SFTP

vefatica · Nov 10, 2017

More info. I don't think this is correct behavior. Here's the TCC end of three connections.

Code:

v:\> iftp sftp://vefatica.net
TCC: Cannot authenticate with provided credentials. The following authentication methods are available for this user: password,publickey. "vefatica.net"
v:\> iftp /c

v:\> iftp sftp://rexconn:*************@vefatica.net
v:\> iftp /c

v:\> iftp sftp://vefatica.net
v:\> iftp /c

Below are the server's logs. In the first connection (000058) TCC apparently sends an empty username and the connection fails. In any given TCC session, that will always fail until a successful connection is made. The second connection (000059), by rexconn, succeeds. The third connection (000060), meant to be anonymous, succeeds but logs in the user rexconn.

Code:

[02] Fri 10Nov17 12:28:09 - (000058) Connected to 72.230.84.150 (local address 72.230.84.150, port 22)
[03] Fri 10Nov17 12:28:09 - (000058) IP-Name: zz.twcny.rr.com (72.230.84.150)
[30] Fri 10Nov17 12:28:09 - (000058) SSH2_MSG_USERAUTH_REQUEST: user: ; service: ssh-connection; type: none
[02] Fri 10Nov17 12:28:09 - (000058) Invalid login credentials; user: ""; password: "**********"
[31] Fri 10Nov17 12:28:09 - (000058) SSH2_MSG_USERAUTH_FAILURE: login failed
[02] Fri 10Nov17 12:28:09 - (000058) Closed session

[02] Fri 10Nov17 12:28:24 - (000059) Connected to 72.230.84.150 (local address 72.230.84.150, port 22)
[03] Fri 10Nov17 12:28:24 - (000059) IP-Name: zz.twcny.rr.com (72.230.84.150)
[30] Fri 10Nov17 12:28:25 - (000059) SSH2_MSG_USERAUTH_REQUEST: user: rexconn; service: ssh-connection; type: none
[31] Fri 10Nov17 12:28:25 - (000059) SSH2_MSG_USERAUTH_FAILURE: login failed
[30] Fri 10Nov17 12:28:25 - (000059) SSH2_MSG_USERAUTH_REQUEST: user: rexconn; service: ssh-connection; type: password
[02] Fri 10Nov17 12:28:25 - (000059) User "rexconn" logged in
[31] Fri 10Nov17 12:28:25 - (000059) SSH2_MSG_USERAUTH_SUCCESS: successful login
[30] Fri 10Nov17 12:28:25 - (000059) SSH_FXP_INIT: client version 3 (IP*Works! SSH Client 2016)
[31] Fri 10Nov17 12:28:25 - (000059) SSH_FXP_VERSION: server version 3
[30] Fri 10Nov17 12:28:25 - (000059) {0x00000001} SSH_FXP_REALPATH: path: "."
[31] Fri 10Nov17 12:28:25 - (000059) {0x00000001} SSH_FXP_NAME: path: "/"
[30] Fri 10Nov17 12:28:34 - (000059) {0x00000002} SSH_FXP_REALPATH: path: "/"
[31] Fri 10Nov17 12:28:34 - (000059) {0x00000002} SSH_FXP_NAME: path: "/"
[02] Fri 10Nov17 12:28:34 - (000059) Closed session
[02] Fri 10Nov17 12:28:34 - (000059) User "rexconn" logged out

[02] Fri 10Nov17 12:28:43 - (000060) Connected to 72.230.84.150 (local address 72.230.84.150, port 22)
[03] Fri 10Nov17 12:28:43 - (000060) IP-Name: zz.twcny.rr.com (72.230.84.150)
[30] Fri 10Nov17 12:28:43 - (000060) SSH2_MSG_USERAUTH_REQUEST: user: rexconn; service: ssh-connection; type: none
[31] Fri 10Nov17 12:28:43 - (000060) SSH2_MSG_USERAUTH_FAILURE: login failed
[30] Fri 10Nov17 12:28:43 - (000060) SSH2_MSG_USERAUTH_REQUEST: user: rexconn; service: ssh-connection; type: password
[02] Fri 10Nov17 12:28:43 - (000060) User "rexconn" logged in
[31] Fri 10Nov17 12:28:43 - (000060) SSH2_MSG_USERAUTH_SUCCESS: successful login
[30] Fri 10Nov17 12:28:43 - (000060) SSH_FXP_INIT: client version 3 (IP*Works! SSH Client 2016)
[31] Fri 10Nov17 12:28:43 - (000060) SSH_FXP_VERSION: server version 3
[30] Fri 10Nov17 12:28:43 - (000060) {0x00000001} SSH_FXP_REALPATH: path: "/"
[31] Fri 10Nov17 12:28:43 - (000060) {0x00000001} SSH_FXP_NAME: path: "/"
[30] Fri 10Nov17 12:28:48 - (000060) {0x00000002} SSH_FXP_REALPATH: path: "/"
[31] Fri 10Nov17 12:28:48 - (000060) {0x00000002} SSH_FXP_NAME: path: "/"
[02] Fri 10Nov17 12:28:48 - (000060) Closed session
[02] Fri 10Nov17 12:28:48 - (000060) User "rexconn" logged out

Here's the log of the same three connections with FTP (instead of SFTP). It shows three logins ... anonymous, rexconn, and anonymous. It seems better.

Code:

[20] Fri 10Nov17 12:45:01 - (000064) PASS **********
[02] Fri 10Nov17 12:45:01 - (000064) ANONYMOUS logged in, password: JPUser@
[21] Fri 10Nov17 12:45:01 - (000064) 230 User logged in, proceed.
[20] Fri 10Nov17 12:45:01 - (000064) PWD
[21] Fri 10Nov17 12:45:01 - (000064) 257 "/" is current directory.
[20] Fri 10Nov17 12:45:14 - (000064) QUIT
[21] Fri 10Nov17 12:45:14 - (000064) 221 Goodbye, closing session.
[02] Fri 10Nov17 12:45:14 - (000064) User "anonymous" logged out
[02] Fri 10Nov17 12:45:14 - (000064) Closed session

[02] Fri 10Nov17 12:45:24 - (000065) Connected to 72.230.84.150 (local address 72.230.84.150, port 21)
[03] Fri 10Nov17 12:45:24 - (000065) IP-Name: zz.twcny.rr.com (72.230.84.150)
[21] Fri 10Nov17 12:45:24 - (000065) 220 Serv-U FTP Server v14.0 ready...
[20] Fri 10Nov17 12:45:24 - (000065) USER rexconn
[21] Fri 10Nov17 12:45:24 - (000065) 331 User name okay, need password.
[20] Fri 10Nov17 12:45:24 - (000065) PASS **********
[02] Fri 10Nov17 12:45:24 - (000065) User "rexconn" logged in
[21] Fri 10Nov17 12:45:24 - (000065) 230 User logged in, proceed.
[20] Fri 10Nov17 12:45:24 - (000065) PWD
[21] Fri 10Nov17 12:45:24 - (000065) 257 "/" is current directory.
[20] Fri 10Nov17 12:45:32 - (000065) QUIT
[21] Fri 10Nov17 12:45:32 - (000065) 221 Goodbye, closing session.
[02] Fri 10Nov17 12:45:32 - (000065) User "rexconn" logged out
[02] Fri 10Nov17 12:45:32 - (000065) Closed session

[02] Fri 10Nov17 12:45:39 - (000066) Connected to 72.230.84.150 (local address 72.230.84.150, port 21)
[03] Fri 10Nov17 12:45:39 - (000066) IP-Name: zz.twcny.rr.com (72.230.84.150)
[21] Fri 10Nov17 12:45:39 - (000066) 220 Serv-U FTP Server v14.0 ready...
[20] Fri 10Nov17 12:45:39 - (000066) USER anonymous
[21] Fri 10Nov17 12:45:39 - (000066) 331 User name okay, please send complete E-mail address as password.
[20] Fri 10Nov17 12:45:39 - (000066) PASS **********
[02] Fri 10Nov17 12:45:39 - (000066) ANONYMOUS logged in, password: JPUser@
[21] Fri 10Nov17 12:45:39 - (000066) 230 User logged in, proceed.
[20] Fri 10Nov17 12:45:39 - (000066) PWD
[21] Fri 10Nov17 12:45:39 - (000066) 257 "/" is current directory.
[20] Fri 10Nov17 12:45:47 - (000066) QUIT
[21] Fri 10Nov17 12:45:47 - (000066) 221 Goodbye, closing session.
[02] Fri 10Nov17 12:45:47 - (000066) User "anonymous" logged out
[02] Fri 10Nov17 12:45:47 - (000066) Closed session

rconn · Nov 10, 2017

All WAD.

You apparently have the misconception that SSH (SFTP) has anything at all in common with FTP or FTPS. It does not; there isn't a single line of shared code between them (and SSH is using a different library). They behave differently because they are different.

TCC's SSH / SFTP does not allow anonymous logins. Most SSH servers don't allow it either, and enabling it requires some server configuration. (I don't know why anybody would even *want* to allow anonymous SSH.) That error message is actually coming from your server, so you apparently haven't enabled it. (My recommendation: don't!)

The reason the third login succeeds (without specifying the username) is a TCC feature -- it assumes that if you didn't enter a user / password, then you must want to (re)connect using the last successful username / password.

TCC has been behaving this way for about the last 14 years.

vefatica · Nov 11, 2017

My server allows anonymous SFTP. I don't think I can turn that off.

Search

Search

SFTP

vefatica

rconn

Administrator

vefatica

Similar threads