ADMIN EDIT
Solution
apt install openssh-client
The OpenSSH client package includes the scp binary invoked by Dropbear when SCP clients access.
The same way, SFTP can be enabled:
apt install openssh-sftp-server
This installs the /usr/lib/sftp-server invoked by Dropbear on SFTP client access.
Only take care to not install the openssh-server package, which enables the conflicting OpenSSH server service (sshd), which blocks port 22 by default, used by Dropbear already for initial SSH access.
Dropbear is the primary SSH-Server on the Dietpi-Ecosystem. Transferring files with WinSCP failed with following error code:
"Cannot execute SCP to start transfer. Please make sure that SCP is installed on the server and path to it is included in PATH. You may also try SFTP instead of SCP.
Command failed with return code 127.".
Switching to OpenSSH will solve this issue. But it would be great, when I get rid of this annoying error message with Dropbear.
A short edit of the default.cfg will solve this issue:
cp /etc/profile /var/tmp
echo "export PATH=$PATH:/var/tmp/bin" >> /var/tmp/profile
mount -o bind /var/tmp/profile /etc/profile
mkdir /var/tmp/bin
ln -s /var/tmp/dropbear /var/tmp/bin/scp
Gill-Bates
All 10 comments
@Gill-Bates
Yes, Dropbear does not support SFTP natively.
Switching to OpenSSH will solve this issue. But it would be great, when I get rid of this annoying error message with Dropbear.
This is a very clear and informational message, isn't it? Why do you want to hide it?
Since /var/tmp/dropbear does not exist by default, I am not sure what your solution does? Also it adds a permanent (system-wide) bind mount. If you really want scp command to do something, why not create/link it from the local admin binary path, which is intended for this? ln -s /var/tmp/dropbear /usr/local/bin/scp
MichaIng
on 1 Jan 2020
@MichaIng Connect & Login works fine even with Dropbear and WinSCP. Try to edit & save a file to get the error message.
Gill-Bates
on 1 Jan 2020
@Gill-Bates
the challenge is, that you don't have any SCP executable on your system if Dropbear is installed.
root@DietPiVM1:~# which scp
root@DietPiVM1:~#
therefore you would need to switch to OpenSSH if you like to use SCP
root@DietPiVM1:~# which scp
/usr/bin/scp
root@DietPiVM1:~#
It should not take more than 2-3 minutes to switch the SSH Server using dietpi-software. Or are there any blockers switching to OpenSSH??
Joulinar
on 1 Jan 2020
@MichaIng No! Its not a blocker to switch. But Dropbear is more lightweight. So I was thinking to modify Dropbear to get it running with WinSCP
Gill-Bates
on 1 Jan 2020
I am confused now. scp is the SCP client, not the server, right? Yeah, it also comes with the openssh-client package: https://packages.debian.org/buster/amd64/openssh-client/filelist
SCP for what I found is just a non-interactive SFTP client implementation, so instead of having an interactive SFTP session which allows shell-like file manipulation besides upload of course, SCP does a single upload and exists immediately. But it requires an SFTP server regardless.
For SFTP/SCP, the SSH _server_ needs to have the SFTP protocol implemented/invoked, and this should be not the case with Dropbear, I am not totally mistaken. But one can simply install the OpenSSH SFTP server as standalone module: https://packages.debian.org/buster/openssh-sftp-server
I am not sure if there are other modifications required to Dropbear to invoke the sftp-server binary.
MichaIng
on 1 Jan 2020
@MichaIng
I checked which package is needed and openssh-client is shipping SCP executable. No need for the server package.
@Gill-Bates
simple installation of openssh-client package should fix your issue already and you can stay with Dropbear.
apt-get install openssh-client
afterwards you should be able to use SCP protocol with your WinSCP client
Joulinar
on 2 Jan 2020
@Joulinar
I checked which package is needed and openssh-client is shipping SCP executable. No need for the server package.
Yes, but this is the client, not the server, hence it will not allow you to upload something via WinSCP to your DietPi. This is why I tried to clarify with above, as the scp binary is not required and has nothing to do with WinSCP being able to connect or not. What you need on the server is the sftp-server binary and it needs to be invoked by the SSH server when a SFTP/SCP client connects.
MichaIng
on 2 Jan 2020
@MichaIng
nope. I checked it again on an empty VM. As soon as the openssh-client package is installed, the SCP executable is available. No need for any further configuration. Once done I opened my WinSCP client on my Windows desktop and connect to my VM using SCP protocol. Once connected I can download and upload files 馃槃
Joulinar
on 2 Jan 2020
@Joulinar
Very strange. Hmm, perhaps I misunderstood something and sftp-server is only required for interactive SFTP session. But still strange that scp binary makes a difference, since really, it is just a client... https://manpages.debian.org/scp
EDIT: Okay verified: SCP works without SFTP server and requires scp binary.
I use PuTTY SCP client (https://the.earth.li/~sgtatham/putty/latest/w64/pscp.exe) and it always failed on my server, but I recognised the -scp cmd option now which forces SCP protocol and finally it works with scp binary in place, while by default it uses SFTP protocol which requires sftp-server then (which must be placed at /usr/lib/sftp-server). Also good to know all of this works indeed without any further setup. And btw I simply copied the binary in place only, hence didn't install all the package overhead.
MichaIng
on 2 Jan 2020
Okay, I mark this issue as closed. Basically:
apt install openssh-sftp-server openssh-client
And SCP + SFTP via Dropbear works OOTB :+1:.
MichaIng
on 13 Mar 2020
Related issues
bhaveshgohel
路
3Comments
Invictaz
路
3Comments
pfeerick
路
3Comments
Fourdee
路
3Comments
Fourdee
路
3Comments