Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

sftp connection fails since whm v68.0.19?

Discussion in 'General Discussion' started by morrow95, Dec 9, 2017.

Tags:
  1. morrow95

    morrow95 Well-Known Member

    Joined:
    Oct 8, 2006
    Messages:
    123
    Likes Received:
    3
    Trophy Points:
    168
    WHM was updated the other day to v68.0.19. Since then I have found I can no longer sftp with any user accounts in their home directory.

    site.com port 22 with 'username' no longer works, but logging in as root to the server's hostname jupiter.site.com still works fine.

    This is something that has been working fine for quite some time so I have to believe whatever happened was caused by the recent v68 update. I can't find anything in the logs other than in /var/log/secure :

    Dec 9 18:55:23 jupiter sshd[46440]: Accepted publickey for username from 111.111.111.111 port 27649 ssh2
    Dec 9 18:55:23 jupiter sshd[46440]: pam_unix(sshd:session): session opened for user username by (uid=0)
    Dec 9 18:55:24 jupiter sshd[46765]: subsystem request for sftp
    Dec 9 18:55:39 jupiter sshd[46440]: pam_unix(sshd:session): session closed for user username

    As shown above it seems like it accepts the connection, but is closed right afterwards.

    In contrast this is what the same log shows for my root login to jupiter.site.com :

    Dec 9 19:04:53 jupiter sshd[56400]: Accepted publickey for root from 111.111.111.111 port 27823 ssh2
    Dec 9 19:04:53 jupiter sshd[56400]: pam_unix(sshd:session): session opened for user root by (uid=0)
    Dec 9 19:04:54 jupiter sshd[56400]: subsystem request for sftp

    which still works perfectly fine.

    Where should I be looking? Was something changed in the recent WHM update which would cause this?
     
  2. morrow95

    morrow95 Well-Known Member

    Joined:
    Oct 8, 2006
    Messages:
    123
    Likes Received:
    3
    Trophy Points:
    168
    Fixed - I changed the SSL Cipher Suite and SSL/TLS Protocols setting in Apache Global Config to the default. I previously had my own cipher settings for tls1.2 only and had the protocol as -sslv1 -sslv2 (not sure if that was the exact format). So I had rules in place for tls1.2 only, but for whatever reason changing these two to the default allowed me to login again with regular user accounts. Maybe it was just the fact apache was restarted as well? I honestly don't know what the problem was there.
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,142
    Likes Received:
    1,932
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The Apache cipher requirements should not affect access to the SSH protocol (SFTP runs over SSH). Can you verify how you were attempting to access SFTP? For instance, were you using a specific client?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. morrow95

    morrow95 Well-Known Member

    Joined:
    Oct 8, 2006
    Messages:
    123
    Likes Received:
    3
    Trophy Points:
    168
    Same client as I've always used - same connection settings. Whatever was the problem it was corrected after doing the above - possibly just Apache needed restarted? Everything worked as normal afterwards. The only thing that seems off is the server hostname connected fine while any of the user/domain accounts did not.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice