mscdex
commented
4 years ago Can you set debug: console.log and post the results (removing the host IP from the output)?
Also, the 'authentication' event is for server contexts, not clients.
Closed amber-cd closed 4 years ago
mscdex
commented
4 years ago Can you set debug: console.log and post the results (removing the host IP from the output)?
Also, the 'authentication' event is for server contexts, not clients.
amber-cd
commented
4 years ago Ah, makes sense.
Yes, my debug output is:
DEBUG: Local ident: 'SSH-2.0-ssh2js0.4.8'
DEBUG: Client: Trying REDACTED on port 22 ...
DEBUG: Client: Connected
DEBUG: Parser: IN_INIT
DEBUG: Parser: IN_GREETING
DEBUG: Parser: IN_HEADER
DEBUG: Remote ident: 'SSH-2.0-9.99 sshlib'
DEBUG: Outgoing: Writing KEXINIT
DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: pktLen:676,padLen:8,remainLen:672
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXINIT
DEBUG: Comparing KEXINITs ...
DEBUG: (local) KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
DEBUG: (remote) KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
DEBUG: KEX algorithm: diffie-hellman-group-exchange-sha256
DEBUG: (local) Host key formats: ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
DEBUG: (remote) Host key formats: ssh-rsa
DEBUG: Host key format: ssh-rsa
DEBUG: (local) Client->Server ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
DEBUG: (remote) Client->Server ciphers: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
DEBUG: Client->Server Cipher: aes128-ctr
DEBUG: (local) Server->Client ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
DEBUG: (remote) Server->Client ciphers: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
DEBUG: Server->Client Cipher: aes128-ctr
DEBUG: (local) Client->Server HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
DEBUG: (remote) Client->Server HMAC algorithms: hmac-sha2-512,hmac-sha2-256,hmac-sha1
DEBUG: Client->Server HMAC algorithm: hmac-sha2-256
DEBUG: (local) Server->Client HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
DEBUG: (remote) Server->Client HMAC algorithms: hmac-sha2-512,hmac-sha2-256,hmac-sha1
DEBUG: Server->Client HMAC algorithm: hmac-sha2-256
DEBUG: (local) Client->Server compression algorithms: none,zlib@openssh.com,zlib
DEBUG: (remote) Client->Server compression algorithms: zlib,none
DEBUG: Client->Server compression algorithm: none
DEBUG: (local) Server->Client compression algorithms: none,zlib@openssh.com,zlib
DEBUG: (remote) Server->Client compression algorithms: zlib,none
DEBUG: Server->Client compression algorithm: none
DEBUG: Outgoing: Writing KEXDH_GEX_REQUEST
DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: pktLen:276,padLen:8,remainLen:272
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXDH_GEX_GROUP
DEBUG: Outgoing: Writing KEXDH_GEX_INIT
DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: pktLen:828,padLen:10,remainLen:824
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXDH_GEX_REPLY
DEBUG: Checking host key format
DEBUG: Checking signature format
DEBUG: Verifying host fingerprint
DEBUG: Host accepted by default (no verification)
DEBUG: Verifying signature
DEBUG: Outgoing: Writing NEWKEYS
DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: pktLen:12,padLen:10,remainLen:8
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: IN_PACKETDATAAFTER, packet: NEWKEYS
DEBUG: Outgoing: Writing SERVICE_REQUEST (ssh-userauth)
DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: Decrypting
DEBUG: Parser: pktLen:28,padLen:10,remainLen:16
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: Decrypting
DEBUG: Parser: HMAC size:32
DEBUG: Parser: IN_PACKETDATAVERIFY
DEBUG: Parser: Verifying MAC
DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
DEBUG: Parser: IN_PACKETDATAAFTER, packet: SERVICE_ACCEPT
DEBUG: Outgoing: Writing USERAUTH_REQUEST (none)
DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: Decrypting
DEBUG: Parser: pktLen:44,padLen:19,remainLen:32
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: Decrypting
DEBUG: Parser: HMAC size:32
DEBUG: Parser: IN_PACKETDATAVERIFY
DEBUG: Parser: Verifying MAC
DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
DEBUG: Client: none auth failed
DEBUG: Outgoing: Writing USERAUTH_REQUEST (password)
DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: Decrypting
DEBUG: Parser: pktLen:28,padLen:12,remainLen:16
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: Decrypting
DEBUG: Parser: HMAC size:32
DEBUG: Parser: IN_PACKETDATAVERIFY
DEBUG: Parser: Verifying MAC
DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
DEBUG: Client: password auth failed
DEBUG: Outgoing: Writing USERAUTH_REQUEST (keyboard-interactive)
DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
DEBUG: Parser: IN_PACKET
DEBUG: Parser: Decrypting
DEBUG: Parser: pktLen:28,padLen:12,remainLen:16
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: Decrypting
DEBUG: Parser: HMAC size:32
DEBUG: Parser: IN_PACKETDATAVERIFY
DEBUG: Parser: Verifying MAC
DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
DEBUG: Client: keyboard-interactive auth failed
Error event. { Error: All configured authentication methods failed
at doNextAuth (/home/my_user/projects/sftp-testing/node_modules/ssh2/lib/client.js:414:17)
at tryNextAuth (/home/my_user/projects/sftp-testing/node_modules/ssh2/lib/client.js:485:5)
at SSH2Stream.onUSERAUTH_FAILURE (/home/my_user/projects/sftp-testing/node_modules/ssh2/lib/client.js:600:5)
at emitTwo (events.js:106:13)
at SSH2Stream.emit (events.js:191:7)
at parsePacket (/home/my_user/projects/sftp-testing/node_modules/ssh2/node_modules/ssh2-streams/lib/ssh.js:3784:10)
at SSH2Stream._transform (/home/my_user/projects/sftp-testing/node_modules/ssh2/node_modules/ssh2-streams/lib/ssh.js:695:13)
at SSH2Stream.Transform._read (_stream_transform.js:167:10)
at SSH2Stream._read (/home/my_user/projects/sftp-testing/node_modules/ssh2/node_modules/ssh2-streams/lib/ssh.js:253:15)
at SSH2Stream.Transform._write (_stream_transform.js:155:12) level: 'client-authentication' }
DEBUG: Outgoing: Writing DISCONNECT (BY_APPLICATION)
End event
(And then the error log above)Thanks for the quick response!
mscdex
commented
4 years ago As far as I can tell the server is just rejecting everything. Are you able to connect with the OpenSSH client? If so, can you post the output when adding -vvv to the OpenSSH client's command line (removing destination IP, etc.)?
Are you sure that the other clients aren't perhaps automatically using a private key to authenticate?
amber-cd
commented
4 years ago I'd be surprised if they are, as I haven't set anything for this server with a private key. That having been said, no, I actually am not able to access it with ssh... not sure if you still want the logs, but I'll post them to be safe:
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "redacted" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to redacted [redacted] port 22.
debug1: Connection established.
debug1: identity file /home/my_user/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/my_user/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version 9.99 sshlib
debug1: no match: 9.99 sshlib
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to redacted:22 as 'redacted'
debug3: hostkeys_foreach: reading file "/home/my_user/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/my_user/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys from redacted
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa
debug2: ciphers ctos: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
debug2: ciphers stoc: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
debug2: MACs ctos: hmac-sha2-512,hmac-sha2-256,hmac-sha1
debug2: MACs stoc: hmac-sha2-512,hmac-sha2-256,hmac-sha1
debug2: compression ctos: zlib,none
debug2: compression stoc: zlib,none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1034/2048
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:redacted
debug3: hostkeys_foreach: reading file "/home/my_user/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/my_user/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys from redacted
debug3: hostkeys_foreach: reading file "/home/my_user/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/my_user/.ssh/known_hosts:13
debug3: load_hostkeys: loaded 1 keys from redacted
debug1: Host 'redacted' is known and matches the RSA host key.
debug1: Found key in /home/my_user/.ssh/known_hosts:12
debug2: bits set: 1027/2048
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /home/my_user/.ssh/id_rsa (0x559badb9b3f0), agent
debug2: key: /home/my_user/.ssh/id_dsa ((nil))
debug2: key: /home/my_user/.ssh/id_ecdsa ((nil))
debug2: key: /home/my_user/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:redacted /home/my_user/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:redacted
debug3: sign_and_send_pubkey: RSA SHA256:redacted
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
redacted@redacted's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 52
debug1: Authentication succeeded (password).
Authenticated to redacted ([redacted]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug1: Sending environment.
debug3: Ignored env CLUTTER_IM_MODULE
debug3: Ignored env LS_COLORS
debug3: Ignored env LESSCLOSE
debug3: Ignored env XDG_MENU_PREFIX
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env DISPLAY
debug3: Ignored env GNOME_SHELL_SESSION_MODE
debug3: Ignored env COLORTERM
debug3: Ignored env USERNAME
debug3: Ignored env XDG_VTNR
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env MANDATORY_PATH
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env USER
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env QT4_IM_MODULE
debug3: Ignored env TEXTDOMAINDIR
debug3: Ignored env GNOME_TERMINAL_SCREEN
debug3: Ignored env DEFAULTS_PATH
debug3: Ignored env PWD
debug3: Ignored env HOME
debug3: Ignored env TEXTDOMAIN
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env QT_ACCESSIBILITY
debug3: Ignored env XDG_SESSION_TYPE
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env XDG_SESSION_DESKTOP
debug3: Ignored env GJS_DEBUG_OUTPUT
debug3: Ignored env GTK_MODULES
debug3: Ignored env WINDOWPATH
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env VTE_VERSION
debug3: Ignored env QT_IM_MODULE
debug3: Ignored env XMODIFIERS
debug3: Ignored env IM_CONFIG_PHASE
debug3: Ignored env XDG_CURRENT_DESKTOP
debug3: Ignored env GPG_AGENT_INFO
debug3: Ignored env GNOME_TERMINAL_SERVICE
debug3: Ignored env XDG_SEAT
debug3: Ignored env SHLVL
debug3: Ignored env GDMSESSION
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env LOGNAME
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env XAUTHORITY
debug3: Ignored env XDG_CONFIG_DIRS
debug3: Ignored env PATH
debug3: Ignored env GJS_DEBUG_TOPICS
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env LESSOPEN
debug3: Ignored env GTK_IM_MODULE
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 16384 rmax 35840
debug3: receive packet: type 100
debug2: channel_input_status_confirm: type 100 id 0
PTY allocation request failed on channel 0
debug3: receive packet: type 100
debug2: channel_input_status_confirm: type 100 id 0
shell request failed on channel 0Can you post similar debug output from FileZilla (or even lftp I suppose) since that is one place where it is working? That's strange that FileZilla would work but not ssh2 or OpenSSH...
amber-cd
commented
4 years ago I'm pretty sure this is the most verbose FileZilla can get... here's the logs:
Status: Disconnected from server
Trace: CControlSocket::DoClose(66)
Trace: CControlSocket::ResetOperation(66)
Trace: CFileZillaEnginePrivate::ResetOperation(66)
Trace: CControlSocket::DoClose(66)
Trace: CControlSocket::DoClose(66)
Trace: CFileZillaEnginePrivate::ResetOperation(0)
Status: Connecting to redacted...
Trace: CControlSocket::SendNextCommand()
Trace: CSftpConnectOpData::Send() in state 0
Trace: Going to execute /usr/bin/fzsftp
Response: fzSftp started, protocol_version=8
Trace: CSftpConnectOpData::ParseResponse() in state 0
Trace: CControlSocket::SendNextCommand()
Trace: CSftpConnectOpData::Send() in state 3
Command: open "redacted@redacted" 22
Trace: Connecting to redacted port 22
Trace: We claim version: SSH-2.0-FileZilla_3.28.0
Trace: Server version: SSH-2.0-9.99 sshlib
Trace: Using SSH protocol version 2
Trace: Doing Diffie-Hellman group exchange
Trace: Doing Diffie-Hellman key exchange with hash SHA-256
Trace: Host key fingerprint is:
Trace: ssh-rsa redacted
Command: Trust new Hostkey: Once
Trace: Initialised AES-256 SDCTR client->server encryption
Trace: Initialised HMAC-SHA-256 client->server MAC algorithm
Trace: Initialised AES-256 SDCTR server->client encryption
Trace: Initialised HMAC-SHA-256 server->client MAC algorithm
Trace: Pageant is running. Requesting keys.
