Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

VirtualSA

Cannot successfully connect to site

Ok, fixed the protocol issue and still was having connectivity issues. Turns out that the vendor we were try to connect to gave us the wrong User ID to authenticate with! This issue is fixed now. Thanks for the help!
martin

Re: Cannot successfully connect to site

First you are connecting with SFTP. That's not "FTP with TLS/SSL". That's completely different protocol. So maybe that's the reason.

If you really need to connect with SFTP, note the error in the log:
Too many bad authentication attempts.
No point trying again. You have to contact your server administrator to reset your account. Or wait a while, if the lock resets automatically.
VirtualSA

Cannot successfully connect to site

I'm trying to connect to an FTP site that uses the Protocol Type 'FTP with TLS/SSL (AUTH TLS - Explicit'. WinSCP appears to progress past the key exchange successfully, then fails at the "Using keyboard-interactive authentication" stage, even though I know that password and even had the vendor reset it again for me. I've included the logs below:

----- START OF LOGS -----

. 2017-03-29 17:41:02.287 --------------------------------------------------------------------------
. 2017-03-29 17:41:02.287 WinSCP Version 5.9.4 (Build 7333) (OS 6.1.7601 Service Pack 1 - Windows Server 2008 R2 Standard)
. 2017-03-29 17:41:02.288 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2017-03-29 17:41:02.288 Log level: Normal, Logging passwords
. 2017-03-29 17:41:02.288 Local account: XXXXXXXX\XXXXXXXXAdminxxxx
. 2017-03-29 17:41:02.288 Working directory: C:\Program Files (x86)\WinSCP
. 2017-03-29 17:41:02.288 Process ID: 9872
. 2017-03-29 17:41:02.288 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe"
. 2017-03-29 17:41:02.288 Time zone: Current: GMT-5, Standard: GMT-6 (Central Standard Time), DST: GMT-5 (Central Daylight Time), DST Start: 3/12/2017, DST End: 11/5/2017
. 2017-03-29 17:41:02.288 Login time: Wednesday, March 29, 2017 5:41:02 PM
. 2017-03-29 17:41:02.288 --------------------------------------------------------------------------
. 2017-03-29 17:41:02.288 Session name: CannotTellYou@securesite.example.com (Modified site)
. 2017-03-29 17:41:02.288 Host name: securesite.example.com (Port: 22)
. 2017-03-29 17:41:02.288 User name: CannotTellYou(Password: MyPasswordHere, Key file: J:\_path_name\PGP\private_key_to_use.ppk, Passphrase: No)
. 2017-03-29 17:41:02.288 Tunnel: No
. 2017-03-29 17:41:02.288 Transfer Protocol: SFTP (SCP)
. 2017-03-29 17:41:02.288 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2017-03-29 17:41:02.288 Disable Nagle: No
. 2017-03-29 17:41:02.288 Proxy: None
. 2017-03-29 17:41:02.288 Send buffer: 262144
. 2017-03-29 17:41:02.288 SSH protocol version: 2; Compression: Yes
. 2017-03-29 17:41:02.288 Bypass authentication: No
. 2017-03-29 17:41:02.288 Try agent: Yes; Agent forwarding: Yes; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. 2017-03-29 17:41:02.289 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: Yes
. 2017-03-29 17:41:02.289 KEX: rsa,ecdh,dh-gex-sha1,dh-group14-sha1,WARN,dh-group1-sha1
. 2017-03-29 17:41:02.289 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2017-03-29 17:41:02.289 Simple channel: Yes
. 2017-03-29 17:41:02.289 Return code variable: Autodetect; Lookup user groups: Auto
. 2017-03-29 17:41:02.289 Shell: default
. 2017-03-29 17:41:02.289 EOL: LF, UTF: Auto
. 2017-03-29 17:41:02.289 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2017-03-29 17:41:02.289 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2017-03-29 17:41:02.289 SFTP Bugs: Auto,Auto
. 2017-03-29 17:41:02.289 SFTP Server: default
. 2017-03-29 17:41:02.289 Local directory: C:\TEMP, Remote directory: home, Update: Yes, Cache: Yes
. 2017-03-29 17:41:02.289 Cache directory changes: Yes, Permanent: Yes
. 2017-03-29 17:41:02.289 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2017-03-29 17:41:02.289 DST mode: Unix
. 2017-03-29 17:41:02.289 --------------------------------------------------------------------------
. 2017-03-29 17:41:02.346 Looking up host "CannotTellYou@securesite.example.com" for SSH connection
. 2017-03-29 17:41:02.347 Connecting to xxx.xxx.xxx.xxx port 22
. 2017-03-29 17:41:02.352 We claim version: SSH-2.0-WinSCP_release_5.9.4
. 2017-03-29 17:41:02.399 Server version: SSH-2.0-SSHD
. 2017-03-29 17:41:02.399 We believe remote version has SSH-2 channel request bug
. 2017-03-29 17:41:02.399 Using SSH protocol version 2
. 2017-03-29 17:41:02.399 Have a known host key of type rsa2
. 2017-03-29 17:41:02.399 Doing Diffie-Hellman group exchange
. 2017-03-29 17:41:02.468 Doing Diffie-Hellman key exchange with hash SHA-256
. 2017-03-29 17:41:02.865 Host key fingerprint is:
. 2017-03-29 17:41:02.865 ssh-rsa 4096 1x:xx:9x:xd:39:1x:x1:10:x9:91:x3:62:85:5x:1x:xx
. 2017-03-29 17:41:02.865 Verifying host key rsa2 0x10001,0x86296f249f4fa5c8 6ba10fed829e487e xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx
.
.
.
.
.
.
xxxxxxxxxxxxxxx xxxxxxxxxxxxxxxx with fingerprint ssh-rsa 4096
1x:xx:9x:xd:39:1x:x1:10:x9:91:x3:62:85:5x:1x:xx
. 2017-03-29 17:41:02.871 Host key matches cached key
. 2017-03-29 17:41:02.871 Initialised AES-256 SDCTR client->server encryption
. 2017-03-29 17:41:02.871 Initialised HMAC-SHA1 client->server MAC algorithm
. 2017-03-29 17:41:02.871 Initialised zlib (RFC1950) compression
. 2017-03-29 17:41:02.871 Initialised AES-256 SDCTR server->client encryption
. 2017-03-29 17:41:02.871 Initialised HMAC-SHA1 server->client MAC algorithm
. 2017-03-29 17:41:02.871 Initialised zlib (RFC1950) decompression
. 2017-03-29 17:41:02.881 Reading key file "J:\_path_name\PGP\private_key_to_use.ppk"
. 2017-03-29 17:41:02.883 Pageant is running. Requesting keys.
. 2017-03-29 17:41:02.883 Pageant has 1 SSH-2 keys
. 2017-03-29 17:41:02.883 Pageant key #0 matches configured key file
! 2017-03-29 17:41:02.883 Using username "CannotTellYou".
. 2017-03-29 17:41:02.929 Server offered these authentication methods: password,keyboard-interactive
. 2017-03-29 17:41:02.930 Attempting keyboard-interactive authentication
. 2017-03-29 17:41:02.934 Prompt (keyboard interactive, "SSH server: Password Authentication", "Using keyboard-interactive authentication.", "Password: ")
. 2017-03-29 17:41:02.934 Using stored password.
. 2017-03-29 17:41:02.995 Keyboard-interactive authentication failed
! 2017-03-29 17:41:02.995 Access denied
. 2017-03-29 17:41:03.032 Server offered these authentication methods: password,keyboard-interactive
. 2017-03-29 17:41:03.032 Attempting keyboard-interactive authentication
. 2017-03-29 17:41:03.037 Prompt (keyboard interactive, "SSH server: Password Authentication", "Using keyboard-interactive authentication.", "Password: ")
. 2017-03-29 17:41:14.369 Response: "Xxxxxx1!"
. 2017-03-29 17:41:14.387 Keyboard-interactive authentication failed
! 2017-03-29 17:41:14.387 Access denied
. 2017-03-29 17:41:14.423 Server offered these authentication methods: password,keyboard-interactive
. 2017-03-29 17:41:14.423 Attempting keyboard-interactive authentication
. 2017-03-29 17:41:14.428 Prompt (keyboard interactive, "SSH server: Password Authentication", "Using keyboard-interactive authentication.", "Password: ")
. 2017-03-29 17:41:19.923 Response: "xxxxxx1!"
. 2017-03-29 17:41:19.938 Received disconnect message (by application)
. 2017-03-29 17:41:19.938 Disconnection message text: Too many bad authentication attempts!
. 2017-03-29 17:41:19.939 Server sent disconnect message
. 2017-03-29 17:41:19.939 type 11 (by application):
. 2017-03-29 17:41:19.939 "Too many bad authentication attempts!"
* 2017-03-29 17:41:19.978 (EFatal) Server sent disconnect message
* 2017-03-29 17:41:19.978 type 11 (by application):
* 2017-03-29 17:41:19.978 "Too many bad authentication attempts!"
* 2017-03-29 17:41:19.978 Authentication log (see session log for details):
* 2017-03-29 17:41:19.978 Using username "CannotTellYou".
* 2017-03-29 17:41:19.978 Access denied.
* 2017-03-29 17:41:19.978 Access denied.
* 2017-03-29 17:41:19.978
* 2017-03-29 17:41:19.978 Authentication failed.

----- END OF LOGS -----


Can anyone suggest anything to try differently? I have run out of ideas, and of course the vendor says everything is setup fine on their end. THANKS!