EDIT: Well, found (at least one) problem. We set up a new VM and installed the latest version of OpenSSH server for windows (v8.9) and it also fails to run correctly. The servers where it still works are running the older release, v8.6. I'm in the process of confirming that is the issue, and seeing what I'm doing wrong that causes 8.9 to fail.
I have been setting up some Windows Server 2012 VMs as SFTP servers using the OpenSSH for Windows portable. I got about a half dozen done successfully but ran into an issue with one where I'm getting the error "FATAL ERROR: Received unexpected end-of-file from SFTP server". The weird thing is this is on a server built off the same VM image, though older than the servers where it has worked. This makes me think it's a weird permissions issue.
These are the custom changes to c:\programdata\ssh\sshd_config file that I made, besides the port number which I've omitted:
AllowUsers ssh_user
PasswordAuthentication yes
Subsystem sftp internal-sftp
ChrootDirectory C:/Output/
SyslogFacility LOCAL0
LogLevel Debug3
I'm using psftp to connect and it connects successfully, but then gets the error. Here's what the verbose psftp command gives (minus some sensitive info):
Looking up host "[REDACTED]" for SSH connection
Connecting to [REDACTED] port [REDACTED]
We claim version: SSH-2.0-PuTTY_Release_0.76
Connected to [REDACTED]
Remote version: SSH-2.0-OpenSSH_for_Windows_8.9
Using SSH protocol version 2
No GSSAPI security context available
Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
Server also has ecdsa-sha2-nistp256/rsa-sha2-512/rsa-sha2-256 host keys, but we
don't know any of them
Host key fingerprint is:
ssh-ed25519 255 SHA256:QOfqSphtid9jnXb2MWHvPS/6AerXYPQ9YUdhgORny5I
Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
Using username "ssh_user".
Attempting keyboard-interactive authentication
Server refused keyboard-interactive authentication
Sent password
Access granted
Opening main session channel
Opened main channel
Started a shell/command
Connected to [REDACTED]
FATAL ERROR: Received unexpected end-of-file from SFTP server
I have a log file from the ssh server, but StackExchange thinks its spam. It's about 300 lines long.
I'm kind of at a loss here on what is actually causing this. The config file is the same on the other VMs without this issue. I've given the ssh user account full access to C:\Output as well as the programdata\ssh folders (though it shouldn't need the latter). I've also run the permission fix Powershell scripts that come with the OpenSSH install, but they haven't made a difference, nor has reinstalling OpenSSH.
