cURL to DH with SFTP


#1

I want to SFTP into DH from my home where I run a router and NAT. I can’t figure out why I can’t get a full connection with cURL. We use FileZilla all the time with FTP and SFTP and have no problem accessing the server, so I don’t think this is a passive/active connection issue. FileZilla shows the following SFTP negotiation:

Server version: SSH-2.0-OpenSSH_4.3p2 Debian-9etch2 Trace: Using SSH protocol version 2 Trace: We claim version: SSH-2.0-PuTTY_Local:_Feb_19_2008_21:07:47 Trace: Doing Diffie-Hellman group exchange Trace: Doing Diffie-Hellman key exchange with hash SHA-1 Trace: Host key fingerprint is: Trace: ssh-rsa 1024 bc:f9:b5:55:4b:2c:07:d7:42:8c:00:2a:8d:f0:2c:de Trace: Initialised AES-256 SDCTR client->server encryption Trace: Initialised HMAC-SHA1 client->server MAC algorithm Trace: Initialised AES-256 SDCTR server->client encryption Trace: Initialised HMAC-SHA1 server->client MAC algorithm Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 1 Command: Pass: ****** Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 0 Trace: Access grantedMy cURL command is as follows:
curl --ftp-ssl-control -sslv2 -v -m 60 -u user.here:psw.here -s -S -o upload1.stdout -T upload1.data ftp://ftp.domain.com:22/ftp/

And the response at the command-line is:

[code]* Connected to ftp.domain.com (208…) port 22 (#0)
< SSH-2.0-OpenSSH_4.3p2 Debian-9etch2

  • Closing connection #0
  • Timeout was reached
    curl: (28) Timeout was reached[/code]I’ve tried --ftp-ssl-reqd with no luck. I added -sslv2 to force v2, considering that’s what the server is running, doesn’t work with or without that. Note the 60 second timeout, but it waits after that line with “Debian” until the timeout period and then terminates. If I don’t specify port 22 in the URI it connects to 21 and fails because that’s not a secure port.

I have OpenSSL installed as well as the SSL-enabled cURL package. Do I also need to get LibSSH2 or some other libs?

I’m guessing the problem is with certs, and I can start poking in that area. But I can’t find any docs that provide a start-to-finish howto for installing cURL, then OpenSSL, then ???, then a command-line to connect to some server-X.

I’m not looking for a fish necessarily, I’ll be happy if someone can just tell me where the fishing is good and I’ll take it from there.

Thanks!


#2

Apparently I’ve been confusing the OpenSSH server for SFTP at DH with SSL+FTP support in cURL. cURL supports SFTP like DH does, via SSH, and that comes through LibSSH2. However, while SFTP is documented like it’s “in the box”, SFTP is not enabled in the distributed binaries because those aren’t built with LibSSH2. So I’m currently trying to get info on how to build Win32 binaries from source for LibSSH, OpenSSL, cURL, and whatever else I need.

In short, like my FileZilla issue with symbolically linked directories, this is not a DH issue. And like that issue, it looks like I need to use WinSCP to get some functionality I’m missing from FileZilla and cURL. I have to say though, FileZilla has been the best FTP/SFTP GUI client I’ve ever used (since early 90’s) and I’ll go back ASAP. And cURL is also an outstanding cross-platform command-line “Swiss Army Knife” ™ of communications tools, so I’ll continue to use it on different platforms as long as I don’t need secure FTP (SSH+FTP=SFTP).

Sorry for bothering folks with all this.