File Manager: Unknown error (Error 500)

blockademarc · July 9, 2020, 7:00pm

Hi there. I am experiencing the same issue. I have deleted the keys. It didn’t help.
I have also changed the port for SSH but does this matter?
Testing Beta FM worked with every user. Though the SSH port in my test environment is the standard one.

eris · July 9, 2020, 7:11pm

You will never login as root. Only login as user so it should be no issue

I tried several ports (1022, 10022) and hand no issues

Raphael · July 9, 2020, 7:55pm

@blockademarc can you reset the ssh port to default (22), reboot your system (just for safety) and retry the filemanager?

anon95304325 · July 9, 2020, 7:59pm

What happens if you run v-delete-sys-filemanager followed by v-add-sys-filemanager? This should perform a re-installation of the File Manager’s components.

blockademarc · July 9, 2020, 8:27pm

@Raphael, @anon95304325
I tried both.
1st: changed the SSH port to 22 and rebooted the machine. FM didn’t work.
2nd: Deleted ssl keys.
3rd: run v-delete-sys-filemanager followed by v-add-sys-filemanager. Still having the standard port 22. FM didn’t work.
Any other idea ?

eris · July 9, 2020, 8:43pm

Can you try to login with sftp client like winscp / FileZilla?

Otherwise please check the /var/log/auth.log

blockademarc · July 9, 2020, 8:46pm

@eris,
I tried to login with winscp…
It didn’t work at first time. Please see below the /var/log/auth.log

Jul  9 23:02:40 onlycp sshd[20986]: User admin from X.X.X.X not allowed because none of user's groups are listed in AllowGroups
Jul  9 23:02:40 onlycp sshd[20986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.116.102.90  user=admin
Jul  9 23:02:42 onlycp sshd[20986]: Failed password for invalid user admin from X.X.X.X port 51053 ssh2
Jul  9 23:03:06 onlycp sshd[20986]: Failed password for invalid user admin from X.X.X.X port 51053 ssh2
Jul  9 23:03:11 onlycp sshd[20986]: Connection closed by invalid user admin X.X.X.X port 51053 [preauth]
Jul  9 23:03:11 onlycp sshd[20986]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=X.X.X.X  user=admin
Jul  9 23:04:01 onlycp CRON[21000]: pam_unix(cron:session): session opened for user admin by (uid=0)
Jul  9 23:04:01 onlycp sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Jul  9 23:04:01 onlycp sudo: pam_unix(sudo:session): session closed for user root
Jul  9 23:04:01 onlycp CRON[21000]: pam_unix(cron:session): session closed for user admin

I believe the login on 23:04:01 was by HestiaCP ? !

Any advice ?

This is my setting in /etc/ssh/sshd_config:

AllowGroups sshusers

So I disabled this setting and was able to login. I was able to use FM since it is working now !

Jul  9 23:13:54 onlycp sshd[21865]: Accepted password for admin from X.X.X.X port 51231 ssh2
Jul  9 23:13:54 onlycp sshd[21865]: pam_unix(sshd:session): session opened for user admin by (uid=0)
Jul  9 23:13:54 onlycp systemd-logind[406]: New session 46 of user admin.

So some settings of /etc/ssh/sshd_config could be the reason for any problem.

These are my additional settings on my live server I always use:
AllowGroups sshusers
PermitRootLogin no
Port XXXXX
PasswordAuthentication no

I don’t want to miss them if possible.

Hope it helps to find a working solution for all. Thank you !

Small additional info:

I guess due to setting PasswordAuthentication no I won’t be able to use FM, either, right ?

grafik

eris · July 9, 2020, 8:48pm

Doesn’t matter normally…

Lupu · July 9, 2020, 9:16pm

Filemanager auto detects the sftp port used on login to panel. So after port change you must logout and relogin in hestia web panel

blockademarc · July 9, 2020, 9:20pm

Hi @Lupu, the port seems not to be the problem.

eris · July 9, 2020, 9:40pm

passwordAuthentication no isn’t the problem

I currently use that setting on my local server without issues

I think with

AllowGroups sshusers
PermitRootLogin no
Port XXXXX
PasswordAuthentication no

When I add this line I have the same issue

By default we limit access to ssh as nologin and supply an RSSH (featured upgraded to RUSH) support and have a Chroot jail.

