Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved SFTP connects to 202 but not 222

    Support
    sftp
    4
    8
    409
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      drpaneas last edited by girish

      How to reproduce:

      I have the following sshd configuration:

      • Use keys insteas of password
      • Disable root login
      • Change port to 202
      • Allow only user 'drpaneas' to login

      I am now able to SFTP into the server, by loading my private key to Filezilla and accessing the SSH port (that is 202).

      According to https://docs.cloudron.io/apps/#ftp-access there is a docker container running an SFTP server where I should be able to connect using my Cloudron username/password at port 222. This is not happening though.

      This is the container I think:

      6cd9eeefdf5b        cloudron/sftp:3.0.0         "/app/code/start.sh"     19 hours ago        Up 2 minutes        0.0.0.0:222->22/tcp                                            sftp
      

      Is this normal?

      girish 1 Reply Last reply Reply Quote 0
      • nebulon
        nebulon Staff last edited by

        So the sshd itself on the server is not related to the sftp service running to get ftp access into the app. They are separate. SFTP auth is based on username@appdomain + password and not with keys. Generally we try to provide a system where SSH into the server is really only needed to troubleshoot and fix things. The ftp service itself is for webdev use-case mostly and thus also uses a different auth to be able to let that be configured via the dashboard.

        1 Reply Last reply Reply Quote 0
        • girish
          girish Staff @drpaneas last edited by girish

          @drpaneas Does telnet to port 222 work? Replace 1.2.3.4 with your Cloudron IP below. If it doesn't connect, then it indicates most likely some firewall issue. Do you have some Cloud firewall in front of your server? If so, you might have to unblock port 222.

          $ telnet 1.2.3.4 222
          Trying 1.2.3.4...
          Connected to 1.2.3.4.
          Escape character is '^]'.
          SSH-2.0-mod_sftp/0.9.9
          4iOӤ�]N���R��Q��ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa1024-sha1ssh-rsa�aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128-cbc,arcfour256,arcfour128,3des-ctr,3des-cbc�aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128-cbc,arcfour256,arcfour128,3des-ctr,3des-cbcjhmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,umac-64@openssh.comjhmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,umac-64@openssh.com�zlib@openssh.com,zlib,none�zlib@openssh.com,zlib,noneO�
          
          D Aizat 2 Replies Last reply Reply Quote 0
          • D
            drpaneas @girish last edited by

            @girish yes telnet works and I get the same reply as yours 🙂

            Also:

            # lsof -i:222
            COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
            docker-pr 20793 root    4u  IPv6 369319      0t0  TCP *:222 (LISTEN)
            
            # ps aux | grep 20793
            root       20793  0.0  0.0 622784  3968 ?        Sl   19:46   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 222 -container-ip 172.18.0.7 -container-port 22
            
            girish 1 Reply Last reply Reply Quote 0
            • girish
              girish Staff @drpaneas last edited by

              @drpaneas Ah ok, I think what you were probably looking for is to understand if the SSH and SFTP are the same server. As @nebulon said, they are completely different. SSH can be on any port. SFTP is run on specific port 222 and doesn't use ssh keys and instead uses cloudron directory for authentication. If you don't use SFTP, you can simple firewall off that port.

              D 1 Reply Last reply Reply Quote 0
              • D
                drpaneas @girish last edited by

                @girish yup I got it now. all clear 🙂 Thanks everyone 🙂

                1 Reply Last reply Reply Quote 0
                • Aizat
                  Aizat @girish last edited by Aizat

                  @girish Hi, I'm having a problem I did try telnet

                  root@vmi815992:~# telnet 123.123.123.1 222
                  Trying 123.123.123.1...
                  telnet: Unable to connect to remote host: Connection refused
                  

                  Do I need to manually open port 222? I thought it was open by default for SFTP.

                  girish 1 Reply Last reply Reply Quote 0
                  • girish
                    girish Staff @Aizat last edited by

                    @Aizat Let's discuss at https://forum.cloudron.io/topic/6719/sftp-port-222-not-working-firewall-ufw-was-inactive

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Powered by NodeBB