Beginner : sftp doesnt work

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Beginner : sftp doesnt work
# 1  
Old 06-22-2018
Beginner : sftp doesnt work

Hello,
I really appreciate any help on this.
Have to connect to external server via sftp. Our server is Linux machine

Linux our.server.com 3.10.0-514.26.2.el7.x86_64 #1 SMP Tue Jul 4 15:04:05
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

I generated the keys, put them in /root/.ssh, sent public one to the customer.

Well something doesn't work. Here is how it looks like
Code:
[root@kestrel tmp]# sftp -vvv user_name@xxxx.yyyyyy.ca
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxxx.yyyyyy.ca [216.220.60.44] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug3: Incorrect RSA1 identifier
debug3: Could not load "/root/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version SilverSHielD
debug1: no match: SilverSHielD
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "xxxx.yyyyyy.ca" from file "/roo
t/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-
sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hel
lman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-n
istp384-cert-v01@openssh.com,ecdsa-s...01@openssh.com,ssh-ed2551
9-cert-v01@openssh.com,ssh-rsa-cert-...01@openssh.com
,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,e
cdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12
8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,ae
s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae
l-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12
8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,ae
s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae
l-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um
ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma
c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens
sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1
28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh
.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um
ac-64-etm@openssh.com,umac-128-etm@o...tm@openssh.com,hma
c-sha2-512-etm@openssh.com,hmac-ripe...tm@openssh.com,hmac-sha1-96-etm@opens
sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1
28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh
.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: blowfish-cbc,twofish256-cbc,twofish192-cbc,twofish128
-cbc,aes256-cbc,aes192-cbc,aes128-cbc,serpent256-cbc,serpent192-cbc,serpent128-c
bc,idea-cbc,cast128-cbc,aes128-ctr,aes192-ctr,aes256-ctr,blowfish-ctr,twofish128
-ctr,twofish192-ctr,twofish256-ctr,serpent128-ctr,serpent192-ctr,serpent256-ctr,
idea-ctr,cast128-ctr
debug2: kex_parse_kexinit: blowfish-cbc,twofish256-cbc,twofish192-cbc,twofish128
-cbc,aes256-cbc,aes192-cbc,aes128-cbc,serpent256-cbc,serpent192-cbc,serpent128-c
bc,idea-cbc,cast128-cbc,aes128-ctr,aes192-ctr,aes256-ctr,blowfish-ctr,twofish128
-ctr,twofish192-ctr,twofish256-ctr,serpent128-ctr,serpent192-ctr,serpent256-ctr,
idea-ctr,cast128-ctr
debug2: kex_parse_kexinit: hmac-sha1,hmac-ripemd160,hmac-ripemd,hmac-ripemd160@o
penssh.com,hmac-sha256@ssh.com,umac-32@openssh.com,umac-64@openssh.com,umac-96@o
penssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-ripemd160,hmac-ripemd,hmac-ripemd160@o
penssh.com,hmac-sha256@ssh.com,umac-32@openssh.com,umac-64@openssh.com,umac-96@o
penssh.com,umac-128@openssh.com
debug2: kex_parse_kexinit: none,zlib,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: setup hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: kex: diffie-hellman-group-exchange-sha1 need=20 dh_need=20
debug1: kex: diffie-hellman-group-exchange-sha1 need=20 dh_need=20
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<7680<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Received disconnect from 216.220.60.44: 6: Invalid packet
Couldn't read packet: Connection reset by peer
[root@kestrel tmp]#

---------- Post updated at 12:50 PM ---------- Previous update was at 12:47 PM ----------

This is .ssh dir
Code:
[root@kestrel .ssh]# pwd
/root/.ssh
You have new mail in /var/spool/mail/root
[root@kestrel .ssh]# ls -ltr
total 24
-rw-------  1 root root  406 Mar  3  2017 authorized_keys
-rw-r--r--  1 root root  410 Jun 21 11:37 user_name.pub
-rw-------  1 root root 1679 Jun 21 11:37 user_name
-rwx------  1 root root 1679 Jun 21 13:53 id_rsa
-rwx------  1 root root  410 Jun 21 13:54 id_rsa.pub
-rw-r--r--. 1 root root 1773 Jun 21 14:33 known_hosts

---------- Post updated at 12:59 PM ---------- Previous update was at 12:50 PM ----------

Customer thinks it may be an old or weaker cipher algorithms being used at our end. Is there a way to check if that is the cause of the problem?

