I noticed that each day it's always on the same ports:
On Jan 5th:
SSH Client(0.0.0.0:65287) ERROR for user:N/A:Authentication failed
SSH Client(0.0.0.0:519) ERROR for user:N/A:Authentication failed
On Jan 4th:
SSH Client(0.0.0.0:65287) ERROR for user:N/A:Authentication failed
SSH Client(0.0.0.0:519) ERROR for user:N/A:Authentication failed
Is this possible some type of listener error and not really a Authentication failed error.
I am using a slightly older version of Securebridge, it's not the latest.
Search found 384 matches
- Mon 08 Jan 2018 16:38
- Forum: SecureBridge
- Topic: Getting odd error in SSH server OnClientError event
- Replies: 8
- Views: 2536
- Mon 08 Jan 2018 16:21
- Forum: SecureBridge
- Topic: Getting odd error in SSH server OnClientError event
- Replies: 8
- Views: 2536
Re: Getting odd error in SSH server OnClientError event
That's almost exactly how I get the IP in Lazarus:
if ClientInfo <> nil then
begin
ip:=inet_ntoa(clientinfo.SockAddr^.sin_addr);
port:=intTostr(ntohs(ClientInfo.SockAddr^.sin_port));
I'm having a problem figuring out what the heck is causing this error.
The client info object is not null, but it does not have a username and it never hits the password or the key auth events in the tscFilestorage, yet the error that is raised is Auth Failure.
This is on a real server not a desktop and we transfer a ton of files and this error happens every day around the same time.
if ClientInfo <> nil then
begin
ip:=inet_ntoa(clientinfo.SockAddr^.sin_addr);
port:=intTostr(ntohs(ClientInfo.SockAddr^.sin_port));
I'm having a problem figuring out what the heck is causing this error.
The client info object is not null, but it does not have a username and it never hits the password or the key auth events in the tscFilestorage, yet the error that is raised is Auth Failure.
This is on a real server not a desktop and we transfer a ton of files and this error happens every day around the same time.
- Thu 04 Jan 2018 20:45
- Forum: SecureBridge
- Topic: Getting odd error in SSH server OnClientError event
- Replies: 8
- Views: 2536
Getting odd error in SSH server OnClientError event
I have been getting this odd error in the OnClientError in the SSH server:
SSH Client(0.0.0.0:519) ERROR for user:N/A:Authentication failed
The last part after the : is the error from the server the other stuff I pull from the ClientInfo: TScSSHClientInfo passed to the event.
the ClientInfo object has a port and a 0.0.0.0 IP address which is odd as that's the listening IP address i.e. listen on all interfaces.
Anyone have any idea on how to figure out what is causing this? Right around this time we do get 3 valid connections from a particular user account.
SSH Client(0.0.0.0:519) ERROR for user:N/A:Authentication failed
The last part after the : is the error from the server the other stuff I pull from the ClientInfo: TScSSHClientInfo passed to the event.
the ClientInfo object has a port and a 0.0.0.0 IP address which is odd as that's the listening IP address i.e. listen on all interfaces.
Anyone have any idea on how to figure out what is causing this? Right around this time we do get 3 valid connections from a particular user account.
- Thu 07 Jul 2016 16:05
- Forum: SecureBridge
- Topic: Linux SSH issue channel 2: open failed: unknown channel type
- Replies: 1
- Views: 2245
Linux SSH issue channel 2: open failed: unknown channel type
Hi,
I have a SSH server service I want to use just for tunnels/portforwarding.
It works when I use putty and tell it not to use any shell, when I use linux SSH I get this:
channel 2: open failed: unknown channel type:
Connection to xx.xxx.xxx.xx closed.
I have a SSH server service I want to use just for tunnels/portforwarding.
It works when I use putty and tell it not to use any shell, when I use linux SSH I get this:
channel 2: open failed: unknown channel type:
Connection to xx.xxx.xxx.xx closed.
- Sat 12 Mar 2016 15:59
- Forum: SecureBridge
- Topic: is FTP server using Nagel? Directory listing is very slow.
