BackWPup ssh failure

  • Resolved dnessett

    (@dnessett)


    2 years, 9 months ago

    I am using backwpup to backup my wordpress databases using sftp. My wordpress site is running on an IONOS shared hosting server, which does not provide access to a command line.

    When I attempt the backup, it fails. I an running an sftp server on oracle linux and when I look in the /var/log/secure file, which logs ssh errors, I see the following:

    Feb 3 12:52:20 left-dell-t110 sshd[4175]: Invalid user user from 141.98.10.47 port 55422
    Feb 3 12:52:20 left-dell-t110 sshd[4175]: pam_unix(sshd:auth): check pass; user unknown
    Feb 3 12:52:20 left-dell-t110 sshd[4175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.47
    Feb 3 12:52:23 left-dell-t110 sshd[4175]: Failed password for invalid user user from 141.98.10.47 port 55422 ssh2
    Feb 3 12:52:25 left-dell-t110 sshd[4175]: Received disconnect from 141.98.10.47 port 55422:11: Normal Shutdown, Thank you for playing [preauth]
    Feb 3 12:52:25 left-dell-t110 sshd[4175]: Disconnected from invalid user user 141.98.10.47 port 55422 [preauth]

    The host on which wordpress is running is not 141.98.10.47, nor is this the address of the sftp machine. 141.98.10.47:55422 is sending a login request for the user “user”, which seems like an error. There is a mysterious notation when 141.98.10.47 disconnects stipulating “Thank you for playing [preauth]”. I am not sure what “preauth” means.

    I have tried using both PHP 7.4 and PHP 8.0 and get the same results.

    I have a screenshot of the FTP parameters, but there seems to be no way to attach it to this message

    • This topic was modified 2 years, 9 months ago by dnessett.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter dnessett

    (@dnessett)

    OK. After poking around with Google, it appears the “preauth” activity is coming from bots trying to penetrate the system. I changed the port sshd listens on to 2200 and it went away. I am still not able, however, to save the database with BackWPup. I ran sshd in debug mode and here is the output:

    Server listening on :: port 2200.
    debug1: Server will not fork when running in debugging mode.
    debug1: rexec start in 8 out 8 newsock 8 pipe -1 sock 11
    debug1: inetd sockets after dupping: 4, 4
    Connection from 74.208.xxx.yyy port 44128 on 192.168.1.54 port 2200
    debug1: Local version string SSH-2.0-OpenSSH_8.0
    kex_exchange_identification: Connection closed by remote host

    sshd seems to accept a connection request from the server on which the wordpress site is running (74.208.xxx.yyy, where I have obscured the address using “xxx.yyy”). However, it then sits around and nothing happens. On the server side the output is:

    [INFO] BackWPup 3.10.0; A project of Inpsyde GmbH
    [INFO] WordPress 5.8.3 on https://test.mountolive.com/
    [INFO] Log Level: Normal
    [INFO] BackWPup job: Daily Database Backup
    [INFO] Logfile is: backwpup_log_d6b910_2022-02-04_11-49-53.html
    [INFO] Backup file is: 2022-02-04_11-49-53_VJN2B2OI01.zip
    [04-Feb-2022 11:49:53] 1. Try to backup database …
    [04-Feb-2022 11:49:53] Connected to database dbs1152161 on db5001358689.hosting-data.io
    [04-Feb-2022 11:49:53] Added database dump “dbs1152161.sql.gz” with 1.50 MB to backup file list
    [04-Feb-2022 11:49:53] Database backup done!
    [04-Feb-2022 11:49:53] 1. Trying to generate a file with installed plugin names …
    [04-Feb-2022 11:49:53] Added plugin list file “Test-Mount-Olive-Church-Billings.pluginlist.2022-02-04.txt” with 4.53 KB to backup file list.
    [04-Feb-2022 11:49:53] 1. Trying to generate a manifest file …
    [04-Feb-2022 11:49:53] Added manifest.json file with 5.28 KB to backup file list.
    [04-Feb-2022 11:49:53] 1. Trying to create backup archive …
    [04-Feb-2022 11:49:53] Compressing files as ZipArchive. Please be patient, this may take a moment.
    [04-Feb-2022 11:49:53] Backup archive created.
    [04-Feb-2022 11:49:53] Archive size is 1.45 MB.
    [04-Feb-2022 11:49:53] 4 Files with 1.51 MB in Archive.
    [04-Feb-2022 11:49:53] 1. Try to send backup file to an FTP server …
    [04-Feb-2022 11:51:20] ERROR: Aborted by user!
    [04-Feb-2022 11:51:20] ERROR: Job has ended with errors in 87 seconds. You must resolve the errors for correct execution.
    [04-Feb-2022 11:51:24] WARNING: ftp_ssl_connect(): Connection timed out
    [04-Feb-2022 11:51:24] ERROR: Aborted by user!
    [04-Feb-2022 11:51:24] ERROR: Job has ended with errors in 91 seconds. You must resolve the errors for correct execution.

