sFTP 伺服器無法啟動

sFTP 伺服器無法啟動

我在 sFTP 工作時遇到問題,而 ssh 沒有問題。我基本上是使用現有的嵌入式 Linux 檔案系統為 ARM 處理器建立 zlib、openssl 和 openssh。在尋找想法後,這似乎是一個常見問題,但我還沒有任何進展。我只定義了一個用戶,即 root,密碼為空。

我使用 openssh 版本 4.7p1,並使用以下設定修改了 sshd_config:

PermitRootLogin yes
PermitEmptyPasswords yes
UseDNS yes
UsePrivilegeSeparation no
SyslogFacility AUTH
LogLevel DEBUG3
Subsystem sftp /usr/local/libexec/sftp-server -f AUTH -l DEBUG3

sftp-server 位於 /usr/local/libexec 並具有以下權限:

root@arm:/usr/local/libexec# ls -l
-rwxr-xr-x    1 root     root         65533 Oct  3 22:12 sftp-server
-rwx--x--x    1 root     root        233539 Oct  3 22:12 ssh-keysign

我知道正在找到 sftp-server(路徑在 sshd_config 中設定),因為如果我重命名 sftp_server 可執行文件,則會收到以下錯誤:

auth.err sshd[1698]: error: subsystem: cannot stat /usr/local/libexec/sftp-server: No such file or directory                                                        
auth.info sshd[1698]: subsystem request for sftp failed, subsystem not found   

此外,目標的登入初始化腳本非常簡單,由單一檔案(etc/profile.d/local.sh)組成,其中僅包含 LD_LIBRARY_PATH、PATH 和 PYTHONPATH 的定義,如下所示:

#!/bin/sh
export LD_LIBRARY_PATH="/usr/local/lib"
export PATH="/usr/local/bin:/usr/local/libexec:${PATH}"
export PYTHONPATH="/home/root/python"

如你所看到的,root 的主目錄中不存在 .bashrc、.profile 等:

root@arm:~# ls -la                                                                                                                                                                      
drwxr-xr-x    2 root     root          4096 Oct  4 14:57 .                                                                                                                                    
drwxr-xr-x    3 root     root          4096 Oct  4 01:11 ..                                                                                                                                   
-rw-------    1 root     root           120 Oct  4 01:21 .bash_history

以下是使用 FileZilla 連接到目標上的 sftp 伺服器時的系統日誌輸出。從日誌來看,似乎找到了 sftp-server 可執行文件,但子進程立即退出。我在 sshd_config 中呼叫 sftp-server (子系統 sftp /usr/local/libexec/sftp-server -f AUTH -l DEBUG3)時使用偵錯參數,但沒有擷取任何日誌。