Thank you

Last edited by vbe; 06-22-2018 at 04:10 PM.. Reason: code tags
# 2  
Old 06-23-2018
You must first have placed your ssh key ( from kestrel /root/.ssh directory )into the remote directory, the .ssh directory in the login directory tree for the remote user. The .ssh directory there has to have correct permissions. Your local .ssh looks fine. Inside. Verify that the correct permissions are set on the directory /root/.ssh

I cannot tell if those are set up correctly. Please verify. It is usually the cause of this kind of problem.
# 3  
Old 06-23-2018
Quote:
Originally Posted by jim mcnamara
Your local .ssh looks fine. Inside. Verify that the correct permissions are set on the directory /root/.ssh
Sorry, but it doesn't look fine at all: id_rsa holds the private key and this file should be 600 at most. Most modern ssh-versions react quite uncool when they encounter excessive filemodes. The x-flag should also be removed from id_rsa.pub (it won't execute anyway, no?).

I hope this helps.

bakunin
# 4  
Old 07-09-2018
@Billy5

Configure your sshd_config with below Ciphers. Make sure to comment existing Chiphers line and append with below one.

If your SSHD configuration not having any Chiphers line Just add the below to your sshd configuration.

Code:
# vi /etc/ssh/ssh_config

Code:
Ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

Code:
# sudo systemctl reload sshd

Let us know how it went through.

Thanks & Regards,
Bobin Lonston
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

why doesnt it work?

I am trying to print out two fields in a file using awk. So, I have got awk -F '\t' 'NF = 2 {print $1 $2 "]"}' two.txt in a script called what.awk When i run this version like this - ./what.awk then it runs however I want to run the program like this awk -f what.awk two.txt. When I... (8 Replies)
Discussion started by: The undertaker
8 Replies

2. AIX

Vi doesnt work

Hi Guys, I have a strange problem.( AIX 6.1) "vi" is not working at all..Whenever i #vi <anythin> ,, it returns the prompt back. Any clues folks?? (14 Replies)
Discussion started by: muzahed
14 Replies

3. Shell Programming and Scripting

compiler doesnt work

this is my file I have written. // My first C++ program #include <iostream> int main() { std::cout << "Hi there!" << std::endl"; std::cout << "This is my first C++ program" << std::endl"; return(0); } This is the error I get, why? $ g++ first.cpp ksh: g++: not found (1 Reply)
Discussion started by: gustave
1 Replies

4. Shell Programming and Scripting

loop doesnt work

It just does the break...even though the files are not the same... # Compare extracts #========================================== count=0 while (( count < 5 )) do (( count+=1 )) echo "Try $count" file1=$(ls -l /tmp/psjava.xml|... (5 Replies)
Discussion started by: sigh2010
5 Replies

5. AIX

tar -xvf doesnt work

Hello Im trying to extract this file tar -xvf opt-samba-base.tar.tar tar: 0511-169 A directory checksum error on media; 0 not equal to 75420. but I get that message I tried algo with gunzip and uncompress but nothing happens gunzip -d opt-samba-base.tar.tar gunzip:... (2 Replies)
Discussion started by: lo-lp-kl
2 Replies

6. Red Hat

ldapsearch doesnt work.

Hii All, I am using openldap v2.3 on redhat El-4. When i run ldapsearch it returns all the entries. The command runs successfully. But when I run the ldapsearch with following filter option it doesnt work and immediately returns to the shell. ldapsearch uidNumber>=2000 I've started slapd... (0 Replies)
Discussion started by: shamik
0 Replies

7. UNIX for Dummies Questions & Answers

cp doesnt work - Help

When trying to copy a file in Solaris 8 it doesnt copy file or give a error. This worked 100% until the 29th. I've checked the rights and everything seems fine: drwxrwxrwx 2 bmuser bmgroup 11776 Jan 3 10:32 spool This is the file I want to copy: -rwxrwxrwx 1 bmuser bmgroup ... (26 Replies)
Discussion started by: rudi.okelly
26 Replies

8. HP-UX

ls command doesnt work

Good Day I mistakely renamed the dld.sl file in the /usr/lib directory. When i try to ls/ftp into the box i get this error :eek: crt0: ERROR couldn't open /usr/lib/dld.sl errno:000000002 I have tried to rename it back from the renamed file to the original file name, but it gives me the... (2 Replies)
Discussion started by: shawnbishop
2 Replies

9. UNIX for Dummies Questions & Answers

cd.. doesnt work

hi when i want to go to previous directory by typing cd.. i get the following message $ cd.. ksh: cd..: not found Please help rintingtong (2 Replies)
Discussion started by: rintingtong
2 Replies

10. Shell Programming and Scripting

why doesnt my script work!!!

Is there a utility or command I can use to tell the number of decimal places a number has. For instance, if the number is 432, it will give hundred as the number of decimal places. (7 Replies)
Discussion started by: Heedunk
7 Replies
Login or Register to Ask a Question