Server refused our key
Hi, I'm getting this message when trying to get RSA authentication going between a WinSCP (6.1.2) and a Linux (Centos 8) system running SFTP (OpenSSH 8)
The Linux system has a number of other SFTP users that are probably working fine. We're not hearing of any problems.
I've read through lots of help articles and posts on your very well organised and presented forum, but unfortunately the penny hasn't dropped yet as to the problem.
I used PuTTYgen to create a public/private RSA key pair, 4096 bits. I've copied the one-liner public key into the
Any help would be much appreciated.
Here's a copy of the log:
Thanks
The Linux system has a number of other SFTP users that are probably working fine. We're not hearing of any problems.
I've read through lots of help articles and posts on your very well organised and presented forum, but unfortunately the penny hasn't dropped yet as to the problem.
I used PuTTYgen to create a public/private RSA key pair, 4096 bits. I've copied the one-liner public key into the
authorized_keys file for my test user on the Linux box, set the ownership and permissions etc, and this looks good as far as I can see. I've added the private key into the Session > Advanced settings > SSH > Authentication under the site. I can display the public key and that looks fine.
Any help would be much appreciated.
Here's a copy of the log:
. 2024-02-28 15:07:08.868 --------------------------------------------------------------------------
. 2024-02-28 15:07:08.869 WinSCP Version 6.1.2 (Build 13797 2023-09-19) (OS 10.0.22631 – Windows 10 Enterprise)
. 2024-02-28 15:07:08.869 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2024-02-28 15:07:08.870 Log level: Normal
. 2024-02-28 15:07:08.870 Local account: AzureAD\<WindowsUserID>
. 2024-02-28 15:07:08.870 Working directory: C:\Program Files (x86)\WinSCP
. 2024-02-28 15:07:08.870 Process ID: 13808
. 2024-02-28 15:07:08.870 Ancestor processes: explorer, ...
. 2024-02-28 15:07:08.871 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe"
. 2024-02-28 15:07:08.871 Time zone: Current: GMT+13, Standard: GMT+12 (New Zealand Standard Time), DST: GMT+13 (New Zealand Daylight Time), DST Start: 29/09/2024, DST End: 7/04/2024
. 2024-02-28 15:07:08.871 Login time: Wednesday, 28 February 2024 3:07:08 pm
. 2024-02-28 15:07:08.871 --------------------------------------------------------------------------
. 2024-02-28 15:07:08.871 Session name: FS SFTP (Modified site)
. 2024-02-28 15:07:08.871 Host name: <ip address> (Port: <port no.>)
. 2024-02-28 15:07:08.872 User name: <sftp username> (Password: No, Key file: Yes, Passphrase: No)
. 2024-02-28 15:07:08.872 Tunnel: No
. 2024-02-28 15:07:08.872 Transfer Protocol: SFTP (SCP)
. 2024-02-28 15:07:08.872 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2024-02-28 15:07:08.872 Disable Nagle: No
. 2024-02-28 15:07:08.872 Proxy: None
. 2024-02-28 15:07:08.872 Send buffer: 262144
. 2024-02-28 15:07:08.872 Compression: No
. 2024-02-28 15:07:08.872 Bypass authentication: No
. 2024-02-28 15:07:08.872 Try agent: Yes; Agent forwarding: No; KI: Yes; GSSAPI: Yes
. 2024-02-28 15:07:08.872 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom:
. 2024-02-28 15:07:08.872 Ciphers: aes,chacha20,aesgcm,3des,WARN,des,blowfish,arcfour; Ssh2DES: No
. 2024-02-28 15:07:08.872 KEX: ntru-curve25519,ecdh,dh-gex-sha1,dh-group18-sha512,dh-group17-sha512,dh-group16-sha512,dh-group15-sha512,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2024-02-28 15:07:08.872 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2024-02-28 15:07:08.872 Simple channel: Yes
. 2024-02-28 15:07:08.872 Return code variable: Autodetect; Lookup user groups: Auto
. 2024-02-28 15:07:08.872 Shell: default
. 2024-02-28 15:07:08.872 EOL: LF, UTF: Auto
. 2024-02-28 15:07:08.872 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2024-02-28 15:07:08.872 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2024-02-28 15:07:08.872 SFTP Bugs: Auto,Auto
. 2024-02-28 15:07:08.872 SFTP Server: default
. 2024-02-28 15:07:08.872 Local directory: C:\Users\<WindowsUserID>\OneDrive - <organisation name>\Documents\Test, Remote directory: /NZ/<foldername>, Update: Yes, Cache: Yes
. 2024-02-28 15:07:08.872 Cache directory changes: Yes, Permanent: Yes
. 2024-02-28 15:07:08.872 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2024-02-28 15:07:08.872 DST mode: Unix
. 2024-02-28 15:07:08.872 --------------------------------------------------------------------------
. 2024-02-28 15:07:08.952 Looking up host "<Linux sftp server IP>" for SSH connection
. 2024-02-28 15:07:08.952 Connecting to <Linux sftp server IP> port <port no.>
. 2024-02-28 15:07:08.977 Connected to <Linux sftp server IP>
. 2024-02-28 15:07:09.021 We claim version: SSH-2.0-WinSCP_release_6.1.2
. 2024-02-28 15:07:09.021 Connected to <Linux sftp server IP>
. 2024-02-28 15:07:09.022 Remote version: SSH-2.0-OpenSSH_8.0
. 2024-02-28 15:07:09.022 Using SSH protocol version 2
. 2024-02-28 15:07:09.024 Have a known host key of type ssh-ed25519
. 2024-02-28 15:07:09.049 Doing ECDH key exchange with curve Curve25519, using hash SHA-256
. 2024-02-28 15:07:09.120 Server also has ecdsa-sha2-nistp256/rsa-sha2-512/rsa-sha2-256/ssh-rsa host keys, but we don't know any of them
. 2024-02-28 15:07:09.120 Host key fingerprint is:
. 2024-02-28 15:07:09.120 ssh-ed25519 255 SHA256:Jf/1306NlQTGrj0Zrf84c0/hJeCpARRbg24N6DjZH+c
. 2024-02-28 15:07:09.148 Host key matches cached key
. 2024-02-28 15:07:09.149 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2024-02-28 15:07:09.149 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2024-02-28 15:07:09.149 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2024-02-28 15:07:09.149 Initialised HMAC-SHA-256 inbound MAC algorithm
. 2024-02-28 15:07:09.180 Reading key file "C:\Users\<WindowsUserID>\OneDrive - <organisation>\Documents\TestKeyLocal.ppk"
! 2024-02-28 15:07:09.184 Using username "ftruat".
. 2024-02-28 15:07:10.871 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2024-02-28 15:07:10.871 Offered public key
! 2024-02-28 15:07:10.903 Server refused our key
. 2024-02-28 15:07:10.925 Server refused our key
. 2024-02-28 15:07:10.925 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2024-02-28 15:07:10.925 Using SSPI from SECUR32.DLL
. 2024-02-28 15:07:10.925 Trying gssapi-with-mic...
. 2024-02-28 15:07:10.925 Attempting GSSAPI authentication
. 2024-02-28 15:07:11.154 GSSAPI authentication request refused
. 2024-02-28 15:07:11.154 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2024-02-28 15:07:11.154 Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2024-02-28 15:07:11.154 Prompting user for the credentials.
. 2024-02-28 15:07:13.243 Attempt to close connection due to fatal exception:
. 2024-02-28 15:07:13.243 Closing connection.
* 2024-02-28 15:07:13.280 (ESshFatal) 