@girish said in SFTP port 222 not working, Firewall UFW was inactive:
iptables -t nat -L DOCKER
Hi! thank you very much for the detailed input. I have removed the port 222 from the ufw and then disabled ufw.
OK, Here's what I see:
root@vmi815992:~# iptables --numeric -L DOCKER
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 172.18.0.4 tcp dpt:8000
ACCEPT tcp -- 0.0.0.0/0 172.18.0.4 tcp dpt:2004
ACCEPT tcp -- 0.0.0.0/0 172.18.0.4 tcp dpt:2003
ACCEPT tcp -- 0.0.0.0/0 172.18.0.8 tcp dpt:9995
ACCEPT tcp -- 0.0.0.0/0 172.18.0.8 tcp dpt:9993
ACCEPT tcp -- 0.0.0.0/0 172.18.0.8 tcp dpt:4190
ACCEPT tcp -- 0.0.0.0/0 172.18.0.8 tcp dpt:2587
ACCEPT tcp -- 0.0.0.0/0 172.18.0.8 tcp dpt:2465
ACCEPT udp -- 0.0.0.0/0 172.18.16.75 udp dpt:10000
ACCEPT tcp -- 0.0.0.0/0 172.18.0.15 tcp dpt:22
and
root@vmi815992:~# iptables -t nat -L DOCKER
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
DNAT tcp -- anywhere localhost tcp dpt:8417 to:172.18.0.4:8000
DNAT tcp -- anywhere localhost tcp dpt:2004 to:172.18.0.4:2004
DNAT tcp -- anywhere localhost tcp dpt:cfinger to:172.18.0.4:2003
DNAT tcp -- anywhere anywhere tcp dpt:pop3s to:172.18.0.8:9995
DNAT tcp -- anywhere anywhere tcp dpt:imaps to:172.18.0.8:9993
DNAT tcp -- anywhere anywhere tcp dpt:sieve to:172.18.0.8:4190
DNAT tcp -- anywhere anywhere tcp dpt:smtp to:172.18.0.8:2587
DNAT tcp -- anywhere anywhere tcp dpt:submission to:172.18.0.8:2587
DNAT tcp -- anywhere anywhere tcp dpt:submissions to:172.18.0.8:2465
DNAT udp -- anywhere anywhere udp dpt:10000 to:172.18.16.75:10000
DNAT tcp -- anywhere anywhere tcp dpt:222 to:172.18.0.15:22
And the log:
Mar 27 19:01:07 2022-03-27 18:01:07,913 INFO success: filemanager entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
Mar 27 19:01:07 2022-03-27 18:01:07,917 INFO spawned: 'proftpd' with pid 20
Mar 27 19:01:07 2022-03-27 18:01:07,940 sftp proftpd[20]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
Mar 27 19:01:07 2022-03-27 18:01:07,940 sftp proftpd[20]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'
Mar 27 19:01:08 2022-03-27 18:01:08,962 INFO success: proftpd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
Mar 27 19:01:08 2022-03-27 18:01:08,962 INFO exited: proftpd (exit status 1; not expected)
Mar 27 19:01:09 2022-03-27 18:01:09,967 INFO spawned: 'proftpd' with pid 21
Mar 27 19:01:09 2022-03-27 18:01:09,991 INFO exited: proftpd (exit status 1; not expected)
Mar 27 19:01:09 2022-03-27 18:01:09,989 sftp proftpd[21]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
Mar 27 19:01:09 2022-03-27 18:01:09,989 sftp proftpd[21]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'
Mar 27 19:01:11 2022-03-27 18:01:10,999 INFO spawned: 'proftpd' with pid 22
Mar 27 19:01:11 2022-03-27 18:01:11,056 sftp proftpd[22]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
Mar 27 19:01:11 2022-03-27 18:01:11,056 sftp proftpd[22]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'
Mar 27 19:01:11 2022-03-27 18:01:11,058 INFO exited: proftpd (exit status 1; not expected)
Mar 27 19:01:13 2022-03-27 18:01:13,064 INFO spawned: 'proftpd' with pid 23
Mar 27 19:01:13 2022-03-27 18:01:13,082 sftp proftpd[23]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
Mar 27 19:01:13 2022-03-27 18:01:13,085 INFO exited: proftpd (exit status 1; not expected)
>>Mar 27 19:01:13 2022-03-27 18:01:13,083 sftp proftpd[23]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'
Mar 27 19:01:16 2022-03-27 18:01:16,091 INFO spawned: 'proftpd' with pid 24
Mar 27 19:01:16 2022-03-27 18:01:16,141 sftp proftpd[24]: LDAPServer: parsed URL 'ldap://172.18.0.1:3002/??sub' as 'ldap://172.18.0.1:3002/??sub'
>>Mar 27 19:01:16 2022-03-27 18:01:16,141 sftp proftpd[24]: fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'
Mar 27 19:01:16 2022-03-27 18:01:16,151 INFO exited: proftpd (exit status 1; not expected)
Mar 27 19:01:17 2022-03-27 18:01:17,153 INFO gave up: proftpd entered FATAL state, too many start retries too quickly
Mar 28 14:35:40 [GET] /files/app-188b9a37-023d-4527-a955-e6f21227de36/
Mar 28 14:35:40 get: /mnt/appsdata/188b9a37-023d-4527-a955-e6f21227de36/data as download:false
Mar 28 14:35:41 [GET] /files/app-188b9a37-023d-4527-a955-e6f21227de36/credentials.txt
Mar 28 14:35:41 get: /mnt/appsdata/188b9a37-023d-4527-a955-e6f21227de36/data/credentials.txt as download:false
Mar 28 18:04:07 [GET] /files/app-21c7ea06-6ede-4883-a02d-d52321727aed/
Mar 28 18:04:07 get: /mnt/appsdata/21c7ea06-6ede-4883-a02d-d52321727aed/data as download:false
Mar 28 18:04:45 [GET] /files/app-21c7ea06-6ede-4883-a02d-d52321727aed/public
Mar 28 18:04:45 get: /mnt/appsdata/21c7ea06-6ede-4883-a02d-d52321727aed/data/public as download:false
On the 27th it did show there are an issue :
fatal: SFTPHostKey: unable to use '/etc/ssh/ssh_host_rsa_key' as host key, as it is group- or world-accessible on line 101 of '/etc/proftpd/proftpd.conf'