    I aborted the job after waiting 90 seconds. The job hangs after “1. Try to send backup file to an FTP server …” and does nothing. I am not sure how to proceed to debug this problem, since the BackWPup side of things gives little information allowing me to make progress. There is an indication that Log Level can be changed, but I don’t know how to do that.

    Thread Starter dnessett

    (@dnessett)

    Update

    The sftp server is behind a firewall. I was able to access it from outside the firewall using FileZilla. It is looking like there is something wrong with BackWPup, either a configuration problem or a bug. For completeness, I am including the FileZilla debug log in case that helps suggest what might be the problem. I have obscured the IP address for security purposes.

    Status: Connecting to 184.167.xxx.yyy:2200…
    Trace: Going to execute /Applications/FileZilla.app/Contents/MacOS/fzsftp
    Response: fzSftp started
    Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)
    Trace: CSftpControlSocket::SendNextCommand()
    Trace: CSftpControlSocket::ConnectSend()
    Command: open “[email protected]” 2200
    Trace: Server version: SSH-2.0-OpenSSH_8.0
    Trace: Using SSH protocol version 2
    Trace: We claim version: SSH-2.0-PuTTY_Local:_Aug_28_2011_23:19:42
    Trace: Using Diffie-Hellman with standard group “group14”
    Trace: Doing Diffie-Hellman key exchange with hash SHA-1
    Command: Trust new Hostkey: Yes
    Trace: Host key fingerprint is:
    Trace: ssh-rsa 3072 77:59:29:52:3b:20:1e:6a:e8:bd:5c:09:b8:e6:84:ca
    Trace: Initialised AES-256 SDCTR client->server encryption
    Trace: Initialised HMAC-SHA1 client->server MAC algorithm
    Trace: Initialised AES-256 SDCTR server->client encryption
    Trace: Initialised HMAC-SHA1 server->client MAC algorithm
    Trace: Pageant is running. Requesting keys.
    Trace: Pageant has 0 SSH-2 keys
    Command: Pass: ************
    Trace: Sent password
    Trace: Access granted
    Trace: Opened channel for session
    Trace: Started a shell/command
    Status: Connected to 184.167.xxx.yyy
    Trace: CSftpControlSocket::ConnectParseResponse()
    Trace: CSftpControlSocket::ResetOperation(0)
    Trace: CControlSocket::ResetOperation(0)
    Trace: CFileZillaEnginePrivate::ResetOperation(0)
    Status: Retrieving directory listing…
    Trace: CSftpControlSocket::SendNextCommand()
    Trace: CSftpControlSocket::ChangeDirSend()
    Command: pwd
    Response: Current directory is: “/home/webserverbackup”
    Trace: CSftpControlSocket::ResetOperation(0)
    Trace: CControlSocket::ResetOperation(0)
    Trace: CSftpControlSocket::ParseSubcommandResult(0)
    Trace: CSftpControlSocket::ListSubcommandResult()
    Trace: state = 1
    Trace: CSftpControlSocket::SendNextCommand()
    Trace: CSftpControlSocket::ListSend()
    Trace: state = 2
    Command: ls
    Status: Listing directory /home/webserverbackup
    Trace: CSftpControlSocket::ListParseResponse()
    Trace: CSftpControlSocket::SendNextCommand()
    Trace: CSftpControlSocket::ListSend()
    Trace: state = 3
    Status: Calculating timezone offset of server…
    Command: mtime “.mozilla”
    Response: 1628244375
    Trace: CSftpControlSocket::ListParseResponse(1628244375)
    Status: Timezone offsets: Server: -21600 seconds. Local: -25200 seconds. Difference: -3600 seconds.
    Trace: CSftpControlSocket::ResetOperation(0)
    Trace: CControlSocket::ResetOperation(0)
    Status: Directory listing successful
    Trace: CFileZillaEnginePrivate::ResetOperation(0)`

    Plugin Support happyAnt

    (@duongcuong96)

    Hello @dnessett
    BackWPUp for now did not support ssh-ftp backup yet, so that why your backup didn’t works.
    Please use FTP/FTPs or use other backup destinations, thank you!
    Thank you!

    Thread Starter dnessett

    (@dnessett)

    Thanks. I would like to use an S3 service running on our local cloud to store backups. I would like to configure the backups to use TLS encryption to protect the data as it travels over the internet. I am not enquiring about encrypting the files, which requires the BackWPup Pro version of the plugin, but rather encrypting the communication of those files. The files will be stored in plaintext on the local cloud. Does the backup plugin support this?

    Plugin Support happyAnt

    (@duongcuong96)

    @dnessett
    you can try yourself with the S3 destination, BackWpUp allow you to do custom s3 ^^
    I hope my answer could help

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘BackWPup ssh failure’ is closed to new replies.