When connecting to a particular sshd host and respond to the password prompt I receive an application error and disconnect as soon as I enter any string and press enter. It does not matter whether the password is correct or not.
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
hpa3000@fileserver.stromasys.com's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 1
Received disconnect from 1.2.3.4 port 22:11: Application error
Disconnected from 1.2.3.4 port 22
Connection closed
I can successfully sftp to other password protected remote sites that run a variety of OS’. However, I am informed by another user that they can connect via sftp to 1.2.3.4 without problems from different sites.
I am confused as to what might be happening much less how to solve it. Has anyone got any ideas?
Yes, I can ssh/sftp in, however that is not the issue. I can ssh and sftp out, just not to this specific remote host. However, it is reliably reported to me that host is reachable via sftp from other sites.
The versions of local and remote are:
debug1: Local version string SSH-2.0-OpenSSH_8.0
debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9
You might also try to increase the verbosity of your debug. It looks like you pass a single -v, is that correct? If so, you can try logging in with additional verbosity (ie. -vvv) so that the debug is longer, and perhaps more helpful.
I suspect that there is some sort of firewall issue at the remote end. I tried to connect to that service from a remote host on a different network and the connection times out. NMAP reports p22 as filtered from that origin. When I run NMAP locally the port is open (as logically it must be to connect).
I have connected to the problem host from two different OS’s with exactly the same result. It would be odd if both clients had exactly the same problem.
Different hosts different sftp versions.
debug1: Local version string SSH-2.0-OpenSSH_8.0
debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9
debug1: Local version string SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9
I discovered that this issue is caused by ProFTPD’s mod_sftp. It does not handle the certificate negotiation well. This may be a flaw in coding or a timeout issue being triggered where more than one certificate is offered by the client. In this case the fix was to use the PreferredAuthentications=password option with the sftp client.: