Failed to create file system for "remote:": NewFs: couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

[spekulatius]

Hey,

I think I've found a bug with rclone using SFTP:

What is the problem you are having with rclone?

I've set up an account with a backup provider. The provider offers SSH/SFTP uploads. I've configured the SSH key and can connect with ssh user@host and sftp user@host.

The same with rclone doesn't work:

Failed to create file system for "remote:": NewFs: couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

I've tried without key_file and with my key_file as an absolute path - both fail.

What is your rclone version (output from rclone version)

rclone v1.53.1
- os/arch: linux/amd64
- go version: go1.15

Which OS you are using and how many bits (eg Windows 7, 64 bit)

Elementary 5 (based on Ubuntu 18.04)

Which cloud storage system are you using? (eg Google Drive)

SFTP

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone lsd remote:

As to expect, other commands such as copy lead to the same issue.

A log from the command with the -vv flag (eg output from rclone -vv copy /tmp remote:tmp)

2020/10/24 01:12:00 DEBUG : rclone: Version "v1.53.1" starting with parameters ["rclone" "lsd" "remote:" "-vv"]
2020/10/24 01:12:00 DEBUG : Using config file from "/home/user/.config/rclone/rclone.conf"
2020/10/24 01:12:00 DEBUG : Creating backend with remote "remote:"
2020/10/24 01:12:00 DEBUG : pacer: low level retry 1/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:00 DEBUG : pacer: Rate limited, increasing sleep to 200ms
2020/10/24 01:12:01 DEBUG : pacer: low level retry 2/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:01 DEBUG : pacer: Rate limited, increasing sleep to 400ms
2020/10/24 01:12:01 DEBUG : pacer: low level retry 3/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:01 DEBUG : pacer: Rate limited, increasing sleep to 800ms
2020/10/24 01:12:02 DEBUG : pacer: low level retry 4/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:02 DEBUG : pacer: Rate limited, increasing sleep to 1.6s
2020/10/24 01:12:03 DEBUG : pacer: low level retry 5/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:03 DEBUG : pacer: Rate limited, increasing sleep to 2s
2020/10/24 01:12:04 DEBUG : pacer: low level retry 6/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:06 DEBUG : pacer: low level retry 7/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:08 DEBUG : pacer: low level retry 8/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:10 DEBUG : pacer: low level retry 9/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:12 DEBUG : pacer: low level retry 10/10 (error couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain)
2020/10/24 01:12:12 Failed to create file system for "remote:": NewFs: couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Please let me know if you need any more information.

[darthShadow]

Can you specify the config file too? And add the debug logs (via -vvv) from a working SSH connect?

[spekulatius]

Hey @darthShadow,

while preparing the outputs I've stumbled upon the issue. The service uses a non-standard port and missed that in my config. Sorry! Thanks for replying and indirectly helping to resolve the issue!

Cheers, Peter

[dimitarvp]

Sorry if that's a necro -- not sure if I should make a new issue. I have the same problem, the SSH config has been double-checked, including issuing the command I imagine rclone would issue, and that one works. Port is standard 22, tried with the "include insecure ciphers" option as well, still can't connect.

This happened abruptly yesterday or the day before, and I can't seem to isolate the reason. My Linux server has been upgraded as well recently but since normal SSH succeeds just fine I don't think this is its fault.

rclone is at 1.56.2 currently.

Any pointers?

