Create a Transport to work with OpenSSH??

maloneybw's Avatar

maloneybw

05 Sep, 2013 10:21 PM

I'm using OpenSSH on my new webserver which Cascade lists as a usable for sftp. I'm using SSH2 protocol version 3 which is what is required by cascade. I'm getting ready to migrate from a previous server (didn't have sftp) and I can't seem to get the transport to connect. I can connect just fine using filezilla or putty and it directs me to the correct folders for each user. I have one account created for cascade that has access to the whole site structure which works via putty etc.

I've created the transport to the new server but when i test it I get the following error:

SFTP error occurred during SFTP Shuttle initialization: timeout: socket is not established

The server name is correct, the username and password are correct, it's set to use port 22 and told to use SFTP (PASV is off). As I said I can get to it just fine with other SSH type software so I know the firewall settings are correct. Any advice?

  1. 1 Posted by Ryan Griffith on 06 Sep, 2013 12:49 PM

    Ryan Griffith's Avatar

    Hi,

    To confirm, when you are testing connection to the new SFTP server, are you testing from the server Cascade Server is installed on, or your local machine?

    If you are testing from your local machine, can you confirm if you are able to connect to the SFTP server from the application server using telnet?

    Please let me know if you have any questions.

    Thanks!

  2. 2 Posted by maloneybw on 06 Sep, 2013 02:54 PM

    maloneybw's Avatar

    Thank you for the quick reply. I work for a University branch campus and our cascade server itself is managed by our main campus. I can sftp from the local server and from any machine within our network regardless of subnet. I have a cascade administrator account, but unfortunately do not have access to the cascade server itself.

    I did some testing from home last night and noticed a few oddities. I can ping the server just fine so I know the global address is live (both by IP and by DNS name). I also confirmed this via whatsmydns.com. However, while the site is 'live' I cannot bring up the index page in a browser nor can I SSH to it. I don't see anything about connection attempts in the event log from my cascade test attempts, but i DO see some from my attempts last night, so I'm not sure what's going on. Obviously it has to do with my ssh configuration. I realize at this point its not a cascade issue, but any direction you might provide to resolve the issue would be helpful :). If I find that I CAN get to it from outside my network and cascade is still NOT working I'll let you know.

  3. 3 Posted by Ryan Griffith on 06 Sep, 2013 05:27 PM

    Ryan Griffith's Avatar

    Not a problem at all.

    It sounds as though there may be a connection issue between the application server Cascade Server is installed on and the SFTP server you specified in the Transport.

    You may need to work with either your networking or server administrators to make sure the application server is able to connect to the SFTP server over port 22. This can be tested by issuing a telnet command from the application server to the SFTP server.

    Please let me know if you have any questions.

    Thanks!

  4. 4 Posted by maloneybw on 06 Sep, 2013 08:53 PM

    maloneybw's Avatar

    I do have access to another server located on the main campus. I was able to successfully connect to the SFTP site from there via putty. Telnet did seem to hit the server on port 22, but since it doesn't support ssh it kicked me off for protocol mismatch.

    I'll ask the cascade server manager up there if they can do it from the server.

  5. 5 Posted by Ryan Griffith on 09 Sep, 2013 12:14 PM

    Ryan Griffith's Avatar

    Thank you for following up with the additional information. Please keep me posted.

    Thanks!

  6. 6 Posted by Ryan Griffith on 24 Sep, 2013 08:43 PM

    Ryan Griffith's Avatar

    Hi,

    I was going over some older discussions and noticed this one is still open. Were you able to successfully publish to your SFTP server?

    Please feel free to let us know if you have any other questions.

    Thanks.

  7. 7 Posted by maloneybw on 24 Sep, 2013 09:03 PM

    maloneybw's Avatar

    Sorry I meant to come back an mark my thread but this project has gotten me rather busy. I ended up having to reconfigure some items on my ASA. Cascade was publishing previously via a tunnel in my ASA from main campus. This tunnel did not have SFTP enabled so even though SFTP was generally allowed in my firewall the path from the cascade server didn’t recognize it. As soon as I included port 22/sftp on this tunnel it started working fine. It certainly explains why I was able to SFTP from outside but still not publish from cascade.

    I am now successfully running OpenSSH via Cygwin on Windows Server 2012 to enable SFTP access to a couple of websites running IIS 8. I can publish from cascade to one of the sites and have restricted access via SFTP to a few specific sub-sites therein. I didn’t have to compromise any user-encapsulation either. I did however need to load an additional module (gatekeeper) since Cascade doesn’t support key authentication. This allowed me to set multiple layers of authentication specific to each user. That way I can require other users to have a key AND a password, but cascade is still allowed to authenticate via password only.

    Thank you for following up!!

  8. 8 Posted by Ryan Griffith on 25 Sep, 2013 01:02 PM

    Ryan Griffith's Avatar

    Thank you for following up and the explanation of what you did to make things work. I am glad to hear you were able to track down the cause.

    Have a great day!

  9. Ryan Griffith closed this discussion on 25 Sep, 2013 01:02 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac