sftp from Redhat linux to a window machine using public key authorization
I have a client that I need to sftp a nightly production file to from a Redhat linux box. We think that we have established the public key on the receiving machine. When I try to execute the sftp command on my linux box I receive the following output with the -vvv option to the sftp command:
[dp3] [Gloversville] /home/dp3?sftp -vvv -oPort=5522 -oIdentityFile=/home/dp3/.s sh/id_rsa.pub -b /home/bin/b3153.bin pcf17@ftp2.pcfcorp.com Connecting to ftp2.pcfcorp.com... OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug2: ssh_connect: needpriv 0 debug1: Connecting to ftp2.pcfcorp.com [192.43.246.17] port 5522. debug1: Connection established. debug1: identity file /home/dp3/.ssh/id_rsa.pub type -1 debug1: identity file /home/dp3/.ssh/id_rsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp 521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diff ie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 133/256 debug2: bits set: 1004/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 0 for host ftp2.pcfcorp.com debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts2 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 2 for host ftp2.pcfcorp.com Host key verification failed. debug1: Calling cleanup 0x8062c30(0x0) Couldn't read packet: Connection reset by peer could anyone help me with this? It is most appreciated |
What sftp server are you running on Windows? How did you copy the public key over to the Windows machine?
|
The windows machine is controlled by the client. I have no way of knowing how or what they did. I sent them the rsa key that i generated on my Redhat box and a couple days later they informed me that the key had been installed.
|
Quote:
The private key is sent in your ssh/sftp command, you're sending the public key. |
I tried that didn't work. I think I copied the public key into the known_hosts file. Should that be the private key in that file? I have the .ssh directory set up as read only, should that have the execute permission set? Here is the output of latest attempt:
[dp3] [Gloversville] /home/dp3?sftp -vvv -oPort=5522 -oIdentityFile=/home/dp3/.s sh/id_rsa -b /home/bin/b3153.bin pcf17@ftp2.pcfcorp.com Connecting to ftp2.pcfcorp.com... OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug2: ssh_connect: needpriv 0 debug1: Connecting to ftp2.pcfcorp.com [192.43.246.17] port 5522. debug1: Connection established. debug1: identity file /home/dp3/.ssh/id_rsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp 521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diff ie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 133/256 debug2: bits set: 1037/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 0 for host ftp2.pcfcorp.com debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts2 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 2 for host ftp2.pcfcorp.com The authenticity of host 'ftp2.pcfcorp.com (192.43.246.17)' can't be established . RSA key fingerprint is 3d:ae:d6:bb:90:58:5e:b3:5e:7b:a9:7b:52:0a:2a:88. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/dp3/.ssh/known_hosts). debug2: bits set: 1041/2048 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interacti ve debug3: start over, passed a different list publickey,password,keyboard-interact ive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/dp3/.ssh/id_rsa debug3: no such identity: /home/dp3/.ssh/id_rsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: |
Quote:
2) .ssh is a directory, so yes it must have execute permission, and it needs write permission in order to update known_hosts. Run this: "chmod 700 ~/.ssh" |
passwordless ssh keys are really very simple to set up:
1) run "ssh-keygen -t dsa" on computer 1, press enter until you're back at the command prompt 2) copy the newly generated ~/.ssh/id_dsa.pub on computer 1 into computer 2's ~/.ssh/authorized_keys file 3) update the permissions on computer 2, if necessary: "chmod 600 ~/.ssh/authorized_keys; chmod 700 ~/.ssh; chmod 750 ~" 4) ssh/sftp from computer 1 to computer 2 like normal. If you kept your private key in the default location "~/.ssh/id_dsa", then there's no need to specify the key to use on the command line with -i or IdentityFile Since you're not in control of computer 2, you have to hope that they did steps 2b and 3 properly. You just need to worry about 1, 2a, and 4, which are trivially easy. |
Quote:
If at any point in the future, the fingerprint is different from the one stored in the known hosts, then ssh lets you know it has changed. Could be the owner changed the key without letting you know to the connection being actively man-in-middled. It's automatic so yes, leave it alone. |
suicidaleggroll,
That worked, although it is prompting me for a password. I removed the known_hosts and known_hosts2 files from the .ssh directory and they have not repopulated. Here is the result of latest attempt: [dp3] [Gloversville] /home/bin?sftp -vvv -oPort=5522 -oIdentityFile=/home/dp3/.s sh/id_rsa -b /home/bin/b3153.bin pcf17@ftp2.pcfcorp.com Connecting to ftp2.pcfcorp.com... OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug2: ssh_connect: needpriv 0 debug1: Connecting to ftp2.pcfcorp.com [192.43.246.17] port 5522. debug1: Connection established. debug1: identity file /home/dp3/.ssh/id_rsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp 521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diff ie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc ,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 123/256 debug2: bits set: 1032/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 0 for host ftp2.pcfcorp.com debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts2 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug3: check_host_in_hostfile: filename /home/dp3/.ssh/known_hosts debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug2: no key of type 2 for host ftp2.pcfcorp.com The authenticity of host 'ftp2.pcfcorp.com (192.43.246.17)' can't be established . RSA key fingerprint is 3d:ae:d6:bb:90:58:5e:b3:5e:7b:a9:7b:52:0a:2a:88. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/dp3/.ssh/known_hosts). debug2: bits set: 1044/2048 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interacti ve debug3: start over, passed a different list publickey,password,keyboard-interact ive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/dp3/.ssh/id_rsa debug3: no such identity: /home/dp3/.ssh/id_rsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 23 padlen 9 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). debug1: fd 5 setting O_NONBLOCK debug2: fd 6 is O_NONBLOCK debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: ssh_session2_setup: id 0 debug1: Sending subsystem: sftp debug1: channel 0: request subsystem debug2: callback done debug1: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel 0: rcvd adjust 2097152 debug2: Remote version: 3 debug2: Init extension: "posix-rename@openssh.com" debug2: Init extension: "statvfs@openssh.com" debug2: Init extension: "fstatvfs@openssh.com" debug2: Init extension: "hardlink@openssh.com" debug3: Sent message fd 4 T:16 I:1 debug3: SSH_FXP_REALPATH . -> / sftp> cd Incoming debug3: Sent message fd 4 T:16 I:2 debug3: SSH_FXP_REALPATH /Incoming -> /Incoming debug3: Sent message fd 4 T:17 I:3 debug3: Received stat reply T:105 I:3 sftp> lcd /home/ftpcir/co03/uplde sftp> put NHSTS20150604.TXT debug3: Looking up NHSTS20150604.TXT debug3: Sent message SSH2_FXP_OPEN I:4 P:/Incoming/NHSTS20150604.TXT Uploading NHSTS20150604.TXT to /Incoming/NHSTS20150604.TXT debug3: Sent message SSH2_FXP_WRITE I:5 O:0 S:32768 debug3: SSH2_FXP_STATUS 0 debug3: In write loop, ack for 5 32768 bytes at 0 debug3: Sent message SSH2_FXP_WRITE I:6 O:32768 S:32768 debug3: Sent message SSH2_FXP_WRITE I:7 O:65536 S:32768 debug3: Sent message SSH2_FXP_WRITE I:8 O:98304 S:1571 debug3: SSH2_FXP_STATUS 0 debug3: In write loop, ack for 6 32768 bytes at 32768 debug2: channel 0: rcvd adjust 98452 debug3: SSH2_FXP_STATUS 0 debug3: In write loop, ack for 7 32768 bytes at 65536 debug3: SSH2_FXP_STATUS 0 debug3: In write loop, ack for 8 1571 bytes at 98304 debug3: Sent message SSH2_FXP_CLOSE I:5 debug3: SSH2_FXP_STATUS 0 sftp> exit debug1: channel 0: read<=0 rfd 5 len 0 debug1: channel 0: read failed debug1: channel 0: close_read debug1: channel 0: input open -> drain debug1: channel 0: ibuf empty debug1: channel 0: send eof debug1: channel 0: input drain -> closed debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: rcvd eof debug1: channel 0: output open -> drain debug1: channel 0: obuf empty debug1: channel 0: close_write debug1: channel 0: output drain -> closed debug1: channel 0: rcvd close debug3: channel 0: will not send data after close debug1: channel 0: almost dead debug1: channel 0: gc: notify user debug1: channel 0: gc: user detached debug1: channel 0: send close debug1: channel 0: is dead debug1: channel 0: garbage collecting debug1: channel_free: channel 0: client-session, nchannels 1 debug3: channel_free: status: The following connections are open:\015 #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1)\015 debug3: channel_close_fds: channel 0: r -1 w -1 e 7 debug1: fd 0 clearing O_NONBLOCK debug2: fd 1 is not O_NONBLOCK debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 1.0 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 |
1) Please put your output in [code][/code] tags to keep the thread readable.
2) Your ssh output is complaining that it can't add the host to known_hosts, did you change the permissions on ~/.ssh like I suggested? 3) Your ssh output is complaining that you do not have an id_rsa key. Do you? Did you ever run "ssh-keygen"? What is in your .ssh folder? What file did you send to the client? |
suicidaleggroll,
drwx------ 2 root users 4096 Jun 16 14:07 .ssh Contents: [dp3] [Gloversville] /home/dp3/.ssh?ls -la total 24 drwx------ 2 root users 4096 Jun 16 14:07 . drwxrwxrwx 11 dp3 datapro 4096 Jun 16 14:09 .. -rw------- 1 dp3 datapro 226 Jun 9 13:29 authorized_keys -rw-r--r-- 1 root root 107 Jun 16 13:43 config -rw------- 1 dp3 datapro 887 Jun 3 11:11 id_rsa -rw-r--r-- 1 dp3 datapro 226 Jun 3 11:11 id_rsa.pub [dp3] [Gloversville] /home/dp3/.ssh? The file is a fixed length text file with subscriber data in it. You can see the name in the debug NHSTS20150604.TXT. |
Why does dp3's .ssh directory and config file belong to root? That's why your sftp command can't use the known_hosts file or private key, dp3 can't access its own .ssh directory.
I don't care about the file you uploaded through sftp, I'm talking about the key file you sent them to add to their authorized keys file. |
I sent them the id_rsa.pub file
|
When I had .ssh owned by me the ssh would complain about security.
|
Probably because your home directory has 777 permissions.
Does your home directory need to be 777? Before you respond, the answer is "no". There is a better way of doing whatever it is you're trying to do there. Change your home directory back to what it's supposed to be (750), and change the owner of your .ssh and .ssh/config files back to dp3. |
All times are GMT -5. The time now is 05:10 AM. |