Please try to remove it and check if it is working.

Maybe AllowGroups sshusers sftpusers will also work how ever not tested

Lupu · July 9, 2020, 9:45pm

Confirm if sftp is working thou (update sftp port if necesary), if this step fails you need to fix it before going forward:
sftp -P 22 -i /home/admin/.ssh/hst-filemanager-key [email protected]

ivanpos · July 10, 2020, 9:02am

I got this error for user with SSH Access set to no login, change that and it worked for me.

Thanks to Team Hestia CP for all their work.

Lupu · July 10, 2020, 11:21am

Filemanager does work fine with SSH access set to ‘nologin’

ivanpos · July 10, 2020, 12:14pm

Yes it does, thanks for clarifiying.

I didnt mean to confuse but that was all I changed and it worked so it must have been ssh keys update then.

AlexMKTD · July 10, 2020, 12:47pm

Great. and where should I make that change, if you can give me more clues please

ivanpos · July 10, 2020, 1:36pm

According to Lupu you dont need to. It is the “SSH Access” selector in each user settings page.

AlexMKTD · July 10, 2020, 4:59pm

Al fin encontre la solucion para mi caso.
La costumbre mia siempre es modificar el archivo .sshd_config y visudo para que el nuevo usuario creado pueda ingresar al terminal y a traves de este recien pueda ingresar el usuario root: entonces creo que este codigo AllowUserts newuser, es el que impedia que hestia pueda acceder al administrador de archivos lo que hice despues de muchas pruebas fue agregar al usuario admin a esa linea AllowUserts newuser admin, y por consiguiente borrar el contenido de la carpeta .ssh, cerar sesion y volver a iniciar y el administrador de archivos funciono. Espero que le sirva de ayuda a alguien. el proceso que segui fue el siguiente

instalar Ubuntu 20.04 en VPS
descargar hestia
instalar hestia
Asi funciona tambien el administrador, pero luego quise agregar capas de seguridad a mi VPS como cambiar puerto de SSH, negar acceso a root y obligarlo a que ingrese a traves de un nuevo usuario dentro de la terminal y es ahi donde el administrador de archivos dejaba de funcionar y daba “erro desconocido” entonces en el archivo sshd_config agregue al admin ademas del nuevo usuario y entonces el administrador de archivos ya no dio error, claro tmb tuve que borrar el contenido de la carpeta .ssh.

blockademarc · July 10, 2020, 7:00pm

Hi,
To be honest I am not sure if you found the final solution. I was able to look at it once again.
I am quit sure that the problem in my case the setting of AllowGroups in /etc/ssh/sshd_config is.
The user called admin is only a member of the group admin. I added admin to AllowGroups and I was able to use FM.
Other Hestia users belong to the group hestia-users. After I added also this group to AllowGroups I am able to use FM with every user.
So in my case there are only two ways to solve this issue:
I have to add further groups to /etc/ssh/sshd_config, now it looks like this:
AllowGroups sshusers admin hestia-users
Or, I disable this setting like this:
#AllowGroups sshusers admin hestia-users
I hope this helps someone. Don’t forget to restart ssh with /etc/init.d/ssh restart.

Gras · July 11, 2020, 4:51am

I had the similar issue but with non-admin user. I could see the admin correctly but the user was showing Unknown error
I did what @eris advised to do rm /home/admin/.ssh/* and rm /home/user/.ssh/* logout and logged again
Now the user account is showing all the content but should show just the /home/user folder.
How can I limit access to just /home/user folder?