Score:-1

SFTP client connection fails using hostname

ae flag

I have configured a debian server, hosting a website, for FTPS access using vsftpd. Port 22, SSL enabled. When testing the connection with FileZilla, I successfully connect if I put the server's IP address in the host field. If I put the wesbsite's hostname, it fails. The server is under a private router with dynamic IP. Therefore, I am using a dynamic DNS service provided by Dynu DNS (my internet provider gives me the possibility to connect the router to Dynu, in order to let the router inform Dynu when the IP has changed). DNS records in Dynu are the A record, updated by my router, and the AAAA record (updated by Dynu).

Hostname Type Data
*.myhostname A 12.34.567.89
*.myhostname AAAA [IPv6 address]

And in FileZilla:

Host Connection Status FileZilla logs
12.34.567.89 Success Command: open "[email protected]" 22
Trace: Looking up host "12.34.567.89" for SSH connection
Trace: Connecting to 12.34.567.89 port 22
myhostname Failed Command: open "username@myhostname" 22
Trace: Looking up host "myhostname" for SSH connection
Trace: Connecting to [IPv6 address] port 22
Patrick Mevzek avatar
cn flag
`12.34.567.89` is not an IPv4 address.
perissf avatar
ae flag
@PatrickMevzek thanks for your precious comment... and if the IPv4 were a fake?
Patrick Mevzek avatar
cn flag
You are welcome. Please read RFC 5737. Or just improve your question substantially by giving the real name and IP involved instead of bad and useless obfuscation.
Score:0
us flag
Rob

Too long to comment and possibly completely wrong, but:

It looks like the problem is not related to your hostname but more the difference between accessing your system over IPv4 versus IPv6.

It also seems that you're using port forwarding or something similar to expose port 22. That is needed when your server uses an RFC 1918 private use IPv4 address and your router performs NAT.

With a correct IPv6 setup though your server has a globally unique and routable IPv6 address and you don't do NAT. And after granting access in your firewall, you should be able to access the server directly by its own IPv6 address, rather than by the IPv6 address of the router. That means that you should also register the server's IPv6 address, rather than your routers IPv6 address with the dynamic dns provider.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.