Oct  4 14:29:45 arm auth.info sshd[2070]: Connection from 192.168.1.12 port 45888                                                                                                       
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: Client protocol version 2.0; client software version PuTTY_Local:_Mar_28_2012_12:33:05                                               
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: no match: PuTTY_Local:_Mar_28_2012_12:33:05                                                                                          
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: Enabling compatibility mode for protocol 2.0                                                                                         
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: Local version string SSH-2.0-OpenSSH_4.7                                                                                             
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: fd 3 setting O_NONBLOCK                                                                                                              
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: list_hostkey_types: ssh-rsa,ssh-dss                                                                                                  
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_KEXINIT sent                                                                                                                
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_KEXINIT received                                                                                                            
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma1
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysr
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysr
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96         
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96         
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: none,[email protected]                                                                                             
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: none,[email protected]                                                                                             
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit:                                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit:                                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: first_kex_follows 0                                                                                               
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: reserved 0                                                                                                        
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma1
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfi8
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfi8
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: none,zlib                                                                                                         
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: none,zlib                                                                                                         
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit:                                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit:                                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: first_kex_follows 0                                                                                               
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_parse_kexinit: reserved 0                                                                                                        
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: mac_setup: found hmac-sha1                                                                                                           
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: kex: client->server aes256-ctr hmac-sha1 none                                                                                        
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: mac_setup: found hmac-sha1                                                                                                           
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: kex: server->client aes256-ctr hmac-sha1 none                                                                                        
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received                                                                                             
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent                                                                                                       
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: dh_gen_key: priv key bits set: 277/512                                                                                               
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: bits set: 2052/4096                                                                                                                  
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: bits set: 2036/4096                                                                                                                  
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent                                                                                                       
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: kex_derive_keys                                                                                                                      
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: set_newkeys: mode 1                                                                                                                  
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug2: cipher_init: set keylen (16 -> 32)                                                                                                   
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: SSH2_MSG_NEWKEYS sent                                                                                                                
Oct  4 14:29:45 arm auth.debug sshd[2070]: debug1: expecting SSH2_MSG_NEWKEYS                                                                                                           
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: set_newkeys: mode 0                                                                                                                  
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: cipher_init: set keylen (16 -> 32)                                                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: SSH2_MSG_NEWKEYS received                                                                                                            
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: KEX done                                                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: userauth-request for user root service ssh-connection method none                                                                    
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: attempt 0 failures 0                                                                                                                 
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: Trying to reverse map address 192.168.1.12.                                                                                          
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: parse_server_config: config reprocess config len 302                                                                                 
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: input_userauth_request: setting up authctxt for root                                                                                 
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: input_userauth_request: try method none                                                                                              
Oct  4 14:29:46 arm auth.info sshd[2070]: Accepted none for root from 192.168.1.12 port 45888 ssh2                                                                                      
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: Entering interactive session for SSH2.                                                                                               
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: fd 4 setting O_NONBLOCK                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: fd 5 setting O_NONBLOCK                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: server_init_dispatch_20                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: server_input_channel_open: ctype session rchan 256 win 2147483647 max 16384                                                          
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: input_session_request                                                                                                                
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: channel 0: new [server-session]                                                                                                      
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_new: init                                                                                                                    
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_new: session 0                                                                                                               
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_open: channel 0                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_open: session 0: link with channel 0                                                                                         
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: server_input_channel_open: confirm session                                                                                           
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: server_input_channel_req: channel 0 request [email protected] reply 0                                               
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_by_channel: session 0 channel 0                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_input_channel_req: session 0 req [email protected]                                                          
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: server_input_channel_req: channel 0 request subsystem reply 1                                                                        
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_by_channel: session 0 channel 0                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_input_channel_req: session 0 req subsystem                                                                                   
Oct  4 14:29:46 arm auth.info sshd[2070]: subsystem request for sftp                                                                                                                    
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: subsystem: exec() /usr/local/libexec/sftp-server -f AUTH -l DEBUG3                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: fd 3 setting TCP_NODELAY                                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: fd 7 setting O_NONBLOCK                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: fd 7 is O_NONBLOCK                                                                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2073]: debug1: permanently_set_uid: 0/0                                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2073]: debug3: channel 0: close_fds r -1 w -1 e -1 c -1                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: read<=0 rfd 7 len -1                                                                                                      
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: read failed                                                                                                               
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: close_read                                                                                                                
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: input open -> drain                                                                                                       
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: ibuf empty                                                                                                                
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: send eof                                                                                                                  
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: input drain -> closed                                                                                                     
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: notify_done: reading                                                                                                                 
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: Received SIGCHLD.                                                                                                                    
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_by_pid: pid 2073                                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_exit_message: session 0 channel 0 pid 2073                                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: request exit-status confirm 0                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_exit_message: release channel 0                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: write failed                                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: close_write                                                                                                               
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: output open -> closed                                                                                                     
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: send close                                                                                                                
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: channel 0: will not send data after close                                                                                            
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: rcvd close                                                                                                                
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: channel 0: will not send data after close                                                                                            
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: is dead                                                                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: gc: notify user                                                                                                           
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_by_channel: session 0 channel 0                                                                                              
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_close_by_channel: channel 0 child 0                                                                                          
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: session_close: session 0 pid 0                                                                                                       
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: gc: user detached                                                                                                         
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: is dead                                                                                                                   
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug2: channel 0: garbage collecting                                                                                                        
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: channel 0: free: server-session, nchannels 1                                                                                         
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: channel 0: status: The following connections are open:\r\n  #0 server-session (t4 r256 i3/0 o3/0 fd 7/7 cfd -1)\r\n                  
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug3: channel 0: close_fds r 7 w 7 e -1 c -1                                                                                               
Oct  4 14:29:46 arm auth.info sshd[2070]: Connection closed by 192.168.1.12                                                                                                             
Oct  4 14:29:46 arm auth.debug sshd[2070]: debug1: do_cleanup                                                                                                                           
Oct  4 14:29:46 arm auth.info sshd[2070]: Closing connection to 192.168.1.12 

答案1

雖然這更多的是一種替代解決方案,而不是直接回答您的問題,但我會嘗試使用內部 sftp 伺服器而不是外部伺服器。由於這是一個嵌入式系統,因此無論如何這樣做可能更有意義。

在您的 中sshd_config,只需添加:

Subsystem sftp internal-sftp

這樣您就可以省略 sftp 二進位檔案並節省一些空間。

相關內容