RE: sftp error

["patrick" <patrick () curioustechnology com>]

It sounds like there might be an ACL on the FTP server blocking the OS X
box.  Perhaps check the FTP server config as well as the inetd (or whatever
its equivalent in Solaris is) config to ensure that the Apple boxes IP isn't
denied.

-----Original Message-----
From: Benjamin.G.Hayward () flagstar com
[mailto:Benjamin.G.Hayward () flagstar com] 
Sent: Friday, March 05, 2004 12:54 PM
To: security-basics () securityfocus com
Subject: sftp error


Hi list,
      I have a client, Mac OSX >10.2., who is attempting to sftp to a SUN
server and is not successful.. The user received the following error;

[localhost:~]www% stfp -oport=8080  -sftp='/usr/local/libexec/sftp-server'
www () servername com
www@servername's passwd:
connection closed

As this user name I can connect to the same machine from
Solaris(Sparc&_x86), Windows2000/XP, and linux but not OS X. Has anyone
perls of wisdom they could share?


Ben Hayward
Web Security Administrator
Extension: 6969

Flagstar Bank
5151 Corporate Dr.
Troy, MI  48098-2639
Office: 248.312.6969
Pager: 248.367.1968
Email: Benjamin.G.Hayward () flagstar com
www.flagstar.com



This e-mail may contain data that is confidential, proprietary or
"non-public
personal information", as that term is defined in the Gramm-Leach-Bliley Act
(collectively, "Confidential Information"). The Confidential Information is
disclosed conditioned upon your agreement that you will treat it
confidentially and in accordance with applicable law, ensure that such data
isn't used or disclosed except for the limited purpose for which it's being
provided and will notify and cooperate with us regarding any requested or
unauthorized disclosure or use of any Confidential Information. By accepting
and reviewing the Confidential Information you agree to indemnify us against
any losses or expenses, including attorney's fees that we may incur as a
result of any unauthorized use or disclosure of this data due to your acts
or
omissions. If a party other than the intended recipient receives this
e-mail,
you are requested to instantly notify us of the erroneous delivery and
return
to us all data so delivered.

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------





---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------