Bug 1687 - scp/sftp is not working when using key based (authorized_keys2) authentication
Summary: scp/sftp is not working when using key based (authorized_keys2) authentication
Status: CLOSED INVALID
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sftp (show other bugs)
Version: 5.1p1
Hardware: All Linux
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-20 03:55 AEDT by Daniel Milde
Modified: 2010-04-16 15:49 AEST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Milde 2009-12-20 03:55:32 AEDT 
If you use key based authentication (without password), scp and sftp tools doesn't work.

SFTP returns: Received message too long 1299542900

SCP returns: Must be connected to a terminal.
Comment 1 Darren Tucker 2009-12-20 10:55:13 AEDT 
Nothing in OpenSSH generates that message you report for scp.  I suspect what's happening is the remote host is sending something to stdout, and my guess is that it's something like kinit trying to ask for a password and failing.

Does ssh yourserver true generate any output?  If so, you need to fix that on the server.

$ perl -e 'printf "%x\n", 1299542900'
4d757374 
$ perl -e 'printf "%c%c%c%c\n", 0x4d, 0x75, 0x73, 0x74'
Must

So the sftp one is probably the same message as the scp one.
Comment 2 Daniel Milde 2009-12-20 11:05:07 AEDT 
On remote host runs OpenSSH 5.1p1 (Debian Lenny). SSHd configuration is default except Port and AllowUsers directives. SSH login into remote host works. SFTP/SCP connection doesn't work.
Comment 3 Darren Tucker 2009-12-20 14:12:07 AEDT 
(In reply to comment #2)
> On remote host runs OpenSSH 5.1p1 (Debian Lenny). SSHd configuration is
> default except Port and AllowUsers directives. SSH login into remote
> host works. SFTP/SCP connection doesn't work.

You did not answer my question: does "ssh yourserver true" generate any output?  With or without public-key authentication?
Comment 4 Daniel Milde 2009-12-21 06:12:15 AEDT 
Both methods returns "Must be connected to a terminal.". I guess command true needs a terminal to be openned (ssh -t). 

But how is this connected to scp and sftp? Scp and sftp doesn't work when key authentication is neabled. True doesn't work in both cases.
Comment 5 Darren Tucker 2009-12-21 08:19:03 AEDT 
(In reply to comment #4)
> Both methods returns "Must be connected to a terminal.". I guess
> command true needs a terminal to be openned (ssh -t). 

No, it doesn't.  "true" returns no output at all, which proves that your problem is caused by something on the remote system polluting stdout.  It's probably either something in the PAM stack, or something in the shell startup.  Either way, it's not a problem with OpenSSH.

> But how is this connected to scp and sftp? Scp and sftp doesn't work
> when key authentication is neabled. True doesn't work in both cases.

Fix whatever caused ssh'ing to generate spurious output on stdout.  When you've fixed that, as proven by "ssh yourserver true" generating no output, scp and sftp will start working.
Comment 6 Daniel Milde 2009-12-21 10:19:26 AEDT 
I disabled PAM (UsePAM no) and bug still persists. Looks like Debian bug so I will report it to Debian bugzilla.

Thank you very much for your help!
Comment 7 Darren Tucker 2009-12-21 10:40:33 AEDT 
Thanks, closing.

I would be taking a good long look at what you have in your .profile or other shell startup files first before filing a bug against debian, though.
Comment 8 Daniel Milde 2009-12-21 10:52:49 AEDT 
I am spilling ashes on my head. You are totaly right. I forgot screen invocation in my bashrc :(

Thank you
Comment 9 Damien Miller 2010-04-16 15:49:45 AEST 
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1