Impossible to connect in SFTP since latest ProFTPd update (Debian 9)

Virtualmin
1

Hi there,

ProFTPd has been updated in Debian 9 repos a couple of days ago.

Since then, I am unable to connect to any users of any sites of any servers the usual way (SFTP, port 2222).

This is quite urgent, I’m still trying to figure it out, any workarround would be very welcome.

All the best !
Nico

|Statut :|Connection to my.server.com:2222…|
|Response :|fzSftp started, protocol_version=9|
|Command :|open “user@my.server.com” 2222|
|Error :|FATAL ERROR: Network error: Software caused connection abort|

2

I just checked on a VPS I fired up: this bug can be reproduced on a Debian 9 fresh install.

Still looking for a solution ;-(

3

Can you connect using the IP address rather than the hostname / domain name?

Richard

4

Hello Richard, thank you for jumping in.

No, connecting on the IP does not work (same result, same error message).

5

I don’t know enough about Debian to be much help, but the error seems to be a rather generic Windows one. Can you download an SSH terminal app on to a phone or another computer and try logging in that way? That would at least narrow down whether it’s a ProFTP problem or a Windows problem.

Or maybe delete the key from Filezilla, restart it, and try again.

Also, dumb question, but is it possible the firewall locked you out due to the “failed” FTP logins?

Richard

6

Hi again!

Sorry for the poor error message above and the lack of details, I spend most of my time trying to figure this out.

I am pretty sure it is all due to the latest update of ProFTPd in relation with mod_sftp, that one : https://www.debian.org/lts/security/2020/dla-2338.en.html

It does not only happen on Windows with FilleZilla, it concerns all sorts of users connectinf themselves in differents ways and on several different servers … and it happened at once after the ProFTPd’s update.

Moreover, whenerver I downgrade ProFTPd to the previous version, everything works like a charm again…

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.