server refuse sftp connection

Advertisement

ladywho
Guest

server refuse sftp connection

Hi,
I install Open SSH on Windows Server and have Winscp on my laptop I can easily connect to server using username and password. There is no problem with sending files to server but when I want to use private key instead of password I have that error. Could you help me ? Thanks

. 2016-11-07 12:09:38.249 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.249 WinSCP Version 5.9.2 (Build 6958) (OS 6.1.7601 Service Pack 1 - Windows 7 Professional)
. 2016-11-07 12:09:38.249 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2016-11-07 12:09:38.250 Log level: Normal
. 2016-11-07 12:09:38.250 Local account: HP0222\User
. 2016-11-07 12:09:38.250 Working directory: C:\Program Files\WinSCP
. 2016-11-07 12:09:38.250 Process ID: 3940
. 2016-11-07 12:09:38.250 Command-line: "C:\Program Files\WinSCP\WinSCP.exe"
. 2016-11-07 12:09:38.251 Time zone: Current: GMT+0, Standard: GMT+0 (GMT Standard Time), DST: GMT+1 (GMT Daylight Time), DST Start: 27/03/2016, DST End: 30/10/2016
. 2016-11-07 12:09:38.251 Login time: 07 November 2016 12:09:38
. 2016-11-07 12:09:38.251 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.251 Session name: test2 (Site)
. 2016-11-07 12:09:38.251 Host name: ec2-54-171-16-112.eu-west-1.compute.amazonaws.com (Port: 22)
. 2016-11-07 12:09:38.251 User name: sftpuser01 (Password: No, Key file: Yes)
. 2016-11-07 12:09:38.251 Tunnel: No
. 2016-11-07 12:09:38.251 Transfer Protocol: SFTP (SCP)
. 2016-11-07 12:09:38.251 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2016-11-07 12:09:38.251 Disable Nagle: No
. 2016-11-07 12:09:38.251 Proxy: None
. 2016-11-07 12:09:38.251 Send buffer: 262144
. 2016-11-07 12:09:38.251 SSH protocol version: 2; Compression: No
. 2016-11-07 12:09:38.251 Bypass authentication: No
. 2016-11-07 12:09:38.251 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2016-11-07 12:09:38.251 GSSAPI: Forwarding: No
. 2016-11-07 12:09:38.251 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2016-11-07 12:09:38.251 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2016-11-07 12:09:38.251 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2016-11-07 12:09:38.251 Simple channel: Yes
. 2016-11-07 12:09:38.251 Return code variable: Autodetect; Lookup user groups: Auto
. 2016-11-07 12:09:38.252 Shell: default
. 2016-11-07 12:09:38.252 EOL: LF, UTF: Auto
. 2016-11-07 12:09:38.252 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2016-11-07 12:09:38.252 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2016-11-07 12:09:38.252 SFTP Bugs: Auto,Auto
. 2016-11-07 12:09:38.252 SFTP Server: default
. 2016-11-07 12:09:38.252 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2016-11-07 12:09:38.252 Cache directory changes: Yes, Permanent: Yes
. 2016-11-07 12:09:38.252 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2016-11-07 12:09:38.252 DST mode: Unix
. 2016-11-07 12:09:38.252 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.805 Looking up host "ec2-54-171-16-112.eu-west-1.compute.amazonaws.com" for SSH connection
. 2016-11-07 12:09:38.813 Connecting to 54.171.16.112 port 22
. 2016-11-07 12:09:38.817 We claim version: SSH-2.0-WinSCP_release_5.9.2
. 2016-11-07 12:09:38.859 Server version: SSH-2.0-OpenSSH_7.3
. 2016-11-07 12:09:38.859 We believe remote version has SSH-2 channel request bug
. 2016-11-07 12:09:38.859 Using SSH protocol version 2
. 2016-11-07 12:09:38.859 Have a known host key of type ssh-ed25519
. 2016-11-07 12:09:38.863 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2016-11-07 12:09:40.054 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
. 2016-11-07 12:09:40.057 Host key fingerprint is:
. 2016-11-07 12:09:40.057 ssh-ed25519 256 5d:cd:05:0a:80:b0:ee:84:7a:66:78:fc:fa:53:0b:d4
. 2016-11-07 12:09:40.057 Verifying host key ssh-ed25519 0x17f6d8a7b1c6fede fe69bbbf0e950a19 f6ae2c01f7bd1fd8 e9cd88c528eaae67 ,0x7485158ed60aeae7 083b670b1d70e32c e8f5ee91a997af12 b33cf56e61bb9a13 with fingerprint ssh-ed25519 256 5d:cd:05:0a:80:b0:ee:84:7a:66:78:fc:fa:53:0b:d4
. 2016-11-07 12:09:40.079 Host key matches cached key
. 2016-11-07 12:09:40.079 Initialised AES-256 SDCTR client->server encryption
. 2016-11-07 12:09:40.079 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2016-11-07 12:09:40.079 Initialised AES-256 SDCTR server->client encryption
. 2016-11-07 12:09:40.079 Initialised HMAC-SHA-256 server->client MAC algorithm
. 2016-11-07 12:09:40.141 Reading key file "C:\Users\User\Desktop\keys\private1.ppk"
. 2016-11-07 12:09:40.142 Pageant is running. Requesting keys.
. 2016-11-07 12:09:40.142 Pageant has 1 SSH-2 keys
. 2016-11-07 12:09:40.142 Configured key file not in Pageant
! 2016-11-07 12:09:40.142 Using username "sftpuser01".
. 2016-11-07 12:09:40.187 Server offered these authentication methods: publickey,password,keyboard-interactive
. 2016-11-07 12:09:40.187 Offered public key
. 2016-11-07 12:09:40.206 Server unexpectedly closed network connection
. 2016-11-07 12:09:40.207 Knocking FTP port.
. 2016-11-07 12:09:41.218 FTP port opened, will suggest using FTP protocol.
* 2016-11-07 12:09:41.236 (EFatal) Server unexpectedly closed network connection.
* 2016-11-07 12:09:41.236 Authentication log (see session log for details):
* 2016-11-07 12:09:41.236 Using username "sftpuser01".
* 2016-11-07 12:09:41.236
* 2016-11-07 12:09:41.236 Authentication failed.
* 2016-11-07 12:09:41.236 The server rejected SFTP connection, but it listens for FTP connections.
* 2016-11-07 12:09:41.236
* 2016-11-07 12:09:41.236 Did you want to use FTP protocol instead of SFTP? Prefer using encryption.

