Ssh – SFTP can’t access but SSH working fine when I changed ssh port

I'm using iptables firewall for httpd with whitelist from CloudFlare.

This is my rule of iptables and I had change SSH port to 2204

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  199.27.128.0/21      anywhere            multiport dports http,https 
ACCEPT     tcp  --  198.41.128.0/17      anywhere            multiport dports http,https 
ACCEPT     tcp  --  197.234.240.0/22     anywhere            multiport dports http,https 
ACCEPT     tcp  --  190.93.240.0/20      anywhere            multiport dports http,https 
ACCEPT     tcp  --  188.114.96.0/20      anywhere            multiport dports http,https 
ACCEPT     tcp  --  173.245.48.0/20      anywhere            multiport dports http,https 
ACCEPT     tcp  --  172.64.0.0/13        anywhere            multiport dports http,https 
ACCEPT     tcp  --  162.158.0.0/15       anywhere            multiport dports http,https 
ACCEPT     tcp  --  141.101.64.0/18      anywhere            multiport dports http,https 
ACCEPT     tcp  --  131.0.72.0/22        anywhere            multiport dports http,https 
ACCEPT     tcp  --  108.162.192.0/18     anywhere            multiport dports http,https 
ACCEPT     tcp  --  104.16.0.0/12        anywhere            multiport dports http,https 
ACCEPT     tcp  --  103.31.4.0/22        anywhere            multiport dports http,https 
ACCEPT     tcp  --  103.22.200.0/22      anywhere            multiport dports http,https 
ACCEPT     tcp  --  103.21.244.0/22      anywhere            multiport dports http,https 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  116.2.22.0/24        anywhere            tcp dpt:b2-license

After that, I can access SSH normally but SFTP I can't.
Look like my new SSH port same with b2-license port.

This is issue I'm facing?

This is error I got from FileZilla

Status: Waiting to retry...
Status: Connecting to xx.xx.xx.xx:2204...
Response:   fzSftp started, protocol_version=4
Command:    open "root@xx.xx.xx.xx" 2204
Error:  Connection timed out after 20 seconds of inactivity
Error:  Could not connect to server

And login fine with ssh

Last login: Sun Jul 31 14:07:34 2016 from my-ip

Update: I can connect to sftp by Tunilier but can't connect by FileZilla

I'm really thanks if have any idea in this case..

Best Answer

it may be possible that the filezilla client you are running does not support the same encryption algorithms as your server requires.

Have you tried to update your filezilla client? Have you tried another sftp client?

Also, does the file /usr/libexec/openssh/sftp-server exist and has +x permissions?

Finally, you may try to run sshd in non-daemon mode with debugging options (stop sshd service, then run /usr/sbin/sshd -Dd and try again with your sftp client).

Best Answer

Related Solutions

Linux – iptables port forward forwarding

How to Allow Traffic on One Port from One IP Address with Iptables

Related Topic