope to also use the SSH side of thing for a bit of admin just in case in the future. Its nice to have

Next is a VPN and some kind of SSH tunnels VNC just in case

But hey babysteps since my SFTP isn't playing ball yet.

Mark · 25-08-2008, 15:17

Quote:

$ telnet alexdoddedinburgh.dyndns.org 22
Trying 80.195.254.32...
Connected to alexdoddedinburgh.dyndns.org.
Escape character is '^]'.
SSH-2.0-WeOnlyDo 2.0.6

Quote:

$ sftp alexdoddedinburgh.dyndns.org
Connecting to alexdoddedinburgh.dyndns.org...
The authenticity of host 'alexdoddedinburgh.dyndns.org (80.195.254.32)' can't be established.
Are you sure you want to continue connecting (yes/no)? yes
Disconnecting: Bad packet length 3523815878.
Couldn't read packet: Connection reset by peer

Quote:

$ sftp alexdoddedinburgh.dyndns.org
Connecting to alexdoddedinburgh.dyndns.org...
ssh: connect to host alexdoddedinburgh.dyndns.org port 22: Connection refused
Couldn't read packet: Connection reset by peer

Looks like you're messing about with it though as I just got a security violation warning.

Mark · 25-08-2008, 15:19

OK - it's behaving now but denying the username/password.

LeperousDust · 25-08-2008, 15:37

Cool, thats essentially what i'm getting denied username and password
but i don't uderstand why

It's definitely right...?

I have no effing clue what i'm doing here at all, and its so very frustrating. WinSCP is telling me it can authenticate. Do i need to use the security keys? I thought i could just blindly add/ignore them?

Mark · 25-08-2008, 16:01

Try just setting a plaintext password for the user. You don't want to be using SHA-1 (or any other) hash for user accounts right now.

Setting a hash for the host (computer) is fine. You've done that and it works.

LeperousDust · 25-08-2008, 16:08

I can't do that freeSSHd, i can choose:
NT Auth, which i'd rather not get mixed up with
Password stored as SHA1 Hash
Public key (SSH Only)

I have no idea what i'm doing but i've stumbled my way through and i thought i've been doing it right but i just don't seem to be able to log on with PuTTY or WinSCP. It's royally frustrating. I've granted the boatdrinks user with SSH and Tunneling for now too whilst i'm trying other things if you want to have a mess around yourself if you can get in that is (join the party?

). I've forwarded Port 22 too as you can see since you can see/connect you just can't Auth which is my problem too.

Why the **** are things so difficult for seemingly no reason

?

See here for my privatekeys that i've made up so far incase you need them. I'd attach them on the forum but it only supports nzb's and torrent filenames

Mark · 25-08-2008, 16:24

Access denied - and you really shouldn't be publishing private keys anyway. That's the whole point of being private.

You can do what I said - it's just that if you follow the wiki they tell you to disable password authentication. That'll stop you logging in without those private key files.

LeperousDust · 25-08-2008, 16:25

Yeah i'm aware thats not a clever idea, but dont worry theyre only there for you, and i can recreate new ones no?

Right i will have another play then disabling that pap

//Edit: Wait yeah crossed wires, i didn't follow the wiki to the letter, i set my own password in freeSSHd for the user, not using the key only. But the only option is the hash. I'm losing interest again, can't be bothered spending more than an hour setting up something so technically trviial. Its crap, i will no doubt have another go some time int he future. Its not that important to me yet it would have just been nice to have it working

Mark · 25-08-2008, 16:47

Have another Edinburgh meet. Invite someone round. Sorted.

Quote:

$ sftp -v boatdrinks@alexdoddedinburgh.dyndns.org
Connecting to alexdoddedinburgh.dyndns.org...
OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to alexdoddedinburgh.dyndns.org [80.195.254.32] port 22.
debug1: Connection established.
debug1: Remote protocol version 2.0, remote software version WeOnlyDo 2.0.6
debug1: no match: WeOnlyDo 2.0.6
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'alexdoddedinburgh.dyndns.org' is known and matches the RSA host key.
debug1: Found key in known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Next authentication method: password
boatdrinks@alexdoddedinburgh.dyndns.org's password:
debug1: Authentications that can continue: password,publickey
Permission denied, please try again.

So, the server is correctly configured, but the username/password isn't. Remember that SSH is case-sensitive.

I don't blame you for struggling with this. The wiki is very poor - it tells you to change things but in most cases makes no attempt to tell you how or why. Even I can't get to grips with it so some hope you have. :/

LeperousDust · 25-08-2008, 17:48

Well well i buggered off to play piano, i'm not farting around with it anymore, but i've put everything in lowercase anyway just to make sure. It keeps telling me my username and password are wrong, or at least password is wrong, i faffing know it isn't though its lying

. Something isn't right but i think it runs deep than me this time...