- Replies: 3
- Views: 1851
Re: is FTP server using Nagel? Directory listing is very slow.
I think it may be related to the fact I am running my server for testing on a corp laptop that has very aggressive Anti Virus and data encryption and I think it's somehow affecting the directory listing.
I tried it on my home LAN with non of that crap and it was much better, though for some reason the
second time a client connects it's much faster even on my home LAN
I tried it on my home LAN with non of that crap and it was much better, though for some reason the
second time a client connects it's much faster even on my home LAN
- Sat 12 Mar 2016 15:56
- Forum: SecureBridge
- Topic: Can SB do PGP ?
- Replies: 3
- Views: 1608
Re: Can SB do PGP ?
Thanks Viktor,
If SB could encrypt/decrypt files that are OpenPGP/GnuPG that would be huge.
I currently have to use Python to get that task done or use cumbersome tprocess to execute gnupg.
Being able to to that with exception handling in a Delphi/Lazarus way would be great.
If SB could encrypt/decrypt files that are OpenPGP/GnuPG that would be huge.
I currently have to use Python to get that task done or use cumbersome tprocess to execute gnupg.
Being able to to that with exception handling in a Delphi/Lazarus way would be great.
- Fri 04 Mar 2016 00:23
- Forum: SecureBridge
- Topic: Anyway to enable SHA2 hashes for SFTP Server?
- Replies: 4
- Views: 1570
Re: Anyway to enable SHA2 hashes for SFTP Server?
Sounds good, thanks
- Wed 02 Mar 2016 23:36
- Forum: SecureBridge
- Topic: SFTPServer How to deny user change dir (CWD) and List dir (LIST)
- Replies: 3
- Views: 2611
Re: SFTPServer How to deny user change dir (CWD) and List dir (LIST)
Nevermind I think I figured it out:
in case anyone else needs to do this:
in case anyone else needs to do this:
Code: Select all
procedure TSFTPDataMod.SFTPServerGetAbsolutePath(Sender: TObject;
SFTPSessionInfo: TScSFTPSessionInfo; const Path: string;
const Control: TScSFTPRealpathControl; ComposePath: TStringList;
var AbsolutePath: string; var Error: TScSFTPError);
var
FullPath: string;
i: integer;
allowcwd:boolean;
useobj:TuserObj;
begin
allowcwd:=false;
if assigned(SFTPSessionInfo.Client.Data) then
begin
useobj:=TuserObj(SFTPSessionInfo.Client.Data);
allowcwd:=useobj.AllowCWD;
end;
AbsolutePath := IncludeTrailingBackslash( TScSFTPServer(sender).GetCanonicalPath(SFTPSessionInfo, Path));
for i := 0 to ComposePath.Count - 1 do
AbsolutePath := IncludeTrailingBackslash(AbsolutePath) + ComposePath[i];
if (not allowcwd) and (AbsolutePath <> '\') then
begin
InitError(Error, erPermissionDenied);
exit;
end;
FullPath := TScSFTPServer(sender).GetFullPath(SFTPSessionInfo, AbsolutePath);
if (Control <> rcStatAlways) or FileExists(FullPath) or DirectoryExists(FullPath) then
InitError(Error, erOk)
else
InitError(Error, erNoSuchFile);
for i := 1 to Length(AbsolutePath) do
if AbsolutePath[i] = '\' then
AbsolutePath[i] := '/';
end;
- Wed 02 Mar 2016 23:15
- Forum: SecureBridge
- Topic: SFTPServer How to deny user change dir (CWD) and List dir (LIST)
- Replies: 3
- Views: 2611
Re: SFTPServer How to deny user change dir (CWD) and List dir (LIST)
I was able to get the permissions for LIST working, OnOpenDir is the place to do that.
I raise the permission denied error and the user can't list any dir, but they can still cd to a dir.
for example if they have a dir called testdir they can do cd testdir and then if a file called test.txt exists they can get it no problem, but only if they know it's there of course.
I tried raising the erPermissionDenied in OnGetAbsolutePath, but that caused the client to not be able to logon, the Linux open ssh client reported back it could not canonicalize and Need CWD.
So I am kind of stuck trying to prevent the user from doing a change directory.
I raise the permission denied error and the user can't list any dir, but they can still cd to a dir.
for example if they have a dir called testdir they can do cd testdir and then if a file called test.txt exists they can get it no problem, but only if they know it's there of course.
I tried raising the erPermissionDenied in OnGetAbsolutePath, but that caused the client to not be able to logon, the Linux open ssh client reported back it could not canonicalize and Need CWD.
So I am kind of stuck trying to prevent the user from doing a change directory.
- Wed 02 Mar 2016 22:22
- Forum: SecureBridge
- Topic: Anyway to enable SHA2 hashes for SFTP Server?
- Replies: 4
- Views: 1570
Anyway to enable SHA2 hashes for SFTP Server?
Hi,
I noticed that when I connect to my SB SFTP server with FileZilla, it's reporting that it's using all
SHA1 hashes for the Key Exchange and MACs.
There have been many recent warnings about SHA1 being insecure, is there a way to enable SHA2?
I noticed that when I connect to my SB SFTP server with FileZilla, it's reporting that it's using all
SHA1 hashes for the Key Exchange and MACs.
There have been many recent warnings about SHA1 being insecure, is there a way to enable SHA2?
- Wed 02 Mar 2016 22:16
- Forum: SecureBridge
- Topic: Key storage OnCheckUserKey being called twice.
- Replies: 3
- Views: 1936
Re: Key storage OnCheckUserKey being called twice.
ViktorV wrote:Yes, you are right. Currently, on attempt to connect to the server, the OnCheckUserKey event is called twice. We are investigating this behavior of SecureBridge and will inform about the result.
Ok, Thanks
- Tue 01 Mar 2016 18:48
- Forum: SecureBridge
- Topic: SFTPServer How to deny user change dir (CWD) and List dir (LIST)
- Replies: 3
- Views: 2611
SFTPServer How to deny user change dir (CWD) and List dir (LIST)
Hi,
what would be the best event to raise a erPermissionDenied error to prevent a user from changing directory?
Would it be OnGetAbsolutePath or the OnOpenDirectory?
I also need to prevent a user from doing a directory listing if they don't have permission to do so.
what would be the best event to raise a erPermissionDenied error to prevent a user from changing directory?
Would it be OnGetAbsolutePath or the OnOpenDirectory?
I also need to prevent a user from doing a directory listing if they don't have permission to do so.
- Tue 01 Mar 2016 16:59
- Forum: SecureBridge
- Topic: Best way to determine if file operation is upload or download in SFTPServer?
- Replies: 1
- Views: 1238
Best way to determine if file operation is upload or download in SFTPServer?
Hi,
I have the openfile event set and I used the default openfile event as a template.
My question is what would be the best way to determine if the file open is for upload or download?
Is checking if blockmode is bmRead or bmwrite sufficient?
I want to raise erPermissionDenied if the user does not have Stor or Retr permissions as stored in my authentication DB.
I have the openfile event set and I used the default openfile event as a template.
My question is what would be the best way to determine if the file open is for upload or download?
Is checking if blockmode is bmRead or bmwrite sufficient?
I want to raise erPermissionDenied if the user does not have Stor or Retr permissions as stored in my authentication DB.
- Sat 27 Feb 2016 15:51
- Forum: SecureBridge
- Topic: SFTPServer some clients on disconnect cause a error to be thrown.
- Replies: 2
- Views: 1462
Re: SFTPServer some clients on disconnect cause a error to be thrown.
I will try to get the exact error msg on monday.
- Sat 27 Feb 2016 15:46
- Forum: SecureBridge
- Topic: WinSCP can't connect to SB SFTP server
- Replies: 4
- Views: 1469
Re: WinSCP can't connect to SB SFTP server
Ok, thanks I just told the IDE to ignore that error while debugging and it seems fine.
Thanks for the info on that.
Thanks for the info on that.