I took a new look at the setup today and I managed to get it working
What I found out was that the module mod_sftp.c was not loaded.
That’s the reason the server was not listening on port 2222
# Support for the SSH2, SFTP, and SCP protocols, for secure file transfer over
# an SSH2 connection (http://www.castaglia.org/proftpd/modules/mod_sftp.html)
LoadModule mod_sftp.c
After I removed the # from the line above and restarted the services sshd, proftpd I was able to logon with a normal FTP user using SFTP on port 2222.
Success all over
Below is what I had to do.
Uncomment the line below in /etc/proftpd.conf
Support for the SSH2, SFTP, and SCP protocols, for secure file transfer over
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
#SFTPAuthMethods publickey
SFTPAuthMethods password
#SFTPAuthorizedUserKeys file:/etc/proftpd/authorized_keys/%u
# Enable compression
SFTPCompression delayed
Commented the line below for SSH in the file /etc/ssh/sshd_config
Subsystem sftp /usr/lib/openssh/sftp-server
Restart the 2 services sshd and proftpd
service sshd restart
service proftpd restart
Then it works
Unbelievable that I didn’t see the module in the proftpd.conf file before.
Glad you did it! Didn’t think about that setting - was suspecting network issues. But I dropped the FTP for good, closed ports, etc as this was the point, right?
I managed to get both FTP and SFTP working at the same time.
I just added the < virtualhost a.b.c.d > tag in the < ifmodule > configuration.
Where a.b.c.d represent the IP of the server.
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
#SFTPAuthMethods publickey
SFTPAuthMethods password
#SFTPAuthorizedUserKeys file:/etc/proftpd/authorized_keys/%u
# Enable compression
SFTPCompression delayed
Not that I want to revive this chaotic thread (or the really grumpy one that it links to), but I just wanted to chime in that I’ve committed changes to virtualmin-base on both CentOS/RHEL and Debian/Ubuntu to enable this by default.
It will not go into current operating system installs for at least another few days (and older systems will never get it, as there have been too many changes in virtualmin-base for me to be comfortable rolling it out without some testing), but Debian 8 (coming in a few days) will have SFTP enabled on port 2222 immediately after installation.
This will not effect already installed systems, so if you’re already running Virtualmin and want this feature enabled in ProFTPd, add the following to the end of proftpd.conf (or sftpd.conf in /etc/proftpd/conf.d if you have such a directory):
LoadModule mod_sftp.c
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys
# Enable compression
SFTPCompression delayed
And restart the proftpd server. Note that this is somewhat simplified from some of the other examples that have been posted and linked, and less prone to user error or confusion (some of the examples only allow key-based authentication, which is beyond many users comfort zone).
This is good news indeed, thanks Joe; will gladly remove any link offensive, it seems I blew some steam here against exactly 2 users in the last weeks that were escalating discussions with personal accusations. This is not the place, agreed.
What link are you referring to, the 2012 post with the graphical console?
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys
# Enable compression
SFTPCompression delayed
Ok I can use this, but I have to create keys for users by hand.
Any way for Virtualmin auto create keys for users?
I try to create one script to put on server creation:
Virtualmin -> System Settings -> Virtualmin Configuration ->Actions upon server and user creation -> Command to run before making changes to a server:
BUT I CAN´T GET USER PASSWORD ON CREATION -> #VIRTUALSERVER_PASS is always empty
#!/bin/ksh
####### CREATE SSH KEYS FOR PROFTD - SFTP USE ###################
if [ ! “$VIRTUALSERVER_PARENT” ]
then
if [ “$VIRTUALSERVER_ACTION” == “CREATE_DOMAIN” ]
then
if [ ! “$VIRTUALSERVER_CREATED” ]
then
mkdir -p /$VIRTUALSERVER_HOME/.ssh
ssh-keygen -t rsa -b 4096 -N $VIRTUALSERVER_PASS -f /$VIRTUALSERVER_HOME/.ssh/mysshkey
sudo ssh-keygen -e /$HOME/.ssh/mysshkey.pub | sudo tee /etc/proftpd/authorized_keys/$VIRTUALSERVER_DOM
echo " VIRTUAL SERVER DOM = "$VIRTUALSERVER_DOM
echo " VIRTUAL SERVER USER =" $VIRTUALSERVER_USER
echo "VIRTUAL SERVER HOME =" $VIRTUALSERVER_HOME
echo "VIRTUAL SERVER PASS ="$VIRTUALSERVER_PASS ### >>>>>> empty
echo "Setting up $VIRTUALSERVER_DOM to environment for sftp"
echo " .. done"
fi
