Sftp ~~not~~ working

rcfa

Hi,

tried to sftp into the pfSense box with the admin user and password, and this is what I get:

myHost:~ $ sftp admin@123.45.67.89
Password:
Received message too long 707406368
myHost:~ $ 

[IP address modified, of course]

slogin works just fine, however. I need sftp to upload files for vhosts…

mrzaz

I think it may have to do with a welcoming message popping up after the successful login.
sftp doesn't like welcoming messages.   (/etc/motd)

I originally had this problem at work and what I did was to insert a
detection-function that detected if this was a sftp-session and skipped the "motd" file.
(renaming the "motd" and the load i manually in script later)

I will get back with a solution within short.

Here are a few links
http://autosys.us/misc/sftp_received_message_too_long.html
http://www.snailbook.com/faq/sftp-corruption.auto.html
http://ubuntuforums.org/showthread.php?t=1656869
http://www.linuxquestions.org/questions/slackware-14/sftp-received-message-too-long-887856/

Just google "sftp Received message too long" and you will get a lot of hits.

As someone suggested in a linux-forum (which I don't know if works on BSD)

if [ ${TERM} != "dumb" ]; then
  test -s ~/.bashrc-local && . ~/.bashrc-local
 fi

//Dan

rcfa

Ok, thanks for pointing me in the right direction. The issue is the menu system gets activated when I try to sftp in as admin.

So I created a new user named after the web site, made a new group called webmaster, with one privilege, which is to login with a shell. So that user now can sftp in just fine. May have to work on the access privileges a bit such that the user can write into the proper folder, that's pretty much standard stuff, just depends on if/how vhosts works, which is what the whole exercise is all about: having a user that can sftp web site content.

stephenw10

This has always been the case.
You can log in as root via sftp no problems. No good in your scenario though.

Steve

rcfa

@stephenw10:

This has always been the case.
You can log in as root via sftp no problems. No good in your scenario though.

Wouldn't have mattered to use root, since there are only three people ever working with this: me, myself and I ;)

But yes, it's better to separate things, it's easy that a bug in a tool creates a lot of damage, when it accesses the file system with root privileges. But I was just thrown off by the error that I didn't get. In hindsight it all makes sense, as usual…

cmb

@rcfa:

But yes, it's better to separate things, it's easy that a bug in a tool creates a lot of damage, when it accesses the file system with root privileges.

Then you don't want to use admin. admin==root

Create another user that has shell privileges to accomplish that.

rcfa

@cmb:

@rcfa:

But yes, it's better to separate things, it's easy that a bug in a tool creates a lot of damage, when it accesses the file system with root privileges.

Then you don't want to use admin. admin==root

Create another user that has shell privileges to accomplish that.

I did that :)

@rcfa:

So I created a new user named after the web site, made a new group called webmaster, with one privilege, which is to login with a shell. So that user now can sftp in just fine. May have to work on the access privileges a bit such that the user can write into the proper folder, that's pretty much standard stuff, just depends on if/how vhosts works, which is what the whole exercise is all about: having a user that can sftp web site content.