I'm using iptables
firewall for httpd
with whitelist
from CloudFlare
.
This is my rule of iptables
and I had change SSH port to 2204
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 199.27.128.0/21 anywhere multiport dports http,https
ACCEPT tcp -- 198.41.128.0/17 anywhere multiport dports http,https
ACCEPT tcp -- 197.234.240.0/22 anywhere multiport dports http,https
ACCEPT tcp -- 190.93.240.0/20 anywhere multiport dports http,https
ACCEPT tcp -- 188.114.96.0/20 anywhere multiport dports http,https
ACCEPT tcp -- 173.245.48.0/20 anywhere multiport dports http,https
ACCEPT tcp -- 172.64.0.0/13 anywhere multiport dports http,https
ACCEPT tcp -- 162.158.0.0/15 anywhere multiport dports http,https
ACCEPT tcp -- 141.101.64.0/18 anywhere multiport dports http,https
ACCEPT tcp -- 131.0.72.0/22 anywhere multiport dports http,https
ACCEPT tcp -- 108.162.192.0/18 anywhere multiport dports http,https
ACCEPT tcp -- 104.16.0.0/12 anywhere multiport dports http,https
ACCEPT tcp -- 103.31.4.0/22 anywhere multiport dports http,https
ACCEPT tcp -- 103.22.200.0/22 anywhere multiport dports http,https
ACCEPT tcp -- 103.21.244.0/22 anywhere multiport dports http,https
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- 116.2.22.0/24 anywhere tcp dpt:b2-license
After that, I can access SSH normally but SFTP I can't.
Look like my new SSH port same with b2-license
port.
This is issue I'm facing?
This is error I got from FileZilla
Status: Waiting to retry...
Status: Connecting to xx.xx.xx.xx:2204...
Response: fzSftp started, protocol_version=4
Command: open "root@xx.xx.xx.xx" 2204
Error: Connection timed out after 20 seconds of inactivity
Error: Could not connect to server
And login fine with ssh
Last login: Sun Jul 31 14:07:34 2016 from my-ip
Update: I can connect to sftp by Tunilier but can't connect by FileZilla
I'm really thanks if have any idea in this case..
Best Answer
it may be possible that the filezilla client you are running does not support the same encryption algorithms as your server requires.
Have you tried to update your filezilla client? Have you tried another sftp client?
Also, does the file
/usr/libexec/openssh/sftp-server
exist and has +x permissions?Finally, you may try to run sshd in non-daemon mode with debugging options (stop sshd service, then run
/usr/sbin/sshd -Dd
and try again with your sftp client).