Output of a successful `ssh -vvv` command

```plain OpenSSH_8.1p1, LibreSSL 2.7.3 debug1: Reading configuration data /Users/dimi/.ssh/config debug1: /Users/dimi/.ssh/config line 36: Applying options for s1 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 47: Applying options for * debug1: Connecting to s1 port 22. debug1: Connection established. debug1: identity file /Users/dimi/.ssh/dimi_s1 type 0 debug1: identity file /Users/dimi/.ssh/dimi_s1-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug3: fd 5 is O_NONBLOCK debug1: Authenticating to s1:22 as 'dimi' debug3: hostkeys_foreach: reading file "/Users/dimi/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /Users/dimi/.ssh/known_hosts:38 debug3: load_hostkeys: loaded 1 keys from s1 debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com debug2: compression stoc: none,zlib@openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:UCtdK89QnvWuzgRbegocSYaXXxuNWyp/QQzSqtpwo8I debug3: hostkeys_foreach: reading file "/Users/dimi/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /Users/dimi/.ssh/known_hosts:38 debug3: load_hostkeys: loaded 1 keys from s1 debug3: hostkeys_foreach: reading file "/Users/dimi/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /Users/dimi/.ssh/known_hosts:38 debug3: load_hostkeys: loaded 1 keys from 192.168.1.99 debug1: Host 's1' is known and matches the ECDSA host key. debug1: Found key in /Users/dimi/.ssh/known_hosts:38 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey in after 134217728 blocks debug1: Will attempt key: /Users/dimi/.ssh/dimi_s1 RSA SHA256:8c16BR3LZb73EDiVjtFrk1d/ln87GwdSzJW6n36yLi4 explicit debug2: pubkey_prepare: done debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs= debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /Users/dimi/.ssh/dimi_s1 RSA SHA256:8c16BR3LZb73EDiVjtFrk1d/ln87GwdSzJW6n36yLi4 explicit debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: /Users/dimi/.ssh/dimi_s1 RSA SHA256:8c16BR3LZb73EDiVjtFrk1d/ln87GwdSzJW6n36yLi4 explicit debug3: sign_and_send_pubkey: RSA SHA256:8c16BR3LZb73EDiVjtFrk1d/ln87GwdSzJW6n36yLi4 debug3: sign_and_send_pubkey: signing using rsa-sha2-512 debug3: send packet: type 50 debug3: receive packet: type 52 debug1: Authentication succeeded (publickey). Authenticated to s1 ([192.168.1.99]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug3: send packet: type 90 debug1: Requesting no-more-sessions@openssh.com debug3: send packet: type 80 debug1: Entering interactive session. debug1: pledge: network debug3: receive packet: type 80 debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug3: receive packet: type 4 debug1: Remote: /home/dimi/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug3: receive packet: type 4 debug1: Remote: /home/dimi/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug3: receive packet: type 91 debug2: channel_input_open_confirmation: channel 0: callback start debug2: fd 5 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x48 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug3: send packet: type 98 debug1: Sending environment. debug3: Ignored env TERM_SESSION_ID debug3: Ignored env SSH_AUTH_SOCK debug1: Sending env LC_TERMINAL_VERSION = 3.4.8 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug3: Ignored env COLORFGBG debug3: Ignored env ITERM_PROFILE debug3: Ignored env XPC_FLAGS debug3: Ignored env PWD debug3: Ignored env SHELL debug3: Ignored env __CFBundleIdentifier debug3: Ignored env SECURITYSESSIONID debug1: Sending env LC_CTYPE = UTF-8 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug3: Ignored env TERM_PROGRAM_VERSION debug3: Ignored env TERM_PROGRAM debug3: Ignored env PATH debug3: Ignored env DISPLAY debug1: Sending env LC_TERMINAL = iTerm2 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug3: Ignored env COLORTERM debug3: Ignored env COMMAND_MODE debug3: Ignored env TERM debug3: Ignored env HOME debug3: Ignored env TMPDIR debug3: Ignored env USER debug3: Ignored env XPC_SERVICE_NAME debug3: Ignored env LOGNAME debug3: Ignored env LaunchInstanceID debug3: Ignored env __CF_USER_TEXT_ENCODING debug3: Ignored env ITERM_SESSION_ID debug3: Ignored env SHLVL debug3: Ignored env OLDPWD debug3: Ignored env P9K_TTY debug3: Ignored env _P9K_TTY debug3: Ignored env ZSH debug3: Ignored env UPDATE_ZSH_DAYS debug3: Ignored env PAGER debug3: Ignored env LESS debug3: Ignored env LSCOLORS debug3: Ignored env ASDF_DIR debug3: Ignored env P9K_SSH debug3: Ignored env LOCALE debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug1: Sending env LC_ALL = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug1: Sending env LC_TIME = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: send packet: type 98 debug3: Ignored env AWS_ACCESS_KEY_ID debug3: Ignored env AWS_SECRET_ACCESS_KEY debug3: Ignored env LDFLAGS debug3: Ignored env KERL_BUILD_DOCS debug3: Ignored env KERL_INSTALL_MANPAGES debug3: Ignored env KERL_INSTALL_HTMLDOCS debug3: Ignored env ERL_AFLAGS debug3: Ignored env FZF_DEFAULT_COMMAND debug3: Ignored env FZF_CTRL_T_COMMAND debug3: Ignored env JENV_SHELL debug3: Ignored env JENV_LOADED debug3: Ignored env RUST_SRC_PATH debug3: Ignored env SCCACHE_DIR debug3: Ignored env RUSTC_WRAPPER debug3: Ignored env YTFZF_PREF debug3: Ignored env PG_SHOW_BIGGEST_TABLES debug3: Ignored env PG_SHOW_DB_SIZE debug3: Ignored env PG_SHOW_DB_SIZE_PRETTY debug3: Ignored env OPAM_SWITCH_PREFIX debug3: Ignored env CAML_LD_LIBRARY_PATH debug3: Ignored env OCAML_TOPLEVEL_PATH debug3: Ignored env PKG_CONFIG_PATH debug3: Ignored env MANPATH debug3: Ignored env BUPSTASH_REPOSITORY debug3: Ignored env BUPSTASH_KEY debug3: Ignored env LOCAL_BACKUP_DIR_KOPIA debug3: Ignored env LOCAL_BACKUP_DIR_BUPSTASH debug3: Ignored env LOCAL_BACKUP_DIR_RESTIC debug3: Ignored env LOCAL_BACKUP_DIR_BORG debug3: Ignored env REMOTE_KOPIA_DIR debug3: Ignored env REMOTE_BUPSTASH_DIR debug3: Ignored env REMOTE_RESTIC_DIR debug3: Ignored env REMOTE_BORG_DIR debug3: Ignored env RCLONE_KOPIA_S1 debug3: Ignored env RCLONE_KOPIA_BOX debug3: Ignored env RCLONE_KOPIA_GDRIVE debug3: Ignored env RCLONE_KOPIA_MEGA debug3: Ignored env RCLONE_KOPIA_YANDEX debug3: Ignored env RCLONE_BUPSTASH_S1 debug3: Ignored env RCLONE_BUPSTASH_BOX debug3: Ignored env RCLONE_BUPSTASH_GDRIVE debug3: Ignored env RCLONE_BUPSTASH_MEGA debug3: Ignored env RCLONE_BUPSTASH_PCLOUD debug3: Ignored env RCLONE_BUPSTASH_YANDEX debug3: Ignored env RCLONE_BORG_S1 debug3: Ignored env RCLONE_BORG_S1_MINI debug3: Ignored env RCLONE_BORG_BOX debug3: Ignored env RCLONE_BORG_GDRIVE debug3: Ignored env RCLONE_BORG_MEGA debug3: Ignored env RCLONE_BORG_YANDEX debug3: Ignored env RESTIC_PASSWORD debug3: Ignored env RESTIC_REPOSITORY debug3: Ignored env BORG_PASSPHRASE debug3: Ignored env BORG_REPO debug3: Ignored env NIX_PATH debug3: Ignored env NIX_PROFILES debug3: Ignored env NIX_SSL_CERT_FILE debug3: Ignored env CPUB debug3: Ignored env CPRI debug3: Ignored env CTOK debug3: Ignored env API_GOERLI debug3: Ignored env API_POLYGON debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug3: send packet: type 98 debug2: channel_input_open_confirmation: channel 0: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug3: receive packet: type 99 debug2: channel_input_status_confirm: type 99 id 0 debug2: PTY allocation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug3: receive packet: type 99 debug2: channel_input_status_confirm: type 99 id 0 debug2: shell request accepted on channel 0 Last login: Mon Oct 11 13:16:05 2021 from 192.168.1.10 ```

[ncw]

@dimitarvp probably best to make a new issue and fill in the details - thanks!