Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. cant sftp into dev wordpress

cant sftp into dev wordpress

Scheduled Pinned Locked Moved Solved Support
sftp
10 Posts 2 Posters 1.3k Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • chrisC Offline
      chrisC Offline
      chris
      wrote on last edited by girish
      #1

      trying to gain sftp access to a WordPress (Developer) app and my connection is refused or my pass is not working

      Tried via two different clients (cyberduck and forklift) and i tried direct via terminal sftp command. i can hit the server in terminal, but get Permission denied, please try again the password i am using is the same i login into my cloudron instance. (i do have 2factor auth on for my account, i am the admin). in the clients i get connection refused.

      i tried in v7.4.3 of cloudron and i just updated to v7.5 and tried again, same issue.

      girishG 1 Reply Last reply
      0
      • chrisC chris

        trying to gain sftp access to a WordPress (Developer) app and my connection is refused or my pass is not working

        Tried via two different clients (cyberduck and forklift) and i tried direct via terminal sftp command. i can hit the server in terminal, but get Permission denied, please try again the password i am using is the same i login into my cloudron instance. (i do have 2factor auth on for my account, i am the admin). in the clients i get connection refused.

        i tried in v7.4.3 of cloudron and i just updated to v7.5 and tried again, same issue.

        girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #2

        @chris please check if the SFTP port 222 is open in your cloud firewall (not the server, but anything that might be in the front like EC2 Security Group). If you use Cloudflare, you have to disable proxying because Cloudflare won't proxy SFTP traffic.

        Finally, please note the username is different for each app. See https://docs.cloudron.io/apps/#ftp-access . It will show a popup with the username.

        1 Reply Last reply
        1
        • chrisC Offline
          chrisC Offline
          chris
          wrote on last edited by
          #3

          i think you are right @girish , i thought i tested for open port before posting, but apparently not. running the following command and i see failed: Connection refused

          nc -zv IPADDRESS 222

          i will reach out to my host next.

          1 Reply Last reply
          0
          • girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #4

            @chris I would also double check if the sftp service is working. Services -> sftp. Is that green?

            1 Reply Last reply
            1
            • chrisC Offline
              chrisC Offline
              chris
              wrote on last edited by chris
              #5

              Hi @girish
              i checked with my host, they are not blocking 222, i do use cloudflare, but i dont proxy through it, and to be safe i paused cloudflare on the domain, still not able to SFTP.

              when i log into the server as root from my terminal, and run nc -zv localhost 222 , i see Connection to localhost 222 port [tcp/*] succeeded! not sure if that is the best way to see if 222 is open or not.

              however, if i check from a online port scanner, i see 222 is closed. eg https://portchecker.co/checking

              yes services -> sftp is green

              any other suggestions?

              girishG 1 Reply Last reply
              0
              • chrisC chris

                Hi @girish
                i checked with my host, they are not blocking 222, i do use cloudflare, but i dont proxy through it, and to be safe i paused cloudflare on the domain, still not able to SFTP.

                when i log into the server as root from my terminal, and run nc -zv localhost 222 , i see Connection to localhost 222 port [tcp/*] succeeded! not sure if that is the best way to see if 222 is open or not.

                however, if i check from a online port scanner, i see 222 is closed. eg https://portchecker.co/checking

                yes services -> sftp is green

                any other suggestions?

                girishG Offline
                girishG Offline
                girish
                Staff
                wrote on last edited by
                #6

                @chris Mmm, I am out of ideas. If not using Cloudflare and if you don't use a Cloud firewalls, then it's not clear why port 222 will be blocked. Can you send us an email to support@cloudron.io with the domain/IP and we can check it from here.

                1 Reply Last reply
                0
                • chrisC Offline
                  chrisC Offline
                  chris
                  wrote on last edited by
                  #7

                  yes. done. thanks for taking a look into this @girish

                  1 Reply Last reply
                  0
                  • girishG Offline
                    girishG Offline
                    girish
                    Staff
                    wrote on last edited by
                    #8

                    It seems the internal SFTP server does not start up with. It errors with:

                    2023-07-18 17:59:26,556 sftp proftpd[20]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
                    2023-07-18 17:59:26,557 sftp proftpd[20]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 77 of '/etc/proftpd/proftpd.conf'
                    2023-07-18 17:59:26,559 INFO exited: proftpd (exit status 1; not expected)
                    2023-07-18 17:59:28,563 INFO spawned: 'proftpd' with pid 21
                    

                    And indeed, the keys are world readable:

                    root@xx:/home/yellowtent/platformdata/sftp/ssh# ls -l
                    total 16
                    -rw------- 1 yellowtent yellowtent  419 Jul 14 22:50 ssh_host_ed25519_key
                    -rw-r--r-- 1 yellowtent yellowtent  110 Jul 14 22:50 ssh_host_ed25519_key.pub
                    -rw-r--r-- 1 yellowtent yellowtent 1679 Jul 14 22:50 ssh_host_rsa_key
                    -rw-r--r-- 1 yellowtent yellowtent  408 Jul 14 22:50 ssh_host_rsa_key.pub
                    

                    A chmod o-r,g-r ssh_host_rsa_key does the trick. @chris can you check now?

                    1 Reply Last reply
                    0
                    • girishG Offline
                      girishG Offline
                      girish
                      Staff
                      wrote on last edited by
                      #9

                      The file is created here with the correct perms. Not sure how it changed later.

                      1 Reply Last reply
                      0
                      • chrisC Offline
                        chrisC Offline
                        chris
                        wrote on last edited by
                        #10

                        Thank you @girish - yes. that worked! I can sftp into the app
                        And i am so glad you took the time to review and fix the issue.

                        1 Reply Last reply
                        1
                        • girishG girish marked this topic as a question on
                        • girishG girish has marked this topic as solved on
                        Reply
                        • Reply as topic
                        Log in to reply
                        • Oldest to Newest
                        • Newest to Oldest
                        • Most Votes


                          • Login

                          • Don't have an account? Register

                          • Login or register to search.
                          • First post
                            Last post
                          0
                          • Categories
                          • Recent
                          • Tags
                          • Popular
                          • Bookmarks
                          • Search