Problem connecting from Unix client to Core Server

Core FTP Server questions and answers
Post Reply
shadey
Posts: 10
Joined: Mon Sep 25, 2006 4:15 pm

Problem connecting from Unix client to Core Server

Post by shadey »

I have a client who is getting the following when trying to connect to Core Server with a Linux client:

ebug1: Server accepts key: pkalg ssh-rsa blen 149
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending subsystem: sftp
sftp> ls
Couldn't get handle: Permission denied
sftp> pwd
Remote working directory: /
sftp> ls
Couldn't get handle: Permission denied
sftp> pwd
Remote working directory: /
sftp> ls
Couldn't get handle: Permission denied

Using the Core FTP Lite with the same key/logon etc as the client I have no problems viewing the contents of the clients directory on my server. I really need to get this working so that Linux clients can view so would really appreciate your help!
shadey
Posts: 10
Joined: Mon Sep 25, 2006 4:15 pm

Post by shadey »

Build 175 has not reslved this issue.

We have narrowed down when the issue ocurrs. We can connect from Linux and issue ls command etc until we assign the connecting user a key. As soon as we assign the key the connection is still achieved however we cannot get any Unix command to succeed.

The key was created from the Core server and is also being used to connect successfully from the Core LE client when the Unix box cannot connect. Has anyone connected from a Linux box to a Core server using key exchange before? Any ideas on how to resolve this issue?
MartinDCC
Posts: 3
Joined: Mon Dec 04, 2006 4:44 pm

Post by MartinDCC »

We get this as well - I note that the user isn't coming up on the CoreFTP management panel thingy when it happens. Looks like an sftp option missing, but have to dig further.

Martin
MartinDCC
Posts: 3
Joined: Mon Dec 04, 2006 4:44 pm

Post by MartinDCC »

Sorry to reply to myself, but I should add that we're running the client on AIX 5.2.
MartinDCC
Posts: 3
Joined: Mon Dec 04, 2006 4:44 pm

Post by MartinDCC »

ok, my final message!

We got this working using the following procedure:

1) removed all certificates and keys from both server and client (we probably didn't need to do the certificates, but it was fun)
2) on the AIX client, su - cftpuser and then ran ssh-keygen -t rsa.
This created the private key id_rsa and public key id_rsa.pub. When running the program we left the passphrase blank (less secure, but we want to run the transfers unattended).
3) we then copied the id_rsa.pub public key to a directory on the CoreFTP server.
4) In the CoreFTP console we created a self-sign certificate for the server, and then edited the cftpuser we had created and assigned the id_rsa.pub public key to it, then restarted the server.
5)Back on the client, we ran
su - cftpuser
sftp cftpuser@coreftpserver

The first time it asked us to confirm that we trusted the remote host, we said yes. from then on it worked without prompts.

In retrospect, our confusion was that we had the keys the wrong way round - we were creating them on the server and passing to client, not the other way around.

martin
Post Reply