Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

SFTP connects to 202 but not 222

Scheduled Pinned Locked Moved Solved Support
sftp
8 Posts 4 Posters 429 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    D Offline
    drpaneas
    wrote on last edited by girish
    #1

    How to reproduce:

    I have the following sshd configuration:

    • Use keys insteas of password
    • Disable root login
    • Change port to 202
    • Allow only user 'drpaneas' to login

    I am now able to SFTP into the server, by loading my private key to Filezilla and accessing the SSH port (that is 202).

    According to https://docs.cloudron.io/apps/#ftp-access there is a docker container running an SFTP server where I should be able to connect using my Cloudron username/password at port 222. This is not happening though.

    This is the container I think:

    6cd9eeefdf5b        cloudron/sftp:3.0.0         "/app/code/start.sh"     19 hours ago        Up 2 minutes        0.0.0.0:222->22/tcp                                            sftp
    

    Is this normal?

    girishG 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #2

    So the sshd itself on the server is not related to the sftp service running to get ftp access into the app. They are separate. SFTP auth is based on username@appdomain + password and not with keys. Generally we try to provide a system where SSH into the server is really only needed to troubleshoot and fix things. The ftp service itself is for webdev use-case mostly and thus also uses a different auth to be able to let that be configured via the dashboard.

    1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to drpaneas on last edited by girish
    #3

    @drpaneas Does telnet to port 222 work? Replace 1.2.3.4 with your Cloudron IP below. If it doesn't connect, then it indicates most likely some firewall issue. Do you have some Cloud firewall in front of your server? If so, you might have to unblock port 222.

    $ telnet 1.2.3.4 222
    Trying 1.2.3.4...
    Connected to 1.2.3.4.
    Escape character is '^]'.
    SSH-2.0-mod_sftp/0.9.9
    4iOӤ�]N���R��Q��ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa1024-sha1ssh-rsa�aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128-cbc,arcfour256,arcfour128,3des-ctr,3des-cbc�aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128-cbc,arcfour256,arcfour128,3des-ctr,3des-cbcjhmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,umac-64@openssh.comjhmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,umac-64@openssh.com�zlib@openssh.com,zlib,none�zlib@openssh.com,zlib,noneO�
    
    D AizatA 2 Replies Last reply
    0
  • D Offline
    D Offline
    drpaneas
    replied to girish on last edited by
    #4

    @girish yes telnet works and I get the same reply as yours 🙂

    Also:

    # lsof -i:222
    COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
    docker-pr 20793 root    4u  IPv6 369319      0t0  TCP *:222 (LISTEN)
    
    # ps aux | grep 20793
    root       20793  0.0  0.0 622784  3968 ?        Sl   19:46   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 222 -container-ip 172.18.0.7 -container-port 22
    
    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to drpaneas on last edited by
    #5

    @drpaneas Ah ok, I think what you were probably looking for is to understand if the SSH and SFTP are the same server. As @nebulon said, they are completely different. SSH can be on any port. SFTP is run on specific port 222 and doesn't use ssh keys and instead uses cloudron directory for authentication. If you don't use SFTP, you can simple firewall off that port.

    D 1 Reply Last reply
    0
  • D Offline
    D Offline
    drpaneas
    replied to girish on last edited by
    #6

    @girish yup I got it now. all clear 🙂 Thanks everyone 🙂

    1 Reply Last reply
    0
  • AizatA Offline
    AizatA Offline
    Aizat
    replied to girish on last edited by Aizat
    #7

    @girish Hi, I'm having a problem I did try telnet

    root@vmi815992:~# telnet 123.123.123.1 222
    Trying 123.123.123.1...
    telnet: Unable to connect to remote host: Connection refused
    

    Do I need to manually open port 222? I thought it was open by default for SFTP.

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to Aizat on last edited by
    #8

    @Aizat Let's discuss at https://forum.cloudron.io/topic/6719/sftp-port-222-not-working-firewall-ufw-was-inactive

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.