About pypad_urlwrite.py and SFTP

[nderambure]

Hello !

I'm helping a friend who's running Rivendell 3.6.7 on Cent OS 7 for Radio Campus Orleans. I'm the developer of the website and I manage the server where the website is running.

We use the pypad_urlwrite.py script, configured to write a file on my web server using SFTP like this (I've changed the SSH port here) : Url=sftp://orleans.radiocampus.org:33333/home/campus/www/current_title/en_cours.txt

It worked seamlessly while my web server was on Debian 11.

Then, a few days ago, I've moved the website and the home directory on a new server on Deian 12, with obviously another IP. The path /home/campus/www/current_title/ is exactly the same, the SFTP login and password too.

But after the DNS change has been spread for the domain orleans.radiocampus.org to point the Debian 12 server, the script stopped working, the file is not written anymore.

So, I checked this command to see the ssh connections from the Rivendell server IP (XX.XX.XX.XX) :

journalctl -u ssh.service | grep XX.XX.XX.XX

And I see this each time the py script tries to connect :

Feb 14 23:37:45 lmbox sshd[155755]: Unable to negotiate with XX.XX.XX.XX port 58778: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]

Weird, I'm sure Rivendell does not use obsolete ssh-dss...

So, I tried from the terminal directly on Rivendell computer to connect to SSH and to SFTP to my webserver. Both ask for accepting the new ssh key signature, and then connect without problem. Asking for acceptance of the SSH signature seems to tell that the Python script does not uses SSH or SFTP from CentOS, otherwise there would be no question am I right ?

Besides, the script has the green dot in the RD config window, like there is no problem. There is also no error logs in the window.

So I've looked for executing the python script manually but it asks params, the one given in the txt file in RD config window, and I don't know how to pass the config file to the script. Maybe from there I'll see an error.

We've also reboot revendell, without success.

Well, I'm a bit lost... Is there any "known_hosts" file tha the python script uses or is there an ssh config problem ? Also, is there any logs of the pypad scripts ?

Much thx for some help

[jmpalmito]

Hi ! Here in Amiens (Salut Copain !) We have the same issue with pypad and sftp. I can connect to the server with ssh, but can't write in the distant file with pypad. (RD 4.1.0 ubuntu 22.04)

[nderambure]

@jmpalmito : hello depuis la vallée de la Loire ;)

So now we know that this is a real problem, still poking around with last version of Rivendell. And we are not alone, this is a huge step for our mind balance :)

[ElvishArtisan]

This is an issue with the libssh2 library used on CentOS 7, which is used by the 'pypad_urlwrite' plug-in. For whatever reason, the upstream provider (RedHat) has opted not to keep this package up-to-date with regard to current best practice, and providers have begun to sunset support for for the various deprecated crypto algorithms, meaning that a mutually compatible session cannot be negotiated between the plug-in and the server.

Seeing as CentOS 7 itself hits end-of-life in less than ninety days, I'd recommend moving to a more modern distro.

[nderambure]

Thx for this explaination @ElvishArtisan ! Shame to RedHat...