Reply with quote

Advertisement

Pathduck
Donor
Joined:
Posts:
76
Location:
Oslo

Hi,
are you trying to use the private1.ppk defined in the connection or Pageant for authentication?

Make sure you have the correct key loaded in Pageant.

Also you could try connecting with just Putty first. It should exclude any problem with WinSCP connection properties if it does not work with Putty, then it's a problem of OpenSSH server.

Reply with quote

Ladywho
Guest

Hi,
I am not really experienced in that When I am not using Pageant. I have the same problem.
I 'm using private1.ppk for verification. I copied public key to .ssh/authorized_key. There is no
problem with connection to server when I am using username and password.I have no idea whats is wrong?

Reply with quote

Pathduck
Donor
Joined:
Posts:
76
Location:
Oslo

OK so I assume you are not specifying the private key to use in WinSCP connection settings (Advanced > Authentication), but you have the key loaded in Pageant.

The server-side settings for the .ssh directory are quite strict for security reasons. Make sure the $HOME/.ssh directory and the files are ONLY readable/writeable by your user. If not do:
chmod -R go-rxw $HOME/.ssh

You are running Windows on the server-side (?), it complicated things. You really need to read the documentation of the OpenSSH daemon how authentication works and what file permissions need to be set on the .ssh directory, I have no clue for Windows :)

Reply with quote

Guest

Re: server refuse sftp connection

Hi,
It's probably stupid question but do I need to call that ? I had install cygwin64, port 22 is open . WinScp I can connect to server using Username and Password problem occure when I want to use private key instead of password. I watched few tutorials :roll: so I generated private and public keys using PuTTYgen. I copyied public one to home/user_name/.ssh/ authorized_key and I thought that will work :(
L

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
27,477
Location:
Prague, Czechia

Re: server refuse sftp connection

I believe the guide says it pretty clear:

To allow a public key authentication, as an Administrator, from C:\openssh, run:
powershell.exe -ExecutionPolicy Bypass -File install-sshlsa.ps1
and restart the machine

Reply with quote

Advertisement

You can post new topics in this forum