不幸的是,我不能通过sftp连接到我的VPS:
这是我的sshd_config :
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes PrintLastLog yes TCPKeepAlive yes #UseLogin no UseDNS yes #MaxStartups 10:30:60 Banner no # Allow setting environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes AllowUsers [email protected] [email protected] [email protected] Match User user PasswordAuthentication yes
我的连接尝试的详细输出:
me:~ user$ sftp -v [email protected] OpenSSH_6.9p1, LibreSSL 2.1.8 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1: Connecting to example.org [xx.xxx.xx.xx] port 22. debug1: Connection established. debug1: identity file /Users/user/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_rsa-cert type -1 debug1: identity file /Users/user/.ssh/id_dsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /Users/user/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 debug1: Authenticating to example.org:22 as 'user' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client [email protected] <implicit> none debug1: kex: client->server [email protected] <implicit> none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ssh-rsa SHA256:/RUeBQCA1w0nHUWT2OgLDhy7/bNQy4nWH2IVZatMLw4 debug1: Host 'example.org' is known and matches the RSA host key. debug1: Found key in /Users/user/.ssh/known_hosts:4 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/user/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey). Authenticated to example.org ([xx.xxx.xx.xx]:22). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = de_DE.UTF-8 debug1: Sending subsystem: sftp debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK Transferred: sent 3332, received 2796 bytes, in 0.2 seconds Bytes per second: sent 18890.9, received 15852.0 debug1: Exit status 127 Connection closed
任何想法如何解决这个问题?
这很可能意味着/usr/lib/openssh/sftp-server不存在。
确保Subsystem指令指向一个现有的path:
Subsystem sftp /usr/lib/openssh/sftp-server
或者实际上,现在你通常使用internal-sftp代替:
Subsystem sftp internal-sftp
请参阅OpenSSH:internal-sftp和sftp-server之间的区别 。
对我来说,这是客户端configuration错误。 127代码意味着命令没有find。 我改变了WinSCPconfiguration错误地使用“/ bin / sftp-server”而不是“默认”。 检查你的客户端configuration。
在我的,sftp服务器的完整path是在configuration文件,但没有工作。 我添加了“Subsystem sftp internal-sftp”,它开始工作。 谢谢!
子系统sftp / usr / lib / openssh / sftp-server < – 不工作
子系统sftp internal-sftp < – 工作