cant sftp into dev wordpress
-
trying to gain sftp access to a WordPress (Developer) app and my connection is refused or my pass is not working
Tried via two different clients (cyberduck and forklift) and i tried direct via terminal sftp command. i can hit the server in terminal, but get
Permission denied, please try again
the password i am using is the same i login into my cloudron instance. (i do have 2factor auth on for my account, i am the admin). in the clients i get connection refused.i tried in v7.4.3 of cloudron and i just updated to v7.5 and tried again, same issue.
-
@chris please check if the SFTP port 222 is open in your cloud firewall (not the server, but anything that might be in the front like EC2 Security Group). If you use Cloudflare, you have to disable proxying because Cloudflare won't proxy SFTP traffic.
Finally, please note the username is different for each app. See https://docs.cloudron.io/apps/#ftp-access . It will show a popup with the username.
-
Hi @girish
i checked with my host, they are not blocking 222, i do use cloudflare, but i dont proxy through it, and to be safe i paused cloudflare on the domain, still not able to SFTP.when i log into the server as root from my terminal, and run
nc -zv localhost 222
, i seeConnection to localhost 222 port [tcp/*] succeeded!
not sure if that is the best way to see if 222 is open or not.however, if i check from a online port scanner, i see 222 is closed. eg https://portchecker.co/checking
yes services -> sftp is green
any other suggestions?
-
@chris Mmm, I am out of ideas. If not using Cloudflare and if you don't use a Cloud firewalls, then it's not clear why port 222 will be blocked. Can you send us an email to support@cloudron.io with the domain/IP and we can check it from here.
-
It seems the internal SFTP server does not start up with. It errors with:
2023-07-18 17:59:26,556 sftp proftpd[20]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub' 2023-07-18 17:59:26,557 sftp proftpd[20]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 77 of '/etc/proftpd/proftpd.conf' 2023-07-18 17:59:26,559 INFO exited: proftpd (exit status 1; not expected) 2023-07-18 17:59:28,563 INFO spawned: 'proftpd' with pid 21
And indeed, the keys are world readable:
root@xx:/home/yellowtent/platformdata/sftp/ssh# ls -l total 16 -rw------- 1 yellowtent yellowtent 419 Jul 14 22:50 ssh_host_ed25519_key -rw-r--r-- 1 yellowtent yellowtent 110 Jul 14 22:50 ssh_host_ed25519_key.pub -rw-r--r-- 1 yellowtent yellowtent 1679 Jul 14 22:50 ssh_host_rsa_key -rw-r--r-- 1 yellowtent yellowtent 408 Jul 14 22:50 ssh_host_rsa_key.pub
A
chmod o-r,g-r ssh_host_rsa_key
does the trick. @chris can you check now? -
-