# Problems with SFTP - connection reset by peer

## RaceTM

Hey all,

I'm havingf some issues connecting to a windows server 2003 box running an SFTP client.  I'm receiving the following error when I try to use sftp to connect to it:

```
sftp -oPort=5000 -v fox2k@192.168.1.111

Connecting to 192.168.1.111...

OpenSSH_4.3p2, OpenSSL 0.9.7e 25 Oct 2004

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Connecting to 192.168.1.111 [192.168.1.111] port 5000.

debug1: connect to address 192.168.1.111 port 5000: Connection reset by peer

ssh: connect to host 192.168.1.111 port 5000: Connection reset by peer

Couldn't read packet: Connection reset by peer

```

This is my ssh_config file:

```
#   $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $

# This is the ssh client system-wide configuration file.  See

# ssh_config(5) for more information.  This file provides defaults for

# users, and the values can be changed in per-user configuration files

# or on the command line.

# Configuration data is parsed as follows:

#  1. command line options

#  2. user-specific file

#  3. system-wide file

# Any configuration value is only changed the first time it is set.

# Thus, host-specific definitions should be at the beginning of the

# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive

# list of available options, their meanings and defaults, please see the

# ssh_config(5) man page.

# Host *

#   ForwardAgent no

#   ForwardX11 no

#   RhostsRSAAuthentication no

#   RSAAuthentication yes

   PasswordAuthentication yes

#   HostbasedAuthentication no

#   BatchMode no

#   CheckHostIP yes

#   AddressFamily any

#   ConnectTimeout 0

#   StrictHostKeyChecking ask

#   IdentityFile ~/.ssh/identity

#   IdentityFile ~/.ssh/id_rsa

#   IdentityFile ~/.ssh/id_dsa

   Port 5000

   Protocol 2,1

   Cipher 3des

   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

#   EscapeChar ~

#   Tunnel no

#   TunnelDevice any:any

#   PermitLocalCommand no

```

Does anyone have an idea as to what might be causing this error message?

edit: just to clarify, the server is a Windows Server 2003 mahine running a win32 sftp server application (I am not using Cygwin or any sort of nix emulation on it).  I am trying to connect to it from a separate Gentoo box.Last edited by RaceTM on Tue Oct 31, 2006 5:14 pm; edited 1 time in total

----------

## rsa4046

 *RaceTM wrote:*   

> Hey all,
> 
> I'm havingf some issues connecting to a windows server 2003 box running an SFTP client.  I'm receiving the following error when I try to use sftp to connect to it:
> 
> ```
> ...

 

What is the sftp server software running on the Windows box? Are you sure the firewall is open for this port?

----------

## RaceTM

Thanks for the reply,

the server is running Titan FTP.  I have no problems connecting from other windows machines using WinSCP, and in fact I have a friend who is able to access the ftp via his gentoo box (I'm assuming he's using sftp, but I dont know for sure)

----------

## rsa4046

On the gentoo box, can you do 

```
$ sftp localhost
```

successfully? I'm thinking the problem is the port. E.g., I get

```
$ sftp -oPort=22 localhost

Connecting to localhost...

Password:

sftp> quit

```

versus

```
$ sftp -oPort=5000 localhost

Connecting to localhost...

ssh: connect to host localhost port 5000: Connection refused

Couldn't read packet: Connection reset by peer

```

----------

## rsa4046

In /etc/ssh/sshd_confg, if you change/add the default port (22) to 5000

```
Port 5000

Port 22

Protocol 2

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress ::

```

and restart sshd (/etc/init.d/sshd restart), does this allow access?

----------

## RaceTM

 *rsa4046 wrote:*   

> On the gentoo box, can you do 
> 
> ```
> $ sftp localhost
> ```
> ...

 

There is no sftp server software running on my gentoo box, so unless sftp access comes enabled by default with openssh, i dont think I will be able to connect to localhost.

As for the port, I know it is configured correctly, because if I try to connect to any other port it simply times out.  It seems like I am getting a connection for a brief second but there is a problem with communication - I would guess it had to do with the encrpction channel but im not even getting prompted to log in before it resets.

I will try to edit my sshd_config file tonight and see what that does, although I'm not sure what that file is for.

I also thought that it was suficient to specify the port through the command line when trying to connect to a non default port.

----------

## rsa4046

Sorry for the delay, and for errors in previous versions of this post: I experimented with sftp'ing to a remote Windows XP box (running cygwin's OpenSSH), on which I had changed its /etc/sshd_config to allow Port 5000 (presumably your Windows server's ftp server software already has this done, from what you describe), and of course poked the appropriate hole in the XP firewall. On the local gentoo box, at first I thought that providing this statement in /etc/ssh/ssh_config

```
$ grep Port /etc/ssh/ssh_config

   Port 22

   Port 5000

```

was the problem, but I was wrong. It makes no difference, I can sftp to the Windows box (pegasus below) with either port 22 or port 5000, regardless of what's in ssh_config:

```
$ sftp -oPort=5000 pegasus

Connecting to pegasus...

rolf@pegasus's password:

```

So it seems you're right, you should be able to just furnish ports on the command line, and sftp without changing anything in your local /etc/ssh. Anyone?

