Submitted by gte451f on Tue, 04/06/2010 - 21:23

I've run into an error where one of my users can't login as the domain administrator for their website. They get the following error.

I can log in under the root account without issue.

Also, I recently migrated their domain over from another Virtualmin server using the back restore utility provided by virtualmin so that could be the cause.

I've heard of a chroot init scrip but I can't find it to compare this particular user against a known working copy.

Status: 
Active

Comments

Submitted by andreychek on Tue, 04/06/2010 - 21:28

Howdy -- if you've recently migrated their domain, and the IP address of their domain changed -- the old IP address may be cached in their ISP's DNS.

That could cause the SFTP client to attempt to connect to the old host rather than your current one.

What if your user attempts to connect to your server via it's current IP address, rather than their domain name -- does it work in that case?

Submitted by gte451f on Tue, 04/06/2010 - 21:33

I just tried using the direct IP connection instead of the Domain and I got the same error.

I figured it had to do with the user account because I can login and use SFTP for ROOT but not for this particular user account. I will also test by creating a basic domain and account from scratch using VirtualMin and see if I get a different result.

Submitted by gte451f on Tue, 04/06/2010 - 21:37

I've tried creating a brand new account using Virtuamin and I get the same error when attempting to login using that new local admin account.

Something about the SSH Server or SFTP config is not working for non ROOT accounts.

Submitted by andreychek on Tue, 04/06/2010 - 21:40

Are you seeing any errors in the logfiles?

I'd be curious if anything shows up in /var/log/secure and /var/log/messages whenever trying to login as one of those users.

Submitted by gte451f on Tue, 04/06/2010 - 22:05

Nothing shows up in messages but I get the following in secure.

Apr 7 11:06:21 nofun sshd[15564]: Accepted password for root from 12.34.56.78 port 52209 ssh2

Apr 7 11:06:21 nofun sshd[15564]: pam_unix(sshd:session): session opened for user root by (uid=0)

Apr 7 11:07:07 nofun sshd[16002]: Accepted password for root from 12.34.56.78 port 52214 ssh2

Apr 7 11:07:07 nofun sshd[16002]: pam_unix(sshd:session): session opened for user root by (uid=0)

Apr 7 11:07:07 nofun sshd[16002]: subsystem request for sftp

Apr 7 11:07:13 nofun sshd[16002]: pam_unix(sshd:session): session closed for user root

Apr 7 11:07:47 nofun sshd[16371]: Accepted password for test_user from 12.34.56.78 port 52215 ssh2

Apr 7 11:07:47 nofun sshd[16371]: pam_unix(sshd:session): session opened for user test_user by (uid=0)

Apr 7 11:07:47 nofun sshd[16371]: pam_unix(sshd:session): session closed for user test_user

Apr 7 11:07:55 nofun sshd[17490]: Connection closed by 12.34.56.78

Apr 7 11:07:47 nofun sshd[16371]: Accepted password for test_user from 12.34.56.78 port 52215 ssh2

Apr 7 11:07:47 nofun sshd[16371]: pam_unix(sshd:session): session opened for user test_user by (uid=0)

Apr 7 11:07:47 nofun sshd[16371]: pam_unix(sshd:session): session closed for user test_user

Apr 7 11:07:55 nofun sshd[17490]: Connection closed by 12.34.56.78

Is there some config file I can provide?

Submitted by andreychek on Tue, 04/06/2010 - 22:19

Hmm, what shell are those users setup with? SFTP doesn't work, but can they login using SSH?

It looks like the users are correctly authenticating, I'm wondering if something about their shell is preventing SFTP from working.

Submitted by gte451f on Wed, 04/07/2010 - 06:32

EDIT I'm not sure what shell they are using or how I can check. Can you suggest a way for me to determine that?

**

I'm testing on WinSCP.

The options are to connect with either SFTP, SCP or FTP.

I can't login with SFTP, it shows the error mentioned in prior posts. I can login with SCP and navigate folders BUT I can't upload or download a file. I get an error (see attached).

I've tried connecting using PUTTY and can't even connect. I get an error (see attached).

messages log shows... Apr 7 11:07:47 MYDOMAIN out of memory [17447]

Apr 7 11:07:47 MYDOMAIN out of memory [17447]

Apr 7 11:39:16 MYDOMAIN out of memory [32156]

Apr 7 11:39:26 MYDOMAIN out of memory [1865]

Apr 7 11:41:36 MYDOMAIN out of memory [5757]

secure log shows more of the same accepted password session opened followed quickly by session closed with no reason.

Again none of this is an issue for ROOT. Doesn't this indicate an issue with the way accounts are being created/permission ed by virtualmin?

Submitted by andreychek on Wed, 04/07/2010 - 09:40

Out of memory errors, eh?

How much memory do you have available to you there?

For example, if you're able to login as root over SSH, what is the output of the command "free -m"?

Submitted by gte451f on Wed, 04/07/2010 - 13:35

I ran a free -m and had it update every second while I attempted to log in via SSH on a NON ROOT account.

It was hardly changed during the whole exercise and shows plenty of free memory. Could that error be a red herring?

total used free shared buffers cached
Mem: 1024 452 571 0 0 0
-/+ buffers/cache: 452 571
Swap: 0 0 0

Submitted by andreychek on Wed, 04/07/2010 - 14:26

Yeah, if you have that much free memory, that's probably not the cause.

Memory is a thing to keep an eye on though, as we've seen low-memory systems cause some of the strangest errors.

Would it be possible for me to log into your system, both as a user who's having trouble with SFTP, as well as root?

I'll do some tests and try to determine the source of the trouble your seeing with SFTP.

If that's okay, you can email login information for root and your test user to eric@virtualmin.com -- or you can use the Virtualmin Support module to enable remote access, and provide the info that way.

Submitted by gte451f on Fri, 04/09/2010 - 10:02

I've enabled access on my server and referenced this support issue in the comments.

Submitted by andreychek on Fri, 04/09/2010 - 10:31

Great, I'll take a look.

Do you have a username and password for a test user who is having trouble with SFTP?

Thanks!