acarv
June 6, 2026, 12:07pm
1
I noticed that the file manager doesn’t work anymore (gives me Unknown error), and inspecting the browser console, it has an error 500. I do see the initial layout, but no list.
Initially I thought it was related to the 1.9.6 update, but on other servers it is working correctly.
Two of my servers that exhibit this error, are connected only with netbird, I have restricted the port access to its IP. But I don’t thing that’s the issue.
I can access the panel correctly and every other part of Hestia.
Another thing to consider is the fact that I disabled/removed FTP (I am now using SFTP with success), and the related FTP ports have been removed from the server instance (AWS).
Can someone help me in solving this?
Try to access file manager again and check the log /var/log/hestia/nginx-error.log or /var/log/hestia/nginx-error.log.1
acarv
June 6, 2026, 7:59pm
3
Here it is:
2026/06/06 20:55:44 [error] 2241138#0: *170 FastCGI sent in stderr: “PHP message: PHP Notice: No compatible server to client encryption algorithms found in /usr/local/hestia/web/fm/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php on line 1744; PHP message: League\Flysystem\Sftp\ConnectionErrorException: Could not login with username: serveradmin, host: 127.0.0.1 in /usr/local/hestia/web/fm/vendor/league/flysystem-sftp/src/SftpAdapter.php:244
Stack trace:
#0 /usr/local/hestia/web/fm/vendor/league/flysystem-sftp/src/SftpAdapter.php(207): League\Flysystem\Sftp\SftpAdapter->login()
#1 /usr/local/hestia/web/fm/vendor/league/flysystem/src/Adapter/AbstractFtpAdapter.php(650): League\Flysystem\Sftp\SftpAdapter->connect()
#2 /usr/local/hestia/web/fm/vendor/league/flysystem-sftp/src/SftpAdapter.php(360): League\Flysystem\Adapter\AbstractFtpAdapter->getConnection()
#3 /usr/local/hestia/web/fm/vendor/league/flysystem/src/Adapter/AbstractFtpAdapter.php(338): League\Flysystem\Sftp\SftpAdapter->listDirectoryContents()
#4 /usr/local/hestia/web/fm/vendor/league/flysystem/src/Filesystem.php(272): League\Flysystem\Adapter\AbstractFtpAdapter->listContents()
#5 /usr/local/hestia/web/fm/backend/Services/Storage/Filesystem.php(276): League\Flysystem\Filesystem->listC” while reading response header from upstream, client: 100.88.3.77, server: _, request: “POST /fm/?r=/getdir HTTP/2.0”, upstream: “fastcgi://unix:/run/hestia-php.sock:”, host: “REDACTED:8083”, referrer: “https://REDACTED:8083/fm/”
What’s you OS? Because that issue should happen only in Debian 13 or Ubuntu 26.04. Did you modify sshd_config?
Try this:
echo "KexAlgorithms +diffie-hellman-group-exchange-sha256" > "/etc/ssh/sshd_config.d/hestia-kex.conf"
systemctl restart ssh
acarv
June 7, 2026, 8:26am
5
Ubuntu 24 LTS, I hardened SSH by limiting KexAlgorithms (among others) to curve25519-sha256,[email protected]
So that one is not present, I added it and no luck. Adding to the conf that you suggested also didn’t solve it.
Could you please show the output of this command?
grep -rEv '^$|^#|^\s+$' /etc/ssh/sshd_config /etc/ssh/sshd_config.d
acarv
June 7, 2026, 8:35am
7
/etc/ssh/sshd_config:Include /etc/ssh/sshd_config.d/.conf
/etc/ssh/sshd_config:LoginGraceTime 1m
/etc/ssh/sshd_config:KbdInteractiveAuthentication no
/etc/ssh/sshd_config:UsePAM yes
/etc/ssh/sshd_config:X11Forwarding yes
/etc/ssh/sshd_config:PrintMotd no
/etc/ssh/sshd_config:DebianBanner no
/etc/ssh/sshd_config:AcceptEnv LANG LC_
/etc/ssh/sshd_config:Subsystem sftp internal-sftp
/etc/ssh/sshd_config:TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
/etc/ssh/sshd_config:PasswordAuthentication no
/etc/ssh/sshd_config:PermitRootLogin no
/etc/ssh/sshd_config:PubkeyAuthentication yes
/etc/ssh/sshd_config:ChallengeResponseAuthentication no
/etc/ssh/sshd_config:KexAlgorithms curve25519-sha256,[email protected]
/etc/ssh/sshd_config:Ciphers [email protected] ,[email protected] ,[email protected]
/etc/ssh/sshd_config:MACs [email protected] ,[email protected]
/etc/ssh/sshd_config:Match User sftp_dummy99,serveradmin
/etc/ssh/sshd_config: ChrootDirectory /srv/jail/%u
/etc/ssh/sshd_config: X11Forwarding no
/etc/ssh/sshd_config: AllowTCPForwarding no
/etc/ssh/sshd_config: ForceCommand internal-sftp -d /home/%u
/etc/ssh/sshd_config.d/hestia-kex.conf:KexAlgorithms +diffie-hellman-group-exchange-sha256
/etc/ssh/sshd_config.d/60-cloudimg-settings.conf:PasswordAuthentication no
Add this:
echo -e "Ciphers +aes256-ctr\nMACs +hmac-sha2-256" >> "/etc/ssh/sshd_config.d/hestia-kex.conf"
systemctl restart ssh
acarv
June 7, 2026, 8:48am
9
Success! the reason for this issue was my SSH hardening.
Thank you very much!