[arch-general] Thunar sftp connection not working - access denied

Friedrich Strohmaier damokles4-listen at bits-fritz.de
Fri Oct 30 01:06:35 UTC 2015 

Hi Kyle, *,

Am 15.10.2015 um 17:56 schrieb Kyle Terrien:

> On 10/13/2015 10:55 AM, Friedrich Strohmaier wrote:
>> Am 12.10.2015 um 17:29 schrieb Kyle Terrien:
>>> On 10/09/2015 05:54 PM, Friedrich Strohmaier wrote:
>>>> Am 10.10.2015 um 02:23 schrieb Leonid Isaev:
>>>>> On Sat, Oct 10, 2015 at 02:05:38AM +0200, Friedrich Strohmaier wrote:

>>>>>> Hi Folks,

>>>>>> since some time I cannot get thunar connect my remote servers folders via sftp.

>> [..]

>>>>> So, does sftp work from the command line?

>>>> yes works as expected.

>>>> btw. filezilla also does..

[..]

>> digging a bit deeper..
>> It apears to be a problem of ssh-key authentification.

Log output uploaded: https://bits-fritz.de/eigene_webdateien/File/bereitstellung/messages.txt

>> Any ideas?
>> Is this a gvfsd bug?

> Considering that CLI sftp and Filezilla work, this is probably a GVFS
> related issue.

New facts but no solution..

After dbus update I restarted dbus by hand:
Restarting dbus as root yields:
=========
[root at myhost ~]# systemctl restart dbus
PolicyKit daemon disconnected from the bus.
We are no longer a registered authentication agent.
=========

After new Loggin in XFCE - tataaa sftp-connection is established without
issues.  Cannot shutdown machine out of xfce session and have other quirks but
this one works.

After machine restart old behaviour is back.

This tells me something's wrong with PolicyKit settings?

Forgot to mention: ssh-agent running (started by keychain)

> The part of the log output that sticks out like a sore thumb are the
> lines that look like this:

>> Oct 13 19:36:08 my_machine gvfsd[758]: ### SFTP: handle_login #1, initial_connection = 1 - user: me, host: strict.remote.host, port: -1

> "port: -1" just doesn't seem right.  At best this means "use the default
> port".  But you would think that if it uses the default port, then the
> log would say "port: 22".

> At worst, this means literally "use port -1", which means that -1 could
> overflow in unsigned integer arithmetic so it is actually a really high
> port.

most likely this isn't a problem, as successful actions also have this values.

> Have you tried running the ssh commands yourself?

>> Oct 13 19:36:08 my_machine gvfsd[758]: ### SFTP: spawn_ssh: ssh -oForwardX11 no -oForwardAgent no -oPermitLocalCommand no -oClearAllForwardings yes -oProtocol 2 -oNoHostAuthenticationForLocalhost yes -l me -s strict.remote.host sftp
>> Oct 13 19:36:28 my_machine gvfsd[758]: ### SFTP: spawn_ssh: ssh -oForwardX11 no -oForwardAgent no -oPermitLocalCommand no -oClearAllForwardings yes -oProtocol 2 -oNoHostAuthenticationForLocalhost yes -l me -s permissive.remote.host sftp

I did (had to replace spaces with "=" between -oXX options and values).
No result but - mmmhh - a "waiting" prompt.
It appeared like opening a tunnel.

Kyle, many thanks for keeping up! :o))
-- 
Friedrich

More information about the arch-general mailing list