Ticket #115 (closed defect: invalid)

Opened 8 years ago

Last modified 7 years ago

remote host startup banner breaks sftp/scp

Reported by: anonymous Owned by: bagder
Priority: normal Milestone:
Component: SFTP Version:
Keywords: Cc: bagder
Blocked By: Blocks:

Description

I use JSCAPE FTP server, if a startup banner is defined for sftp, it seems to break the sftp/scp connection (the libssh2 library is used by the cURL application):
Enter host password for user 'xxxxx':

  • About to connect() to 8.12.42.168 port 22 (#0)
  • Trying 8.12.42.168... connected
  • Connected to 8.12.42.168 (8.12.42.168) port 22 (#0)
  • Failure establishing ssh session
  • Closing connection #0

When removing the startup banner and trying again:

  • About to connect() to 8.12.42.168 port 22 (#0)
  • Trying 8.12.42.168... connected
  • Connected to 8.12.42.168 (8.12.42.168) port 22 (#0)
  • SSH authentication methods available: password,publickey
  • Using ssh public key file /var/home/xxxxx/.ssh/id_dsa.pub
  • Using ssh private key file /var/home/xxxxx/.ssh/id_dsa
  • SSH public key authentication failed: Unable to open public key file
  • Initialized password authentication
  • Authentication complete % Total % Received % Xferd Average Speed Time Time Time Current

Dload Upload Total Spent Left Speed

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connection #0 to host 8.12.42.168 left intact

  • Closing connection #0

There is no issue when using the AUTHENTICATION banner (not STARTUP banner)

Or might this be a Cipher that the Jscape application is not uses? Or a cURL problem?

Thanks

Change History

comment:1 Changed 8 years ago by bagder

Any chance this server or another one showing this problem is publicly accessible?

comment:2 Changed 8 years ago by anonymous

unfortunately I have only internal systems with jscape ftp server, I have asked jscape if they can set up a startup banner on their demo site to test this - still waiting for a reply. thanks

comment:3 Changed 8 years ago by bagder

We've seen this happen in the past and the problem is that the server is then not complying to the correct protocol and thus it breaks sftp. The proper fix is to make the server behave.

If other sftp clients manage to work around this problem we could of course check at how they do it and try to do something similar.

comment:4 Changed 7 years ago by stuge

  • Resolution set to invalid
  • Status changed from assigned to closed

As already mentioned, this is quite likely a protocol error on the server side. Feel free to reopen this ticket, but please provide a full debug log from a failed connection attempt if you do, otherwise we can not look into this.

Note: See TracTickets for help on using tickets.