Later: EDITed to fix gross errors

----------

## RaceTM

Thanks for your suggestions, but I think there has been a misunderstanding about my server's configuration  :Very Happy: 

I'm not running Cygwin or any sort of emulation on the Windows box.  Titan FTP server is a win32 application which is running on Windows Server 2003 as an sftp service.  I have clients trying to connect to this machine from various environments.  All connections from windows machines using various sftp clients seem to have no problems, and I also have someone who has successfully connected to the windows server from their gentoo installation.  But right now I'm not able to connect to my windows sftp server box from my separate gentoo box.

Hope this clarifies  :Smile: 

----------

## RaceTM

by the way I really appreciate your taking the time to set up a small test case  :Smile: 

----------

## rsa4046

 *RaceTM wrote:*   

> Thanks for your suggestions, but I think there has been a misunderstanding about my server's configuration 
> 
> I'm not running Cygwin or any sort of emulation on the Windows box.  Titan FTP server is a win32 application which is running on Windows Server 2003 as an sftp service.  I have clients trying to connect to this machine from various environments.  All connections from windows machines using various sftp clients seem to have no problems, and I also have someone who has successfully connected to the windows server from their gentoo installation.  But right now I'm not able to connect to my windows sftp server box from my separate gentoo box.
> 
> Hope this clarifies 

 

No misunderstanding, I was just seeing if I could hit the same snag. The fact that both windows and linux clients (other than yours) can connect without difficulty, assuming no restrictions on the server side (e.g., your account, ip address, etc.), seems to point to a problem on your local machine. What's odd is that the connection is never even made, as far as I can tell; i.e., not just refused, but instantly dropped.

----------

## RaceTM

 *rsa4046 wrote:*   

>  *RaceTM wrote:*   Thanks for your suggestions, but I think there has been a misunderstanding about my server's configuration 
> 
> I'm not running Cygwin or any sort of emulation on the Windows box.  Titan FTP server is a win32 application which is running on Windows Server 2003 as an sftp service.  I have clients trying to connect to this machine from various environments.  All connections from windows machines using various sftp clients seem to have no problems, and I also have someone who has successfully connected to the windows server from their gentoo installation.  But right now I'm not able to connect to my windows sftp server box from my separate gentoo box.
> 
> Hope this clarifies  
> ...

 

ok, never mind then; I assumed that you were assuming that I was using Cygwin  :Very Happy:  Sorry about that

What's strange is that if I try to ssh to the box on port 5000 using kde's default ssh application, I get a login prompt.  I can enter my credentials, but then the window immediately closes.  I am not set up to allow terminal sessions on the server, so whats happening seems to make sense to me and verifies your conclusion that the server is configured properly and that this is all problem with my openssh / sftp installation or something else on the client system.

I have been trying to work with another application, kftpgrabber, but I was having a problem where running kftpgrabber as a regular user resulted in the application not being able to read my file system (it would open up and try to load my home directory on the local side, and say something like 'Malformed URL'.  Running it as root was not a problem. Anyways I figured I would drop that issue and see if I could get this working under a more basic sftp client first before I continue troubleshooting other applications.

----------

## rsa4046

What is kde's default ssh app? I use kde but wasn't aware of this (kssh?). Is it a front-end or a separate implementation of ssh/OpenSSH?

----------

## RaceTM

I'm not at home at the moment so I cant doublecheck what I was using but I am pretty sure it was kssh. I will check back tonight, assuming that my system isnt broken for some other reason (I am re-emerging kde in order to try to solve another problem...)

The setup screen is a GUI, but I dont know if it launches in to a konsole or whether the application itself is a GUI frontend, as it closes before anything significant happens.

----------

## rsa4046

Also (and here I'm just guessing), maybe the problem lies with your ssl (it looks old)? There was some problem about this awhile back (http://www.gentoo.org/news/en/gwn/20060918-newsletter.xml), that bogged ssh clients, although this involved a more recent dev-libs/openssl than yours. But perhaps try updating ssl?

Edit, later added:

Something wrong with keys? Again, just guessing, but try removing (e.g., temporarily) your keys from ~/.ssh; or alternatively, try adding another user and sftp as this user from the same box?

----------

## RaceTM

Thanks,

I will try your suggestions tonight (or tomorrow night, depending on if I have time) and see what happens.

----------

## RaceTM

well nothing seemed to work - ssl is already at the latest version, and I have tried reinstalling kftpgrabber with no luck.

 :Sad: 

----------

