JunOS : SFTP connection no longer work after upgrading to v21

By | February 11, 2024

If you were running JunOS v20 or lower, recently upgraded to v21 or above and experiencee SFTP connection failure, this is most likely because you are missing the newly introduced “sftp-server” service subsystem statement in your configuration.

Indeed, Juniper introduced this feature starting JunOS v21 for security purposes.

Looking at the logs :

show log messages

You should see the following related entries :

Feb 10 06:17:23 sshd[11104]: Accepted password for root from x.x.x.x port 6330 ssh2
Feb 10 06:17:23 sshd[11104]: subsystem request for sftp by user root failed, subsystem not found

To fix this issue by re-enable SFTP server capabilities, simply do the following command :

set system services ssh sftp-server

And commit the changes.

Security tip : Make sure to protect the routing-engine and services with proper filter/ACL.