SFTP chroot to /var/www stopped working

Question

04 and setup sftp chroot to /var/www for our 2 developers. I followed the guide available online (referenced a few other as well) http://www.krizna.com/ubuntu/setup-ftp-server-on-ubuntu-14-04-vsftpd/ and setup vsftpd and setup ssh configuring in sshd_config file. I setup root:root with 755 for /var/www path. Everything was working fine till I took some time off and once I came back, none of the developers are able to login. I checked the setup, ssh configuration, directory permissions but I'm not able to figure out what could it be. I have a similar ubuntu machine 14.04 and sftp is working fine on it. I matched the settings and there isn't any difference. I tried to use WinSCP and every time i tried to connect, I'm prompted for a password after which it flashes and goes back to main WinSCP screen. Checked the auth logs and all it says" password was accepted for the user". No errors or warnings. Tried using Cyberduck and it says unknown fingerprint for the server. Allow or deny. I checked the fingerprint of the server against the ECDSA.pub file and it's the correct one. Once I allow and put the password, I get EOF while reading packet, Interoperability failure.

Please help!!

Here is the new log after I realized what I need to do.

    SERVER LOG
    debug3: fd 5 is not O_NONBLOCK
    debug1: Server will not fork when running in debugging mode.
    debug3: send_rexec_state: entering fd = 8 config len 828
    debug3: ssh_msg_send: type 0
    debug3: send_rexec_state: done
    debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
    debug1: inetd sockets after dupping: 3, 3
    Connection from Server IP port 41348 on Server IP port 2222
    debug1: Client protocol version 2.0; client software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
    debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
    debug2: fd 3 setting O_NONBLOCK
    debug2: Network child is on pid 19791
    debug3: preauth child monitor started
    debug3: privsep user:group 105:65534 [preauth]
    debug1: permanently_set_uid: 105/65534 [preauth]
    debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
    debug1: SSH2_MSG_KEXINIT sent [preauth]
    debug1: SSH2_MSG_KEXINIT received [preauth]
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
    debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
    debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
    debug2: kex_parse_kexinit:  [preauth]
    debug2: kex_parse_kexinit:  [preauth]
    debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
    debug2: kex_parse_kexinit: reserved 0  [preauth]
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
    debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss [preauth]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
    debug2: kex_parse_kexinit:  [preauth]
    debug2: kex_parse_kexinit:  [preauth]
    debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
    debug2: kex_parse_kexinit: reserved 0  [preauth]
    debug2: mac_setup: setup hmac-md5-etm@openssh.com [preauth]
    debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none [preauth]
    debug2: mac_setup: setup hmac-md5-etm@openssh.com [preauth]
    debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none [preauth]
    debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
    debug3: mm_key_sign entering [preauth]
    debug3: mm_request_send entering: type 6 [preauth]
    debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
    debug3: mm_request_receive_expect entering: type 7 [preauth]
    debug3: mm_request_receive entering [preauth]
    debug3: mm_request_receive entering
    debug3: monitor_read: checking request 6
    debug3: mm_answer_sign
    debug3: mm_answer_sign: signature 0x7fea7fe7f860(100)
    debug3: mm_request_send entering: type 7
    debug2: monitor_read: 6 used once, disabling now
    debug2: kex_derive_keys [preauth]
    debug2: set_newkeys: mode 1 [preauth]
    debug1: SSH2_MSG_NEWKEYS sent [preauth]
    debug1: expecting SSH2_MSG_NEWKEYS [preauth]
    debug2: set_newkeys: mode 0 [preauth]
    debug1: SSH2_MSG_NEWKEYS received [preauth]
    debug1: KEX done [preauth]
    debug1: userauth-request for user dev1 service ssh-connection method none [preauth]
    debug1: attempt 0 failures 0 [preauth]
    debug3: mm_getpwnamallow entering [preauth]
    debug3: mm_request_send entering: type 8 [preauth]
    debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
    debug3: mm_request_receive_expect entering: type 9 [preauth]
    debug3: mm_request_receive entering [preauth]
    debug3: mm_request_receive entering
    debug3: monitor_read: checking request 8
    debug3: mm_answer_pwnamallow
    debug3: Trying to reverse map address Server IP.
    debug2: parse_server_config: config reprocess config len 828
    debug3: checking match for 'Group sftpusers' user dev1 host addr Server IP laddr Server IP lport 2222
    debug1: user dev1 matched group list sftpusers at line 80
    debug3: match found
    debug3: reprocess config:81 setting ChrootDirectory /var/www/
    debug3: reprocess config:82 setting X11Forwarding no
    debug3: reprocess config:83 setting AllowTcpForwarding no
    debug3: reprocess config:84 setting ForceCommand internal-sftp -u 0002
    debug3: auth_shadow_acctexpired: today 16807 sp_expire -1 days left -16808
    debug3: account expiration disabled
    debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
    debug3: mm_request_send entering: type 9
    debug2: monitor_read: 8 used once, disabling now
    debug2: input_userauth_request: setting up authctxt for dev1 [preauth]
    debug3: mm_inform_authserv entering [preauth]
    debug3: mm_request_send entering: type 4 [preauth]
    debug2: input_userauth_request: try method none [preauth]
    debug3: userauth_finish: failure partial=0 next methods="publickey,password" [preauth]
    debug3: mm_request_receive entering
    debug3: monitor_read: checking request 4
    debug3: mm_answer_authserv: service=ssh-connection, style=, role=
    debug2: monitor_read: 4 used once, disabling now
    debug1: userauth-request for user dev1 service ssh-connection method password [preauth]
    debug1: attempt 1 failures 0 [preauth]
    debug2: input_userauth_request: try method password [preauth]
    debug3: mm_auth_password entering [preauth]
    debug3: mm_request_send entering: type 12 [preauth]
    debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]
    debug3: mm_request_receive_expect entering: type 13 [preauth]
    debug3: mm_request_receive entering [preauth]
    debug3: mm_request_receive entering
    debug3: monitor_read: checking request 12
    debug3: auth_shadow_pwexpired: today 16807 sp_lstchg 16805 sp_max 99999
    debug3: mm_answer_authpassword: sending result 1
    debug3: mm_request_send entering: type 13
    Accepted password for dev1 from Server IP port 41348 ssh2
    debug1: monitor_child_preauth: dev1 has been authenticated by privileged process
    debug3: mm_get_keystate: Waiting for new keys
    debug3: mm_request_receive_expect entering: type 26
    debug3: mm_request_receive entering
    debug3: mm_newkeys_from_blob: 0x7fea7fe8b010(138)
    debug2: mac_setup: setup hmac-md5-etm@openssh.com
    debug3: mm_get_keystate: Waiting for second key
    debug3: mm_newkeys_from_blob: 0x7fea7fe8b010(138)
    debug2: mac_setup: setup hmac-md5-etm@openssh.com
    debug3: mm_get_keystate: Getting compression state
    debug3: mm_get_keystate: Getting Network I/O buffers
    debug3: mm_auth_password: user authenticated [preauth]
    debug3: mm_send_keystate: Sending new keys: 0x7fea7fe8aef0 0x7fea7fe805a0 [preauth]
    debug3: mm_newkeys_to_blob: converting 0x7fea7fe8aef0 [preauth]
    debug3: mm_newkeys_to_blob: converting 0x7fea7fe805a0 [preauth]
    debug3: mm_send_keystate: New keys have been sent [preauth]
    debug3: mm_send_keystate: Sending compression state [preauth]
    debug3: mm_request_send entering: type 26 [preauth]
    debug3: mm_send_keystate: Finished sending state [preauth]
    debug1: monitor_read_log: child log fd closed
    debug3: mm_share_sync: Share sync
    debug3: mm_share_sync: Share sync end
    User child is on pid 19793
    debug1: SELinux support disabled
    debug3: safely_chroot: checking '/'
    debug3: safely_chroot: checking '/var/'
    debug3: safely_chroot: checking '/var/www/'
    debug3: safely_chroot: checking '/var/www/'
    Changed root directory to "/var/www/"
    debug1: permanently_set_uid: 1002/1002
    debug2: set_newkeys: mode 0
    debug2: set_newkeys: mode 1
    debug1: Entering interactive session for SSH2.
    debug2: fd 5 setting O_NONBLOCK
    debug2: fd 6 setting O_NONBLOCK
    debug1: server_init_dispatch_20
    debug1: server_input_channel_open: ctype session rchan 0 win 2097152 max 32768
    debug1: input_session_request
    debug1: channel 0: new [server-session]
    debug2: session_new: allocate (allocated 0 max 10)
    debug3: session_unused: session id 0 unused
    debug1: session_new: session 0
    debug1: session_open: channel 0
    debug1: session_open: session 0: link with channel 0
    debug1: server_input_channel_open: confirm session
    debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
    debug1: server_input_channel_req: channel 0 request subsystem reply 1
    debug1: session_by_channel: session 0 channel 0
    debug1: session_input_channel_req: session 0 req subsystem
    debug2: subsystem request for sftp by user dev1
    debug1: subsystem: internal-sftp
    Starting session: forced-command (config) 'internal-sftp -u 0002        ' for dev1 from Server IP port 41348
    debug2: fd 3 setting TCP_NODELAY
    debug3: packet_set_tos: set IP_TOS 0x08
    debug2: fd 9 setting O_NONBLOCK
    debug2: fd 8 setting O_NONBLOCK
    debug2: fd 11 setting O_NONBLOCK
    debug2: channel 0: read 369 from efd 11
    debug3: channel 0: discard efd
    debug2: channel 0: read 71 from efd 11
    debug3: channel 0: discard efd
    debug1: Received SIGCHLD.
    debug1: session_by_pid: pid 19794
    debug1: session_exit_message: session 0 channel 0 pid 19794
    debug2: channel 0: request exit-status confirm 0
    debug1: session_exit_message: release channel 0
    debug2: channel 0: write failed
    debug2: channel 0: close_write
    debug2: channel 0: send eow
    debug2: channel 0: output open -> closed
    debug2: channel 0: read<=0 rfd 9 len 0
    debug2: channel 0: read failed
    debug2: channel 0: close_read
    debug2: channel 0: input open -> drain
    debug2: channel 0: read 0 from efd 11
    debug2: channel 0: closing read-efd 11
    debug2: channel 0: ibuf empty
    debug2: channel 0: send eof
    debug2: channel 0: input drain -> closed
    debug2: channel 0: send close
    debug2: notify_done: reading
    debug3: channel 0: will not send data after close
    debug2: channel 0: rcvd close
    Received disconnect from Server IP: 11: disconnected by user
    debug1: do_cleanup
    debug3: mm_request_receive entering
    debug1: do_cleanup

    Client LOG
    sftp -vvvP 2222 dev1@Server IP
    OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to Server IP [Server IP] port 2222.
    debug1: Connection established.
    debug1: identity file /home/vaneets/.ssh/id_rsa type -1
    debug1: identity file /home/vaneets/.ssh/id_rsa-cert type -1
    debug1: identity file /home/vaneets/.ssh/id_dsa type -1
    debug1: identity file /home/vaneets/.ssh/id_dsa-cert type -1
    debug1: identity file /home/vaneets/.ssh/id_ecdsa type -1
    debug1: identity file /home/vaneets/.ssh/id_ecdsa-cert type -1
    debug1: identity file /home/vaneets/.ssh/id_ed25519 type -1
    debug1: identity file /home/vaneets/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
    debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
    debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
    debug2: fd 3 setting O_NONBLOCK
    debug3: put_host_port: [Server IP]:2222
    debug3: load_hostkeys: loading entries for host "[Server IP]:2222" from file "/home/vaneets/.ssh/known_hosts"
    debug3: load_hostkeys: loaded 0 keys
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-                                               hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-                                               nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com                                               ,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,s                                               sh-ed25519,ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@open                                               ssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae                                               l-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@open                                               ssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae                                               l-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@opens                                               sh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens                                               sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-5                                               12,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@opens                                               sh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens                                               sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-5                                               12,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-                                               hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@open                                               ssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae                                               l-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@open                                               ssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae                                               l-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@opens                                               sh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens                                               sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-5                                               12,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@opens                                               sh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens                                               sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-5                                               12,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_setup: setup hmac-md5-etm@openssh.com
    debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
    debug2: mac_setup: setup hmac-md5-etm@openssh.com
    debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
    debug1: sending SSH2_MSG_KEX_ECDH_INIT
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: Server host key: ECDSA 3b:1c:66:e0:be:44:82:07:bf:53:6e:2f:83:f5:c0:ca
    debug3: put_host_port: [Server IP]:2222
    debug3: put_host_port: [Server IP]:2222
    debug3: load_hostkeys: loading entries for host "[Server IP]:2222" from file "/home/vaneets/.ssh/known_hosts"
    debug3: load_hostkeys: loaded 0 keys
    debug3: load_hostkeys: loading entries for host "[Server IP]:2222" from file "/home/vaneets/.ssh/known_hosts"
    debug3: load_hostkeys: loaded 0 keys
    debug1: checking without port identifier
    debug3: load_hostkeys: loading entries for host "Server IP" from file "/home/vaneets/.ssh/known_hosts"
    debug3: load_hostkeys: loaded 0 keys
    The authenticity of host '[Server IP]:2222 ([Server IP]:2222)' can't be established.
    ECDSA key fingerprint is 3b:1c:66:e0:be:44:82:07:bf:53:6e:2f:83:f5:c0:ca.
    Are you sure you want to continue connecting (yes/no)? y
    Please type 'yes' or 'no': yes
    Warning: Permanently added '[Server IP]:2222' (ECDSA) to the list of known hosts.
    debug1: ssh_ecdsa_verify: signature correct
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/vaneets/.ssh/id_rsa ((nil)),
    debug2: key: /home/vaneets/.ssh/id_dsa ((nil)),
    debug2: key: /home/vaneets/.ssh/id_ecdsa ((nil)),
    debug2: key: /home/vaneets/.ssh/id_ed25519 ((nil)),
    debug1: Authentications that can continue: publickey,password
    debug3: start over, passed a different list publickey,password
    debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home/vaneets/.ssh/id_rsa
    debug3: no such identity: /home/vaneets/.ssh/id_rsa: No such file or directory
    debug1: Trying private key: /home/vaneets/.ssh/id_dsa
    debug3: no such identity: /home/vaneets/.ssh/id_dsa: No such file or directory
    debug1: Trying private key: /home/vaneets/.ssh/id_ecdsa
    debug3: no such identity: /home/vaneets/.ssh/id_ecdsa: No such file or directory
    debug1: Trying private key: /home/vaneets/.ssh/id_ed25519
    debug3: no such identity: /home/vaneets/.ssh/id_ed25519: No such file or directory
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup password
    debug3: remaining preferred: ,password
    debug3: authmethod_is_enabled password
    debug1: Next authentication method: password
    dev1@Server IP's password:
    debug3: packet_send2: adding 64 (len 57 padlen 7 extra_pad 64)
    debug2: we sent a password packet, wait for reply
    debug1: Authentication succeeded (password).
    Authenticated to Server IP ([Server IP]:2222).
    debug2: fd 4 setting O_NONBLOCK
    debug3: fd 5 is O_NONBLOCK
    debug1: channel 0: new [client-session]
    debug3: ssh_session2_open: channel_new: 0
    debug2: channel 0: send open
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.
    debug2: callback start
    debug2: fd 3 setting TCP_NODELAY
    debug3: packet_set_tos: set IP_TOS 0x08
    debug2: client_session2_setup: id 0
    debug1: Sending environment.
    debug3: Ignored env TERM
    debug3: Ignored env SHELL
    debug3: Ignored env SSH_CLIENT
    debug3: Ignored env OLDPWD
    debug3: Ignored env SSH_TTY
    debug3: Ignored env USER
    debug3: Ignored env LS_COLORS
    debug3: Ignored env MAIL
    debug3: Ignored env PATH
    debug3: Ignored env PWD
    debug3: Ignored env SHLVL
    debug3: Ignored env HOME
    debug3: Ignored env LOGNAME
    debug3: Ignored env SSH_CONNECTION
    debug3: Ignored env LESSOPEN
    debug3: Ignored env LESSCLOSE
    debug3: Ignored env _
    debug1: Sending subsystem: sftp
    debug2: channel 0: request subsystem confirm 1
    debug2: callback done
    debug2: channel 0: open confirm rwindow 0 rmax 32768
    debug2: channel 0: rcvd adjust 2097152
    debug2: channel_input_status_confirm: type 99 id 0
    debug2: subsystem request accepted on channel 0
    debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
    debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
    debug2: channel 0: rcvd eow
    debug2: channel 0: close_read
    debug2: channel 0: input open -> closed
    debug2: channel 0: rcvd eof
    debug2: channel 0: output open -> drain
    debug2: channel 0: obuf empty
    debug2: channel 0: close_write
    debug2: channel 0: output drain -> closed
    debug2: channel 0: rcvd close
    debug3: channel 0: will not send data after close
    debug2: channel 0: almost dead
    debug2: channel 0: gc: notify user
    debug2: channel 0: gc: user detached
    debug2: channel 0: send close
    debug2: channel 0: is dead
    debug2: channel 0: garbage collecting
    debug1: channel 0: free: client-session, nchannels 1
    debug3: channel 0: status: The following connections are open:
      #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