Haha just tried connecting and now im getting connectiong refused. God only knows.

That wiki isn't theirs to be fair, but its bad enough that they point you to it in the first place though!

25-08-2008, 15:08	#11
LeperousDust Bananaman Join Date: Jul 2006 Location: Liverpool/Edinburgh Posts: 4,817	Right take 10, i've scraped what i was using as it was giving me immense hassle. I'm back to using something i tried earlier but this time i'm gonna make sure i get it working So i'm using freeSSHd which is essentially based off openSSH i think. Now basically installed it pointed it to the root folder i want. Made one user (boatdrinks) with a SHA1 hash password (welcomeaboard) granted SFTP rights only. And started the SFTP service. Yet i still can't connect internally or externally with WinSCP, 've given up using FireFTP because tbh i think that was part of my original problems anyway it doesn't seem that good. So the question is why can i still not connect ? =/ I'm using freeSSHd because i hope to also use the SSH side of thing for a bit of admin just in case in the future. Its nice to have Next is a VPN and some kind of SSH tunnels VNC just in case But hey babysteps since my SFTP isn't playing ball yet. __________________

25-08-2008, 15:37	#14
LeperousDust Bananaman Join Date: Jul 2006 Location: Liverpool/Edinburgh Posts: 4,817	Cool, thats essentially what i'm getting denied username and password but i don't uderstand why It's definitely right...? I have no effing clue what i'm doing here at all, and its so very frustrating. WinSCP is telling me it can authenticate. Do i need to use the security keys? I thought i could just blindly add/ignore them? __________________ Last edited by LeperousDust; 25-08-2008 at 15:39.

25-08-2008, 16:08	#16
LeperousDust Bananaman Join Date: Jul 2006 Location: Liverpool/Edinburgh Posts: 4,817	I can't do that freeSSHd, i can choose: NT Auth, which i'd rather not get mixed up with Password stored as SHA1 Hash Public key (SSH Only) I have no idea what i'm doing but i've stumbled my way through and i thought i've been doing it right but i just don't seem to be able to log on with PuTTY or WinSCP. It's royally frustrating. I've granted the boatdrinks user with SSH and Tunneling for now too whilst i'm trying other things if you want to have a mess around yourself if you can get in that is (join the party? ). I've forwarded Port 22 too as you can see since you can see/connect you just can't Auth which is my problem too. Why the **** are things so difficult for seemingly no reason ? See here for my privatekeys that i've made up so far incase you need them. I'd attach them on the forum but it only supports nzb's and torrent filenames __________________ Last edited by LeperousDust; 25-08-2008 at 16:13.

25-08-2008, 16:25	#18
LeperousDust Bananaman Join Date: Jul 2006 Location: Liverpool/Edinburgh Posts: 4,817	Yeah i'm aware thats not a clever idea, but dont worry theyre only there for you, and i can recreate new ones no? Right i will have another play then disabling that pap //Edit: Wait yeah crossed wires, i didn't follow the wiki to the letter, i set my own password in freeSSHd for the user, not using the key only. But the only option is the hash. I'm losing interest again, can't be bothered spending more than an hour setting up something so technically trviial. Its crap, i will no doubt have another go some time int he future. Its not that important to me yet it would have just been nice to have it working __________________ Last edited by LeperousDust; 25-08-2008 at 16:34.

25-08-2008, 17:48	#20
LeperousDust Bananaman Join Date: Jul 2006 Location: Liverpool/Edinburgh Posts: 4,817	Well well i buggered off to play piano, i'm not farting around with it anymore, but i've put everything in lowercase anyway just to make sure. It keeps telling me my username and password are wrong, or at least password is wrong, i faffing know it isn't though its lying . Something isn't right but i think it runs deep than me this time... Haha just tried connecting and now im getting connectiong refused. God only knows. That wiki isn't theirs to be fair, but its bad enough that they point you to it in the first place though! __________________ Last edited by LeperousDust; 25-08-2008 at 17:54.

25-08-2008, 15:19	#13
Mark Screaming Orgasm Join Date: Jul 2006 Location: Newbury Posts: 15,194	OK - it's behaving now but denying the username/password.

25-08-2008, 16:01	#15
Mark Screaming Orgasm Join Date: Jul 2006 Location: Newbury Posts: 15,194	Try just setting a plaintext password for the user. You don't want to be using SHA-1 (or any other) hash for user accounts right now. Setting a hash for the host (computer) is fine. You've done that and it works.

25-08-2008, 16:24	#17
Mark Screaming Orgasm Join Date: Jul 2006 Location: Newbury Posts: 15,194	Access denied - and you really shouldn't be publishing private keys anyway. That's the whole point of being private. You can do what I said - it's just that if you follow the wiki they tell you to disable password authentication. That'll stop you logging in without those private key files.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode