Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > File Transfer

Reply
 
Thread Tools Display Modes
  #1  
Old 02-06-2014, 11:25 PM
VamsiK.Ganti VamsiK.Ganti is offline
Registered User
 
Join Date: Feb 2014
Posts: 5
Smile Transfer failure

Hi All,

Failure and success logs given below. This is happening while connecting to the same server at two different timestamps.

Failure:

2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,May 2000 Standard]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,June 1999 Standard]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,2.0.13 compatible]
2014-02-03 00:00:58, 00001: Changing state from STATE_CONNECTION to STATE_CLOSING
2014-02-03 00:00:58, 00001: RECV: Disconnect packet (reason: 11: Disconnected by application. Too many bad authentication attempts! )
2014-02-03 00:00:58, 00001: Changing state from STATE_CLOSING to STATE_CLOSED
2014-02-03 00:00:58, 00001: Connected for 0 seconds, 2101 bytes sent, 2022 bytes received
2014-02-03 00:00:58, 00001: Disconnected by application.
Too many bad authentication attempts!
2014-02-03 00:00:58, 00001: Channel Closed.


Success:
2014-02-03 08:17:11, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,agent,fingerprint: 4c:d0:70:ba:02:5b:3b:34:e8:c3:4a:6d:7b:44:29:21:6c:8f:d7:54]
2014-02-03 08:17:12, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,agent,May 2000 Standard]
2014-02-03 08:17:12, 00001: RECV : AUTH_SUCCESS
2014-02-03 08:17:12, 00001: RECV : Server Sftp Version: 3
2014-02-03 08:17:12, 00001: SEND : fs-multiple-roots-supported request[On]
2014-02-03 08:17:12, 00001: SEND : vendor-id request
2014-02-03 08:17:12, 00001: RECV : fs-multiple-roots-supported reply: 8
2014-02-03 08:17:12, 00001: SEND : Stat .
2014-02-03 08:17:12, 00001: SEND : RealPath, base=.
2014-02-03 08:17:12, 00001: Resolved RealPath: /

2014-02-03 08:17:12, 00001: Transfer(00000001): SEND : Stat /ProductList
2014-02-03 08:17:12, 00001: Transfer(00000001): SEND : RealPath, base=/ProductList
2014-02-03 08:17:12, 00001: Transfer(00000001): Resolved RealPath: /ProductList

Beginning transfer.
Reply With Quote
  #2  
Old 02-07-2014, 11:18 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,307
Hi VamsiK.Ganti,

Thanks for the post.

Without more of the log file reflecting the failure, we can only guess.

The guess is that the wrong public/private key pair is defined for the connection attempt. Later in the day, when the connection is made, the correct public/private key pair is loaded in the agent, so the connection succeeds. This is because SecureFX will first attempt to use keys in the agent prior to using the key defined for the connection attempt.

To confirm, would you post the complete failure log from the point that you see the following line to the end of the connection?
[LOCAL] : SENT : USERAUTH_REQUEST [none]
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #3  
Old 02-09-2014, 09:12 PM
VamsiK.Ganti VamsiK.Ganti is offline
Registered User
 