Trace: Pageant has 1 SSH-2 keys
Trace: Trying Pageant key #0
Trace: Sending Pageant's response
Trace: Server refused public-key signature despite accepting key!
Command: Pass: ************
Trace: Sent password
Trace: Access granted
Trace: Opening session as main channel
Trace: Opened main channel
Trace: Started a shell/command
Status: Connected to redacted
Trace: CSftpConnectOpData::ParseResponse() in state 3
Trace: CControlSocket::ResetOperation(0)
Trace: CSftpConnectOpData::Reset(0) in state 3
Trace: CFileZillaEnginePrivate::ResetOperation(0)
Status: Retrieving directory listing...
Trace: CControlSocket::SendNextCommand()
Trace: CSftpListOpData::Send() in state 0
Trace: CSftpChangeDirOpData::Send() in state 0
Trace: CSftpChangeDirOpData::Send() in state 1
Command: pwd
Response: Current directory is: "/redacted/redacted"
Trace: CSftpChangeDirOpData::ParseResponse() in state 1
Trace: CControlSocket::ResetOperation(0)
Trace: CControlSocket::ParseSubcommandResult(0)
Trace: CSftpListOpData::SubcommandResult() in state 1
Trace: CControlSocket::SendNextCommand()
Trace: CSftpListOpData::Send() in state 2
Trace: CControlSocket::ResetOperation(0)
Status: Directory listing of "/redacted/redacted" successful
Trace: CFileZillaEnginePrivate::ResetOperation(0)Ok I re-read OpenSSH's output and it actually did authenticate successfully, but it just couldn't allocate a pty, which could easily happen for an SFTP-only server. The only thing I can say is that the username and/or password must be wrong in your code since it seems that both OpenSSH and FileZilla are using the same 'password' mechanism you're currently using with ssh2.
amber-cd
commented
4 years ago Huh... that's just odd. I'm positive that the password is correct in the code. I've copied and pasted the same password into the code as into FileZilla, OpenSSH, and even the wrapper for lftp.
mscdex
commented
4 years ago The only technical difference is that FileZilla and OpenSSH are attempting to authenticate with a key first (but it fails), but I don't think that should matter.
mscdex
commented
4 years ago Without detailed logs from the server side, it's hard to say why the server is rejecting the attempt from ssh2 and not from OpenSSH or FileZilla.
amber-cd
commented
4 years ago We've reached out to the client and I'll follow up with log information once we get it. Thanks again so much for all the help!
amber-cd
commented
4 years ago Okay, as an update, we've been able to get in contact with the Client. It seems like they had some type of issue with two-factor authentication and when we generated a private key and connected to their server with it, they were able to add that key and use it to authenticate us. Not sure why only ssh2 seems to have failed in this fashion.
Out of curiosity, though... I see that adding "privateKey" works fine when I use "require('fs').readFileSync('./id_rsa')", but I keep getting "Unsupported key format" if I try to plug the key in as text directly. We'd actually like to provide the key directly as text for complicated, irrelevant reasons... is there a straightforward way to do that? Or will I need to jury-rig something like temporarily writing the text to the local fs in order to connect, then deleting it later?
EDIT: Ah, I was apparently accidentally including some tab characters in there. It looks good now. I'll go ahead and close this issue. Thanks so much again for all your help!
We are consistently getting "Error: All configured authentication methods failed" errors when trying to connect to a client's SFTP server.
Relevant information:
lftp(https://lftp.tech/)tryKeyboard, unfortunately... adding in that flag + listener didn't get me so much as a console logMy code:
My resulting console output:
Does anyone have any idea what else the problem might be?