Core FTP

Hi all,

I am getting the error message when trying to log into my SFTP site.

I'm not sure why this is happening as the site works for a couple of weeks or so and then all users start getting the above error.

There is no work being done on the server so I don't get why it would just stop working all of a sudden.

If I stop the service and restart it, it works again.

My biggest issue is that we get daily deliveries of data early in the morning and I have no warning that this issue has arisen again.

Any help would be much appreciated.

Thanks, Bernie.

It means your server key is not being saved, usually it's due to a permissions error and the server has to recreate the server key on reboot.

Create a directory (ie: c:\certs).

Then go into the global settings -> certificate path and change the cert directory to the newly created directory.

Copy any existing certificates from the old certificate path (typically c:\program files\CoreFTPServer\certs\).

Restart server.

Thanks for that.

I've made the changes and will let you know over the next month if we still have any outages.

Thanks, Bernie.

I've just taken a look at the activity log and can see the following:

[#1] [20140210 03:22:50] [99.999.999.999] user 'root' sent
[#1] [20140210 03:22:50] [99.999.999.999] password sent, failed...
[#1] [20140210 03:22:50] [99.999.999.999] user 'root' sent
[#1] [20140210 03:22:50] [99.999.999.999] password sent, failed...
[#1] [20140210 03:22:50] [99.999.999.999] user 'root' sent
[#1] [20140210 03:22:51] [99.999.999.999] password sent, failed...
[#1] [20140210 03:22:51] [99.999.999.999] user 'root' sent
[#1] [20140210 03:22:51] [99.999.999.999] password sent, failed...

Am I correct in assuming that this is someone trying to hack in as the root user?

yes, essentially hacking. There are going to be additional fixes in build 521 and greater to auto-ban this type of thing.