elhambre Posted February 26, 2019 Posted February 26, 2019 Hello ! I joined 16+ hours ago and I'm experiencing issues with Johnny FTP server; as it hangs at the "Retrieving directory listing" stage before it times out. I retried as of now (thought it was a temporary glitch), but it's still not working !! Any thought, help will be much appreciated. Thanks! -elhambre
wolstech Posted February 26, 2019 Posted February 26, 2019 What settings are you using for the FTP connection?
elhambre Posted February 26, 2019 Author Posted February 26, 2019 What settings are you using for the FTP connection? Hi! I'm using Filezilla client following the configuration suggested by cPanel; ie explicit FTP over TLS. In fact, I tested all of them. Only plain FTP is the working config, but that's not an option for me. -elhambre
wolstech Posted February 26, 2019 Posted February 26, 2019 We don't support FTP over TLS. You need either SFTP (SSH-secured FTP, not to be confused with FTPS, which is another name for the unsupported FTP over TLS), or plain unencrypted FTP. The recommended settings are SFTP using these settings: Host: johnny.heliohost.orgPort: 1373Username: (your cpanel username)Password: (your cpanel password). If you use the "additional" FTP accounts that you create in cPanel, they support plain unencrypted FTP only. Those accounts need to use port 21 with no encryption, and you need to specify the entire username shown (usually in the form ftpaccount@mydomain.heliohost.org like an email address would be). 1
elhambre Posted February 26, 2019 Author Posted February 26, 2019 We don't support FTP over TLS. You need either SFTP (SSH-secured FTP, not to be confused with FTPS, which is another name for the unsupported FTP over TLS), or plain unencrypted FTP. The recommended settings are SFTP using these settings: Host: johnny.heliohost.orgPort: 1373Username: (your cpanel username)Password: (your cpanel password). If you use the "additional" FTP accounts that you create in cPanel, they support plain unencrypted FTP only. Those accounts need to use port 21 with no encryption, and you need to specify the entire username shown (usually in the form ftpaccount@mydomain.heliohost.org like an email address would be). Now, that's very informative. Thanks!.. But, what about the keys?.. Should I copy/paste the ones on cPanel? or generate new ones from Let's Encrypt ? or is it up to me? and When using SFTP, do we still need the password ? -elhambre
wolstech Posted February 26, 2019 Posted February 26, 2019 You shouldn't need an SSH key to use SFTP. We have username and password authentication enabled, so you just supply your cPanel username and password. The system will automatically use our Let's Encrypt certificate for the keys (you'll be prompted to verify the certificate the first time you connect if I remember right).
elhambre Posted February 26, 2019 Author Posted February 26, 2019 Indeed. But my attempts failed.... Status: Connecting to johnny.heliohost.org:1373... Response: fzSftp started, protocol_version=8 Command: open "elhambre@johnny.heliohost.org" 1373 Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server Status: Waiting to retry... Status: Connecting to johnny.heliohost.org:1373... Response: fzSftp started, protocol_version=8 Command: open "elhambre@johnny.heliohost.org" 1373 Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server Status: Disconnected from server Status: Connecting to johnny.heliohost.org:1373... Response: fzSftp started, protocol_version=8 Command: open "elhambre@johnny.heliohost.org" 1373 Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server Status: Waiting to retry... Status: Connecting to johnny.heliohost.org:1373... Response: fzSftp started, protocol_version=8 Command: open "elhambre@johnny.heliohost.org" 1373 Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server Any thoughts ?
elhambre Posted February 26, 2019 Author Posted February 26, 2019 In verbose mode: Status: Connecting to johnny.heliohost.org:1373... Trace: CControlSocket::SendNextCommand() Trace: CSftpDeleteOpData::Send() in state 0 Trace: Going to execute /usr/bin/fzsftp Response: fzSftp started, protocol_version=8 Trace: CSftpDeleteOpData::ParseResponse() in state 0 Trace: CControlSocket::SendNextCommand() Trace: CSftpDeleteOpData::Send() in state 3 Command: open "elhambre@johnny.heliohost.org" 1373 Trace: Connecting to 65.19.141.67 port 1373 Trace: We claim version: SSH-2.0-FileZilla_3.40.0 Error: Connection timed out after 20 seconds of inactivity Trace: CControlSocket::ResetOperation(2114) Trace: CSftpDeleteOpData::Reset(2114) in state 3 Error: Could not connect to server Status: Waiting to retry... Error: Connection attempt interrupted by user
wolstech Posted February 26, 2019 Posted February 26, 2019 Are you on a shared network of some form (employer, university, public WiFi, etc.)? Many of those block port 1373, so the connection won't work from those locations. If that's the case, you'll have to use unencrypted ftp on port 21.
elhambre Posted February 26, 2019 Author Posted February 26, 2019 Are you on a shared network of some form (employer, university, public WiFi, etc.)? Many of those block port 1373, so the connection won't work from those locations. If that's the case, you'll have to use unencrypted ftp on port 21. Not really!.. I'm using your typical home user setup: NAT router + ISP. But, it's the first time connecting to an FTP server gave me this much trouble. I did indeed suspect my firewall and/or my router. But the troubleshooting I did, showed that it's not on my end, presuming of course that your server is a OK. Anyway, thanks for your time. I will use limited FTP accounts and change their password at the end of every session. -elhambre
wolstech Posted February 26, 2019 Posted February 26, 2019 It's weird because it's working fine for me. I'll have our one of our other admins look at this, perhaps he has some other ideas.
Krydos Posted February 27, 2019 Posted February 27, 2019 The SFTP username is going to be the same as your cpanel username, so elhambre, not elhambre@johnny.heliohost.org.
elhambre Posted February 27, 2019 Author Posted February 27, 2019 The SFTP username is going to be the same as your cpanel username, so elhambre, not elhambre@johnny.heliohost.org. The username I used was indeed "elhambre", so that's not the issue. I was thinking, when I refereed to a possible server-side issue, to a problem in my entry within the OpenSSH config file, assuming that's what you're using... Besides my failed attempts with FileZilla, I also tried this test with the sftp command, both directly (via my ISP) and via a VPN (to somewhat ruleout port 1373 filtering.) export SSHPASS=myUserPwd sshpass -e sftp -oPort=1373 elhambre@johnny.heliohost.org:$HOME_DIR/public_html/myFile.xyz The response output in both cases was the usual: ssh: connect to host johnny.heliohost.org port 1373: Connection timed out Connection closed Thanks for any other suggestion/test/etc... -elhambre
Krydos Posted February 27, 2019 Posted February 27, 2019 Try sftp -oPort=1373 elhambre@65.19.141.67 That's what I use and it works from multiple locations.
elhambre Posted February 27, 2019 Author Posted February 27, 2019 Try sftp -oPort=1373 elhambre@65.19.141.67 That's what I use and it works from multiple locations. Got this: sftp -oPort=1373 elhambre@65.19.141.67 ssh: connect to host 65.19.141.67 port 1373: Connection timed out Connection closed Connection closed. It's interesting to compare that output with this one, when trying to connect on port 22: sftp -oPort=22 elhambre@65.19.141.67 ssh: connect to host 65.19.141.67 port 22: Connection refused Connection closed The above tells me that port 1373 is blocked somewhere downstream in the Internet "pipes" thus, the first request never made it to your server, while when using the standard port 22 it reaches its target in a fraction of a second and gets rejected as expected. What's so special about port 1373?https://www.speedguide.net/port.php?port=1373 Anyway, I won't bother you with this any longer. I'll try your service on Johnny for awhile, then may be I'll move to your more "stable" systems if there is room for my tiny WebApps. Thanks guys! -elhambre.
Recommended Posts