    debug1: fd 0 clearing O_NONBLOCK
    debug3: fd 1 is not O_NONBLOCK
    Transferred: sent 2484, received 2208 bytes, in 0.0 seconds
    Bytes per second: sent 267639.0, received 237901.3
    debug1: Exit status 255

what do you see in server logs? How does debug log of server look like if you try to log in? — Jakuje, Jan 06 '16 at 20:14
@Jakuje i'm not able to post my logs in comments. Do I need to edit my post and put the information there. I'm getting too many characters error. — Vin, Jan 06 '16 at 20:49
You need to provide `auth.log` when one of your developers tries to log in. Your login works fine so we won't see any errors when you try. — roaima, Jan 06 '16 at 20:57
@roaima accepted passwords for dev 1 and dev2 are the times when I tried to login using their credentials. Its says accepted password in the log but WinSCP and Cyberduck doesn't work, see above. — Vin, Jan 06 '16 at 20:58
Did `ssh` as one of your non-working accounts succeed? What has been added to `.bash_profile` or `.profile` recently? Something may be writing to _stdout_ (or trying to set terminal characteristics) — roaima, Jan 06 '16 at 21:09
@roaima both the dev accounts don't have shell access. I tried to ssh using putty and once I entered username and password, putty just closed. I even tried adding a new user, thinking something could be wonky with /etc/passwd or /etc/group (not sure why) but the new user sftp login acted the same way. I haven't added anything to the server in last two months but couldn't tell what changes were made behind me. — Vin, Jan 06 '16 at 21:24
give it a try with debug mode. In one terminal run `/usr/sbin/sshd -Ddddp 2222`, in the second connect using dev account `sftp -vvvP2222 localhost` and post the both logs into the edited question. — Jakuje, Jan 06 '16 at 21:27
Appears this may be a [known bug in Cyberduck](https://trac.cyberduck.io/ticket/8173). I don't know about WinSCP. — roaima, Jan 06 '16 at 23:03
@Jakuje Hi, I have posted the logs for server and client. Please have a look when you get a chance. Thx — Vin, Jan 07 '16 at 13:38
@roaima both clients are up to date. I'm not sure if its a bug as both were able to sftp before. — Vin, Jan 07 '16 at 13:40
Please, try once more from localhost. This connection was refused even earlier by `debug1: Connection refused by tcp wrapper`, or allow this port in `/etc/hosts.allow`. — Jakuje, Jan 07 '16 at 13:41
@Jakuje I opened the port 2222 in iptables (didn't restart the iptables service or reboot the server) and tried the debug again and its the exact same output as I posted before for both server and client. — Vin, Jan 07 '16 at 13:55
@Vin please review what @Jakuje asked. You need to look at `/etc/hosts.allow` and `/etc/hosts.deny`. This is _not_ an `iptables` issue. — roaima, Jan 07 '16 at 14:27
@roaima the hosts.allow file contains sshd: all the ips of admins and devs. I don't have any ports enabled in hosts.allow but in iptables.hosts.deny contains All:All. Is there anything else that I need to do? — Vin, Jan 07 '16 at 14:28
@Jakuje here is the new log. Thank you for your patience guys!! — Vin, Jan 07 '16 at 14:49
@Vin is this latest log one that successfully logs in, or one that fails? — roaima, Jan 07 '16 at 15:18
@roaima the latest log is the one that fails. I didn't try logging in as myself which usually works. I tried logging in as the dev and it fails. Please let me know if you would like me to try something else. — Vin, Jan 07 '16 at 18:20
I just ran my login and it was successful. I wish I could add the successful log but I have reached the limit for the body of my question.Can't add any more content in my question. — Vin, Jan 07 '16 at 18:26
Can anybody help me with this? I'm still trying to resolve it. Thanks — Vin, Jan 12 '16 at 14:08

score 0 · Answer 1 · answered Jan 13 '16 at 20:54

0

After too much time spending and no luck, I have decided to move the websites to another webserver and scrap this server since the devs can't access it anymore through sftp.

Thank you everyone for their help.

Vaneet

answered Jan 13 '16 at 20:54

Vin

11
5

SFTP chroot to /var/www stopped working

1 Answers1