I've setup a new proftpd server with mod_sftp for SSH support, that I'm able to login to when I use a password. But when I try to use my SSH key, I'm unable to connect.
Here's the full proftpd.conf file:
[root@myers log]# cat /usr/etc/proftpd.conf
ServerName "Develop CENTS"
ServerType standalone
DefaultServer on
Port 2215
UseIPv6 off
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
MaxInstances 15
User nobody
Group nobody
DefaultRoot ~
AllowOverwrite on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>
<IfModule mod_auth_pam.c>
AuthPAM off
</IfModule>
<IfModule mod_sftp.c>
SFTPEngine on
SFTPHostKey /usr/etc/proftpd/rsa_key
SFTPHostKey /usr/etc/proftpd/dsa_key
Port 2216
SFTPAuthMethods publickey
MaxLoginAttempts 4
SFTPCompression delayed
<VirtualHost www.mydomain.com>
SFTPAuthorizedUserKeys file:/home/mydomain.com/.ssh/authorized_keys
DefaultRoot ~
</VirtualHost>
</IfModule>
Here's a line I see in /var/log/messages regardless of the authentication method used:
Mar 19 10:41:51 myers proftpd[29675]: myhost.com - unable to create namebind for 'www.mydomain.com' to IPAddress#21: No such file or directory
Other than that, the only thing appearing in the log file when I attempt to connect with a SSH key, is that the client does reach the server and a SSH2 session is opened, but the very next line indicates the SSH2 session is closed.
Any ideas?
Best Answer
From your configuration, it looks like you'd like a normal FTP server on port 2215, and the SFTP server on port 2216. In order to do this, you would need the
mod_sftp
configuration in its own<VirtualHost>
section. As your configuration stands, bothPort
directives appear in the same "vhost" context, and thus ProFTPD, when parsing the configuration, may not do what you expect. I would recommend using something like:Hope this helps!