SFTP: Connection closed
I'm trying to connect via sftp to my Synology NAS 215j running sftp server.
The sshd works great for root user, but when I do sftp as root, I'm getting Connection closed
just after typing correct passphrase for my ssh key.
Here is the /etc/ssh/sshd_config:
Ciphers blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
Protocol 2
SyslogFacility AUTHPRIV
LogLevel ERROR
LoginGraceTime 60
MaxStartups 2
MaxAuthTries 3
MaxSessions 3
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
RhostsRSAAuthentication no
IgnoreRhosts yes
ChallengeResponseAuthentication no
UsePAM no
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
TCPKeepAlive yes
ClientAliveInterval 600
ClientAliveCountMax 0
Banner /etc/ssh/issue.net
AllowTcpForwarding no
X11Forwarding no
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_*
UseDNS no
ChrootDirectory none
Subsystem sftp internal-sftp -f DAEMON -u 000
Match User root
AllowTcpForwarding yes
Here is the verbose output:
$ sftp -P 22221 -vvv root@nas
OpenSSH_7.1p1, OpenSSL 1.0.2e 3 Dec 2015
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to nas [192.168.1.51] port 22221.
debug1: Connection established.
debug1: identity file /Users/drewshg312/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p2-hpn14v4
debug1: match: OpenSSH_6.6p2-hpn14v4 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
debug2: fd 5 setting O_NONBLOCK
debug1: Authenticating to nas:22221 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: Compat: skipping algorithm "curve25519-sha256@libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1041/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SkJiuE7k6Z2ooVXv2cb4PGTeXgh+xNjxMtDG+8Pfqw0
debug3: put_host_port: [192.168.1.51]:22221
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [192.168.1.51]:22221
debug1: Host '[nas]:22221' is known and matches the ECDSA host key.
debug1: Found key in /Users/drewshg312/.ssh/known_hosts:10
debug2: bits set: 1039/2048
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_get_authentication_socket: Connection refused
debug2: key: /Users/drewshg312/.ssh/id_rsa (0x7f97fc000610),
debug2: key: /Users/drewshg312/.ssh/id_dsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ecdsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ed25519 (0x0),
debug3: input_userauth_banner
) ( ) )
( * ) * ) ( /( * )) ) ( /( ( /(
) ` ) /(` ) /(( )())` ) /(()/( )()) )())
((((_)( ( )(_))( )(_)) ((_) ( )(_))(_)|(_) ((_)
) _ )(_(_())(_(_()|(_) _((_)(_(_()|_)) ((_) _((_)
(_)_(_)_ _||_ _| __| | ||_ _|_ _| / _ | | |
/ _ | | | | | _|| .` | | | | | | (_) | .` |
/_/ _ |_| |_| |___|_|_| |_| |___| ___/|_|_|
UNAUTHORIZED ACCESS TO THIS SYSTEM IS FORBIDDEN AND WILL BE
PROSECUTED BY LAW!
DISCONNECT IMMIDIATELY IF YOU ARE NOT AUTHORIZED PERSON!
By accessing this system you agree that all your actions
will be monitored and logged.
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/drewshg312/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
debug3: sign_and_send_pubkey: RSA SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
Enter passphrase for key '/Users/drewshg312/.ssh/id_rsa':
debug1: Authentication succeeded (publickey).
Authenticated to nas ([192.168.1.51]:22221).
debug2: fd 6 setting O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: fd 5 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 87380
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 4144, received 3136 bytes, in 0.2 seconds
Bytes per second: sent 24522.5, received 18557.5
debug1: Exit status 255
Connection closed
Please help! I'm pretty sure there is something in my sshd configuration, that I don't completely understand… I need someone to point my mistake
Thank you
UPDATE:
Here is the log info, I'v got from grep -i sftp /var/log/*
:
/var/log/synoinfo.conf.bad:sftpPort="22"
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause_by_reason.c:27 synoservice: pause [sftp] by reason [smallupdate] ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:48 synoservice: [sftp] is already disable/pause.
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 21:29:43 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:29:45 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:06 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:08 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:10 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:12 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:51 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:55 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:38:47 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:38:48 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:38:50 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:38:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:40:09 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:40:11 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:40:13 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:40:14 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 22:14:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:49 synoservice: [sftp] stopping ...
/var/log/synoservice.log:Dec 17 22:15:00 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:106 synoservice: [sftp] stopped.
/var/log/synoservice.log:Dec 17 22:15:02 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 22:15:03 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:206 synoservice: [sftp] started.
ssh sftp openssh sshd synology
add a comment |
I'm trying to connect via sftp to my Synology NAS 215j running sftp server.
The sshd works great for root user, but when I do sftp as root, I'm getting Connection closed
just after typing correct passphrase for my ssh key.
Here is the /etc/ssh/sshd_config:
Ciphers blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
Protocol 2
SyslogFacility AUTHPRIV
LogLevel ERROR
LoginGraceTime 60
MaxStartups 2
MaxAuthTries 3
MaxSessions 3
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
RhostsRSAAuthentication no
IgnoreRhosts yes
ChallengeResponseAuthentication no
UsePAM no
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
TCPKeepAlive yes
ClientAliveInterval 600
ClientAliveCountMax 0
Banner /etc/ssh/issue.net
AllowTcpForwarding no
X11Forwarding no
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_*
UseDNS no
ChrootDirectory none
Subsystem sftp internal-sftp -f DAEMON -u 000
Match User root
AllowTcpForwarding yes
Here is the verbose output:
$ sftp -P 22221 -vvv root@nas
OpenSSH_7.1p1, OpenSSL 1.0.2e 3 Dec 2015
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to nas [192.168.1.51] port 22221.
debug1: Connection established.
debug1: identity file /Users/drewshg312/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p2-hpn14v4
debug1: match: OpenSSH_6.6p2-hpn14v4 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
debug2: fd 5 setting O_NONBLOCK
debug1: Authenticating to nas:22221 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: Compat: skipping algorithm "curve25519-sha256@libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1041/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SkJiuE7k6Z2ooVXv2cb4PGTeXgh+xNjxMtDG+8Pfqw0
debug3: put_host_port: [192.168.1.51]:22221
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [192.168.1.51]:22221
debug1: Host '[nas]:22221' is known and matches the ECDSA host key.
debug1: Found key in /Users/drewshg312/.ssh/known_hosts:10
debug2: bits set: 1039/2048
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_get_authentication_socket: Connection refused
debug2: key: /Users/drewshg312/.ssh/id_rsa (0x7f97fc000610),
debug2: key: /Users/drewshg312/.ssh/id_dsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ecdsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ed25519 (0x0),
debug3: input_userauth_banner
) ( ) )
( * ) * ) ( /( * )) ) ( /( ( /(
) ` ) /(` ) /(( )())` ) /(()/( )()) )())
((((_)( ( )(_))( )(_)) ((_) ( )(_))(_)|(_) ((_)
) _ )(_(_())(_(_()|(_) _((_)(_(_()|_)) ((_) _((_)
(_)_(_)_ _||_ _| __| | ||_ _|_ _| / _ | | |
/ _ | | | | | _|| .` | | | | | | (_) | .` |
/_/ _ |_| |_| |___|_|_| |_| |___| ___/|_|_|
UNAUTHORIZED ACCESS TO THIS SYSTEM IS FORBIDDEN AND WILL BE
PROSECUTED BY LAW!
DISCONNECT IMMIDIATELY IF YOU ARE NOT AUTHORIZED PERSON!
By accessing this system you agree that all your actions
will be monitored and logged.
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/drewshg312/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
debug3: sign_and_send_pubkey: RSA SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
Enter passphrase for key '/Users/drewshg312/.ssh/id_rsa':
debug1: Authentication succeeded (publickey).
Authenticated to nas ([192.168.1.51]:22221).
debug2: fd 6 setting O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: fd 5 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 87380
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 4144, received 3136 bytes, in 0.2 seconds
Bytes per second: sent 24522.5, received 18557.5
debug1: Exit status 255
Connection closed
Please help! I'm pretty sure there is something in my sshd configuration, that I don't completely understand… I need someone to point my mistake
Thank you
UPDATE:
Here is the log info, I'v got from grep -i sftp /var/log/*
:
/var/log/synoinfo.conf.bad:sftpPort="22"
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause_by_reason.c:27 synoservice: pause [sftp] by reason [smallupdate] ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:48 synoservice: [sftp] is already disable/pause.
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 21:29:43 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:29:45 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:06 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:08 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:10 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:12 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:51 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:55 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:38:47 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:38:48 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:38:50 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:38:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:40:09 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:40:11 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:40:13 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:40:14 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 22:14:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:49 synoservice: [sftp] stopping ...
/var/log/synoservice.log:Dec 17 22:15:00 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:106 synoservice: [sftp] stopped.
/var/log/synoservice.log:Dec 17 22:15:02 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 22:15:03 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:206 synoservice: [sftp] started.
ssh sftp openssh sshd synology
You are connection to port22221
, but there is not mark about using this port in yoursshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory forsshd
failures?
– Jakuje
Dec 19 '15 at 10:05
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've definedport 22222
insshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((
– Drew
Dec 19 '15 at 19:36
I realise this is an old question, but do you need to SFTP asroot
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)
– Paul d'Aoust
Dec 13 '16 at 19:08
add a comment |
I'm trying to connect via sftp to my Synology NAS 215j running sftp server.
The sshd works great for root user, but when I do sftp as root, I'm getting Connection closed
just after typing correct passphrase for my ssh key.
Here is the /etc/ssh/sshd_config:
Ciphers blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
Protocol 2
SyslogFacility AUTHPRIV
LogLevel ERROR
LoginGraceTime 60
MaxStartups 2
MaxAuthTries 3
MaxSessions 3
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
RhostsRSAAuthentication no
IgnoreRhosts yes
ChallengeResponseAuthentication no
UsePAM no
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
TCPKeepAlive yes
ClientAliveInterval 600
ClientAliveCountMax 0
Banner /etc/ssh/issue.net
AllowTcpForwarding no
X11Forwarding no
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_*
UseDNS no
ChrootDirectory none
Subsystem sftp internal-sftp -f DAEMON -u 000
Match User root
AllowTcpForwarding yes
Here is the verbose output:
$ sftp -P 22221 -vvv root@nas
OpenSSH_7.1p1, OpenSSL 1.0.2e 3 Dec 2015
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to nas [192.168.1.51] port 22221.
debug1: Connection established.
debug1: identity file /Users/drewshg312/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p2-hpn14v4
debug1: match: OpenSSH_6.6p2-hpn14v4 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
debug2: fd 5 setting O_NONBLOCK
debug1: Authenticating to nas:22221 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: Compat: skipping algorithm "curve25519-sha256@libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1041/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SkJiuE7k6Z2ooVXv2cb4PGTeXgh+xNjxMtDG+8Pfqw0
debug3: put_host_port: [192.168.1.51]:22221
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [192.168.1.51]:22221
debug1: Host '[nas]:22221' is known and matches the ECDSA host key.
debug1: Found key in /Users/drewshg312/.ssh/known_hosts:10
debug2: bits set: 1039/2048
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_get_authentication_socket: Connection refused
debug2: key: /Users/drewshg312/.ssh/id_rsa (0x7f97fc000610),
debug2: key: /Users/drewshg312/.ssh/id_dsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ecdsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ed25519 (0x0),
debug3: input_userauth_banner
) ( ) )
( * ) * ) ( /( * )) ) ( /( ( /(
) ` ) /(` ) /(( )())` ) /(()/( )()) )())
((((_)( ( )(_))( )(_)) ((_) ( )(_))(_)|(_) ((_)
) _ )(_(_())(_(_()|(_) _((_)(_(_()|_)) ((_) _((_)
(_)_(_)_ _||_ _| __| | ||_ _|_ _| / _ | | |
/ _ | | | | | _|| .` | | | | | | (_) | .` |
/_/ _ |_| |_| |___|_|_| |_| |___| ___/|_|_|
UNAUTHORIZED ACCESS TO THIS SYSTEM IS FORBIDDEN AND WILL BE
PROSECUTED BY LAW!
DISCONNECT IMMIDIATELY IF YOU ARE NOT AUTHORIZED PERSON!
By accessing this system you agree that all your actions
will be monitored and logged.
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/drewshg312/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
debug3: sign_and_send_pubkey: RSA SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
Enter passphrase for key '/Users/drewshg312/.ssh/id_rsa':
debug1: Authentication succeeded (publickey).
Authenticated to nas ([192.168.1.51]:22221).
debug2: fd 6 setting O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: fd 5 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 87380
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 4144, received 3136 bytes, in 0.2 seconds
Bytes per second: sent 24522.5, received 18557.5
debug1: Exit status 255
Connection closed
Please help! I'm pretty sure there is something in my sshd configuration, that I don't completely understand… I need someone to point my mistake
Thank you
UPDATE:
Here is the log info, I'v got from grep -i sftp /var/log/*
:
/var/log/synoinfo.conf.bad:sftpPort="22"
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause_by_reason.c:27 synoservice: pause [sftp] by reason [smallupdate] ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:48 synoservice: [sftp] is already disable/pause.
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 21:29:43 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:29:45 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:06 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:08 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:10 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:12 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:51 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:55 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:38:47 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:38:48 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:38:50 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:38:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:40:09 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:40:11 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:40:13 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:40:14 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 22:14:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:49 synoservice: [sftp] stopping ...
/var/log/synoservice.log:Dec 17 22:15:00 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:106 synoservice: [sftp] stopped.
/var/log/synoservice.log:Dec 17 22:15:02 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 22:15:03 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:206 synoservice: [sftp] started.
ssh sftp openssh sshd synology
I'm trying to connect via sftp to my Synology NAS 215j running sftp server.
The sshd works great for root user, but when I do sftp as root, I'm getting Connection closed
just after typing correct passphrase for my ssh key.
Here is the /etc/ssh/sshd_config:
Ciphers blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
Protocol 2
SyslogFacility AUTHPRIV
LogLevel ERROR
LoginGraceTime 60
MaxStartups 2
MaxAuthTries 3
MaxSessions 3
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
RhostsRSAAuthentication no
IgnoreRhosts yes
ChallengeResponseAuthentication no
UsePAM no
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
TCPKeepAlive yes
ClientAliveInterval 600
ClientAliveCountMax 0
Banner /etc/ssh/issue.net
AllowTcpForwarding no
X11Forwarding no
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_*
UseDNS no
ChrootDirectory none
Subsystem sftp internal-sftp -f DAEMON -u 000
Match User root
AllowTcpForwarding yes
Here is the verbose output:
$ sftp -P 22221 -vvv root@nas
OpenSSH_7.1p1, OpenSSL 1.0.2e 3 Dec 2015
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to nas [192.168.1.51] port 22221.
debug1: Connection established.
debug1: identity file /Users/drewshg312/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/drewshg312/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p2-hpn14v4
debug1: match: OpenSSH_6.6p2-hpn14v4 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
debug2: fd 5 setting O_NONBLOCK
debug1: Authenticating to nas:22221 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: Compat: skipping algorithm "curve25519-sha256@libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: blowfish-cbc,aes256-cbc,aes256-ctr,aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1041/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SkJiuE7k6Z2ooVXv2cb4PGTeXgh+xNjxMtDG+8Pfqw0
debug3: put_host_port: [192.168.1.51]:22221
debug3: put_host_port: [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [nas]:22221
debug3: hostkeys_foreach: reading file "/Users/drewshg312/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/drewshg312/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from [192.168.1.51]:22221
debug1: Host '[nas]:22221' is known and matches the ECDSA host key.
debug1: Found key in /Users/drewshg312/.ssh/known_hosts:10
debug2: bits set: 1039/2048
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_get_authentication_socket: Connection refused
debug2: key: /Users/drewshg312/.ssh/id_rsa (0x7f97fc000610),
debug2: key: /Users/drewshg312/.ssh/id_dsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ecdsa (0x0),
debug2: key: /Users/drewshg312/.ssh/id_ed25519 (0x0),
debug3: input_userauth_banner
) ( ) )
( * ) * ) ( /( * )) ) ( /( ( /(
) ` ) /(` ) /(( )())` ) /(()/( )()) )())
((((_)( ( )(_))( )(_)) ((_) ( )(_))(_)|(_) ((_)
) _ )(_(_())(_(_()|(_) _((_)(_(_()|_)) ((_) _((_)
(_)_(_)_ _||_ _| __| | ||_ _|_ _| / _ | | |
/ _ | | | | | _|| .` | | | | | | (_) | .` |
/_/ _ |_| |_| |___|_|_| |_| |___| ___/|_|_|
UNAUTHORIZED ACCESS TO THIS SYSTEM IS FORBIDDEN AND WILL BE
PROSECUTED BY LAW!
DISCONNECT IMMIDIATELY IF YOU ARE NOT AUTHORIZED PERSON!
By accessing this system you agree that all your actions
will be monitored and logged.
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/drewshg312/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
debug3: sign_and_send_pubkey: RSA SHA256:NWHiMGnH1Sz8K/cLRV9x493V6B6P8+oat6xtwFViZl4
Enter passphrase for key '/Users/drewshg312/.ssh/id_rsa':
debug1: Authentication succeeded (publickey).
Authenticated to nas ([192.168.1.51]:22221).
debug2: fd 6 setting O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: fd 5 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 87380
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 4144, received 3136 bytes, in 0.2 seconds
Bytes per second: sent 24522.5, received 18557.5
debug1: Exit status 255
Connection closed
Please help! I'm pretty sure there is something in my sshd configuration, that I don't completely understand… I need someone to point my mistake
Thank you
UPDATE:
Here is the log info, I'v got from grep -i sftp /var/log/*
:
/var/log/synoinfo.conf.bad:sftpPort="22"
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 5 12:54:25 nas-server entry.cgi_SYNO.Core.User.Home[1].set[9165]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause_by_reason.c:27 synoservice: pause [sftp] by reason [smallupdate] ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:48 synoservice: [sftp] is already disable/pause.
/var/log/synoservice.log:Dec 5 21:58:25 nas-server entry.cgi_SYNO.Core.Upgrade[1].start[22749]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 12 19:56:27 nas entry.cgi_SYNO.Core.User.Home[1].set[16689]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:09:02 nas entry.cgi_SYNO.Core.User.Home[1].set[27314]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 14 14:10:39 nas entry.cgi_SYNO.Core.User.Home[1].set[27623]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:00:53 nas entry.cgi_SYNO.Core.User.Home[1].set[13303]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 15 18:05:03 nas entry.cgi_SYNO.Core.User.Home[1].set[14018]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:33 synoservice: reload [sftp].
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:40 synoservice: [sftp] is not enabled, skip reload action
/var/log/synoservice.log:Dec 17 19:42:01 nas entry.cgi_SYNO.Core.BandwidthControl.Protocol[1].set[12255]: service_reload.c:53 synoservice: finish reload [sftp].
/var/log/synoservice.log:Dec 17 21:29:43 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:29:45 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[17732]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:06 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:08 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:10 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:12 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18453]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:32:51 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:32:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:32:55 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:32:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[18960]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:38:47 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:38:48 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:38:50 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:38:52 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[19744]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 21:40:09 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 21:40:11 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 21:40:13 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 21:40:14 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[20292]: service_start.c:206 synoservice: [sftp] started.
/var/log/synoservice.log:Dec 17 22:14:56 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:39 synoservice: [sftp] pausing ...
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_pause.c:89 synoservice: [sftp] paused.
/var/log/synoservice.log:Dec 17 22:14:58 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:49 synoservice: [sftp] stopping ...
/var/log/synoservice.log:Dec 17 22:15:00 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22807]: service_stop.c:106 synoservice: [sftp] stopped.
/var/log/synoservice.log:Dec 17 22:15:02 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:108 synoservice: [sftp] starting ...
/var/log/synoservice.log:Dec 17 22:15:03 nas entry.cgi_SYNO.Core.FileServ.FTP.SFTP[1].set[22990]: service_start.c:206 synoservice: [sftp] started.
ssh sftp openssh sshd synology
ssh sftp openssh sshd synology
edited Dec 19 '15 at 1:58
Drew
asked Dec 19 '15 at 1:20
DrewDrew
92832147
92832147
You are connection to port22221
, but there is not mark about using this port in yoursshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory forsshd
failures?
– Jakuje
Dec 19 '15 at 10:05
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've definedport 22222
insshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((
– Drew
Dec 19 '15 at 19:36
I realise this is an old question, but do you need to SFTP asroot
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)
– Paul d'Aoust
Dec 13 '16 at 19:08
add a comment |
You are connection to port22221
, but there is not mark about using this port in yoursshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory forsshd
failures?
