Topic "server refuse sftp connection"

Author Message
ladywho

Guest


Hi,
I install Open SSH on Windows Server and have Winscp on my laptop I can easily connect to server using username and password. There is no problem with sending files to server but when I want to use private key instead of password I have that error. Could you help me ? Thanks

. 2016-11-07 12:09:38.249 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.249 WinSCP Version 5.9.2 (Build 6958) (OS 6.1.7601 Service Pack 1 - Windows 7 Professional)
. 2016-11-07 12:09:38.249 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2016-11-07 12:09:38.250 Log level: Normal
. 2016-11-07 12:09:38.250 Local account: HP0222\User
. 2016-11-07 12:09:38.250 Working directory: C:\Program Files\WinSCP
. 2016-11-07 12:09:38.250 Process ID: 3940
. 2016-11-07 12:09:38.250 Command-line: "C:\Program Files\WinSCP\WinSCP.exe"
. 2016-11-07 12:09:38.251 Time zone: Current: GMT+0, Standard: GMT+0 (GMT Standard Time), DST: GMT+1 (GMT Daylight Time), DST Start: 27/03/2016, DST End: 30/10/2016
. 2016-11-07 12:09:38.251 Login time: 07 November 2016 12:09:38
. 2016-11-07 12:09:38.251 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.251 Session name: test2 (Site)
. 2016-11-07 12:09:38.251 Host name: ec2-54-171-16-112.eu-west-1.compute.amazonaws.com (Port: 22)
. 2016-11-07 12:09:38.251 User name: sftpuser01 (Password: No, Key file: Yes)
. 2016-11-07 12:09:38.251 Tunnel: No
. 2016-11-07 12:09:38.251 Transfer Protocol: SFTP (SCP)
. 2016-11-07 12:09:38.251 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2016-11-07 12:09:38.251 Disable Nagle: No
. 2016-11-07 12:09:38.251 Proxy: None
. 2016-11-07 12:09:38.251 Send buffer: 262144
. 2016-11-07 12:09:38.251 SSH protocol version: 2; Compression: No
. 2016-11-07 12:09:38.251 Bypass authentication: No
. 2016-11-07 12:09:38.251 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2016-11-07 12:09:38.251 GSSAPI: Forwarding: No
. 2016-11-07 12:09:38.251 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2016-11-07 12:09:38.251 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2016-11-07 12:09:38.251 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2016-11-07 12:09:38.251 Simple channel: Yes
. 2016-11-07 12:09:38.251 Return code variable: Autodetect; Lookup user groups: Auto
. 2016-11-07 12:09:38.252 Shell: default
. 2016-11-07 12:09:38.252 EOL: LF, UTF: Auto
. 2016-11-07 12:09:38.252 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2016-11-07 12:09:38.252 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2016-11-07 12:09:38.252 SFTP Bugs: Auto,Auto
. 2016-11-07 12:09:38.252 SFTP Server: default
. 2016-11-07 12:09:38.252 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2016-11-07 12:09:38.252 Cache directory changes: Yes, Permanent: Yes
. 2016-11-07 12:09:38.252 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2016-11-07 12:09:38.252 DST mode: Unix
. 2016-11-07 12:09:38.252 --------------------------------------------------------------------------
. 2016-11-07 12:09:38.805 Looking up host "ec2-54-171-16-112.eu-west-1.compute.amazonaws.com" for SSH connection
. 2016-11-07 12:09:38.813 Connecting to 54.171.16.112 port 22
. 2016-11-07 12:09:38.817 We claim version: SSH-2.0-WinSCP_release_5.9.2
. 2016-11-07 12:09:38.859 Server version: SSH-2.0-OpenSSH_7.3
. 2016-11-07 12:09:38.859 We believe remote version has SSH-2 channel request bug
. 2016-11-07 12:09:38.859 Using SSH protocol version 2
. 2016-11-07 12:09:38.859 Have a known host key of type ssh-ed25519
. 2016-11-07 12:09:38.863 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2016-11-07 12:09:40.054 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
. 2016-11-07 12:09:40.057 Host key fingerprint is:
. 2016-11-07 12:09:40.057 ssh-ed25519 256 5d:cd:05:0a:80:b0:ee:84:7a:66:78:fc:fa:53:0b:d4
. 2016-11-07 12:09:40.057 Verifying host key ssh-ed25519 0x17f6d8a7b1c6fede fe69bbbf0e950a19 f6ae2c01f7bd1fd8 e9cd88c528eaae67 ,0x7485158ed60aeae7 083b670b1d70e32c e8f5ee91a997af12 b33cf56e61bb9a13 with fingerprint ssh-ed25519 256 5d:cd:05:0a:80:b0:ee:84:7a:66:78:fc:fa:53:0b:d4
. 2016-11-07 12:09:40.079 Host key matches cached key
. 2016-11-07 12:09:40.079 Initialised AES-256 SDCTR client->server encryption
. 2016-11-07 12:09:40.079 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2016-11-07 12:09:40.079 Initialised AES-256 SDCTR server->client encryption
. 2016-11-07 12:09:40.079 Initialised HMAC-SHA-256 server->client MAC algorithm
. 2016-11-07 12:09:40.141 Reading key file "C:\Users\User\Desktop\keys\private1.ppk"
. 2016-11-07 12:09:40.142 Pageant is running. Requesting keys.
. 2016-11-07 12:09:40.142 Pageant has 1 SSH-2 keys
. 2016-11-07 12:09:40.142 Configured key file not in Pageant
! 2016-11-07 12:09:40.142 Using username "sftpuser01".
. 2016-11-07 12:09:40.187 Server offered these authentication methods: publickey,password,keyboard-interactive
. 2016-11-07 12:09:40.187 Offered public key
. 2016-11-07 12:09:40.206 Server unexpectedly closed network connection
. 2016-11-07 12:09:40.207 Knocking FTP port.
. 2016-11-07 12:09:41.218 FTP port opened, will suggest using FTP protocol.
* 2016-11-07 12:09:41.236 (EFatal) Server unexpectedly closed network connection.
* 2016-11-07 12:09:41.236 Authentication log (see session log for details):
* 2016-11-07 12:09:41.236 Using username "sftpuser01".
* 2016-11-07 12:09:41.236
* 2016-11-07 12:09:41.236 Authentication failed.
* 2016-11-07 12:09:41.236 The server rejected SFTP connection, but it listens for FTP connections.
* 2016-11-07 12:09:41.236
* 2016-11-07 12:09:41.236 Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
Advertisements
Pathduck
[View user's profile]
Donor
Joined: 2012-05-29
Posts: 76
Location: Oslo
Hi,
are you trying to use the private1.ppk defined in the connection or Pageant for authentication?

Make sure you have the correct key loaded in Pageant.

Also you could try connecting with just Putty first. It should exclude any problem with WinSCP connection properties if it does not work with Putty, then it's a problem of OpenSSH server.
Ladywho

Guest


Hi,
I am not really experienced in that When I am not using Pageant. I have the same problem.
I 'm using private1.ppk for verification. I copied public key to .ssh/authorized_key. There is no
problem with connection to server when I am using username and password.I have no idea whats is wrong?
Pathduck
[View user's profile]
Donor
Joined: 2012-05-29
Posts: 76
Location: Oslo
OK so I assume you are not specifying the private key to use in WinSCP connection settings (Advanced > Authentication), but you have the key loaded in Pageant.

The server-side settings for the .ssh directory are quite strict for security reasons. Make sure the $HOME/.ssh directory and the files are ONLY readable/writeable by your user. If not do:
chmod -R go-rxw $HOME/.ssh

You are running Windows on the server-side (?), it complicated things. You really need to read the documentation of the OpenSSH daemon how authentication works and what file permissions need to be set on the .ssh directory, I have no clue for Windows Smile
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26331
Location: Prague, Czechia
Can you use the private key with any other SSH/SFTP client?

Did you call the install-sshlsa.ps1?
See https://winscp.net/eng/docs/guide_windows_openssh_server

The permissions do not matter on MS build of OpenSSH.
Guest




Hi,
It's probably stupid question but do I need to call that ? I had install cygwin64, port 22 is open . WinScp I can connect to server using Username and Password problem occure when I want to use private key instead of password. I watched few tutorials Rolling Eyes so I generated private and public keys using PuTTYgen. I copyied public one to home/user_name/.ssh/ authorized_key and I thought that will work Sad
L
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26331
Location: Prague, Czechia
I believe the guide says it pretty clear:

Quote:
To allow a public key authentication, as an Administrator, from C:\openssh, run:
powershell.exe -ExecutionPolicy Bypass -File install-sshlsa.ps1
and restart the machine
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License