– Jakuje
Dec 19 '15 at 10:05
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've definedport 22222
insshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((
– Drew
Dec 19 '15 at 19:36
I realise this is an old question, but do you need to SFTP asroot
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)
– Paul d'Aoust
Dec 13 '16 at 19:08
You are connection to port
22221
, but there is not mark about using this port in your sshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory for sshd
failures?– Jakuje
Dec 19 '15 at 10:05
You are connection to port
22221
, but there is not mark about using this port in your sshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory for sshd
failures?– Jakuje
Dec 19 '15 at 10:05
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've defined
port 22222
in sshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((– Drew
Dec 19 '15 at 19:36
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've defined
port 22222
in sshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((– Drew
Dec 19 '15 at 19:36
I realise this is an old question, but do you need to SFTP as
root
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)– Paul d'Aoust
Dec 13 '16 at 19:08
I realise this is an old question, but do you need to SFTP as
root
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)– Paul d'Aoust
Dec 13 '16 at 19:08
add a comment |
1 Answer
1
active
oldest
votes
It looks like there's a problem on the server side. As soon as you request the SFTP subsystem you're receiving an end-of-file and it's exiting with a 255.
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
...
debug1: Exit status 255
Can you check out the logs on the server? Probably grep in /var/log/
grep -i sftp /var/log/*
should return something helpful.
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1015441%2fsftp-connection-closed%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
It looks like there's a problem on the server side. As soon as you request the SFTP subsystem you're receiving an end-of-file and it's exiting with a 255.
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
...
debug1: Exit status 255
Can you check out the logs on the server? Probably grep in /var/log/
grep -i sftp /var/log/*
should return something helpful.
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
add a comment |
It looks like there's a problem on the server side. As soon as you request the SFTP subsystem you're receiving an end-of-file and it's exiting with a 255.
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
...
debug1: Exit status 255
Can you check out the logs on the server? Probably grep in /var/log/
grep -i sftp /var/log/*
should return something helpful.
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
add a comment |
It looks like there's a problem on the server side. As soon as you request the SFTP subsystem you're receiving an end-of-file and it's exiting with a 255.
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
...
debug1: Exit status 255
Can you check out the logs on the server? Probably grep in /var/log/
grep -i sftp /var/log/*
should return something helpful.
It looks like there's a problem on the server side. As soon as you request the SFTP subsystem you're receiving an end-of-file and it's exiting with a 255.
debug2: subsystem request accepted on channel 0
debug2: channel 0: rcvd eof
...
debug1: Exit status 255
Can you check out the logs on the server? Probably grep in /var/log/
grep -i sftp /var/log/*
should return something helpful.
answered Dec 19 '15 at 1:45
jbrahyjbrahy
1213
1213
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
add a comment |
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
@jbahy, Thank you for reply! I'v updated my post, please check it out!
– Drew
Dec 19 '15 at 2:01
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
It looks like synology has disabled it on purpose. Here's a howto from their site on how to setup the sFTP server.
– jbrahy
Dec 21 '15 at 19:55
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
"Here's a howto..." where?
– Drew
Dec 21 '15 at 20:30
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
forum.synology.com/wiki/index.php/How_to_setup_an_sftp-server
– jbrahy
Dec 21 '15 at 20:58
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1015441%2fsftp-connection-closed%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
You are connection to port
22221
, but there is not mark about using this port in yoursshd_config
. Connection seems to go to sshd server, but the logs about sftp are coming from somewhere else. Can you check the log directory forsshd
failures?– Jakuje
Dec 19 '15 at 10:05
@Jakuje, I'm running sshd on port 22222 and sftp server on port 22221. Should it be the same port?
– Drew
Dec 19 '15 at 19:13
@Jakuje, Port is set up in DSM GUI, so It can be omited in sshd_config - it works perfectly without defining it there... SFTP port is also set in DSM GUI... anyways I've tried different combinations. I've defined
port 22222
insshd_config
and set the same port for ssh and sftp in gui... Still the same result :(((– Drew
Dec 19 '15 at 19:36
I realise this is an old question, but do you need to SFTP as
root
? If not, you could just create a user with the privileges you need. (Make sure you go to the 'Applications' tab in the user's settings in DSM, and check FTP.)– Paul d'Aoust
Dec 13 '16 at 19:08