Join Date: Feb 2014
Posts: 5
Post Transfer failure-error

Error log:
2014-02-03 00:00:58, 00001: SSH2Core version 6.6.0.289
2014-02-03 00:00:58, 00001: FIPS mode enabled
2014-02-03 00:00:58, 00001: Connecting to blah.blah.local:22 ...
2014-02-03 00:00:58, 00001: Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
2014-02-03 00:00:58, 00001: Using protocol SSH2
2014-02-03 00:00:58, 00001: RECV : Remote Identifier = 'SSH-2.0-SSHD'
2014-02-03 00:00:58, 00001: CAP : Remote can re-key
2014-02-03 00:00:58, 00001: CAP : Remote sends language in password change requests
2014-02-03 00:00:58, 00001: CAP : Remote sends algorithm name in PK_OK packets
2014-02-03 00:00:58, 00001: CAP : Remote sends algorithm name in public key packets
2014-02-03 00:00:58, 00001: CAP : Remote sends algorithm name in signatures
2014-02-03 00:00:58, 00001: CAP : Remote sends error text in open failure packets
2014-02-03 00:00:58, 00001: CAP : Remote sends name in service accept packets
2014-02-03 00:00:58, 00001: CAP : Remote includes port number in x11 open packets
2014-02-03 00:00:58, 00001: CAP : Remote uses 160 bit keys for SHA1 MAC
2014-02-03 00:00:58, 00001: CAP : Remote supports new diffie-hellman group exchange messages
2014-02-03 00:00:58, 00001: CAP : Remote correctly handles unknown SFTP extensions
2014-02-03 00:00:58, 00001: CAP : Remote correctly encodes OID for gssapi
2014-02-03 00:00:58, 00001: CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
2014-02-03 00:00:58, 00001: CAP : Remote can do SFTP version 4
2014-02-03 00:00:58, 00001: CAP : Remote uses SHA1 hash in RSA signatures for x.509v3
2014-02-03 00:00:58, 00001: CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
2014-02-03 00:00:58, 00001: SEND : KEXINIT
2014-02-03 00:00:58, 00001: RECV : Read kexinit
2014-02-03 00:00:58, 00001: Available Remote Kex Methods = diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
2014-02-03 00:00:58, 00001: Selected Kex Method = diffie-hellman-group-exchange-sha1
2014-02-03 00:00:58, 00001: Available Remote Host Key Algos = ssh-rsa
2014-02-03 00:00:58, 00001: Selected Host Key Algo = ssh-rsa
2014-02-03 00:00:58, 00001: Available Remote Send Ciphers = aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr
2014-02-03 00:00:58, 00001: Selected Send Cipher = aes256-ctr
2014-02-03 00:00:58, 00001: Available Remote Recv Ciphers = aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr
2014-02-03 00:00:58, 00001: Selected Recv Cipher = aes256-ctr
2014-02-03 00:00:58, 00001: Available Remote Send Macs = hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha256,hmac-sha256@ssh.com
2014-02-03 00:00:58, 00001: Selected Send Mac = hmac-sha1
2014-02-03 00:00:58, 00001: Available Remote Recv Macs = hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha256,hmac-sha256@ssh.com
2014-02-03 00:00:58, 00001: Selected Recv Mac = hmac-sha1
2014-02-03 00:00:58, 00001: Available Remote Compressors = none,zlib
2014-02-03 00:00:58, 00001: Selected Compressor = none
2014-02-03 00:00:58, 00001: Available Remote Decompressors = none,zlib
2014-02-03 00:00:58, 00001: Selected Decompressor = none
2014-02-03 00:00:58, 00001: Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
2014-02-03 00:00:58, 00001: SEND : KEXDH_GEX_REQUEST
2014-02-03 00:00:58, 00001: RECV : KEXDH_GEX_GROUP
2014-02-03 00:00:58, 00001: SEND : KEXDH_INIT
2014-02-03 00:00:58, 00001: RECV : KEXDH_REPLY
2014-02-03 00:00:58, 00001: SEND : NEWKEYS
2014-02-03 00:00:58, 00001: Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
2014-02-03 00:00:58, 00001: RECV: Remote Hostkey: 43:1c:3d:59:79:f3:13:f7:4a:2c:c3:0b:f5:d1:7b:e5:21:fb:be:c2
2014-02-03 00:00:58, 00001: RECV : NEWKEYS
2014-02-03 00:00:58, 00001: Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
Connection to AMPMFTHBPC1.au.amp.local established.
2014-02-03 00:00:58, 00001: SEND: SERVICE_REQUEST[ssh-userauth]
2014-02-03 00:00:58, 00001: RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [none]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4c:d0:70:ba:02:5b:3b:34:e8:c3:4a:6d:7b:44:29:21:6c:8f:d7:54]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,May 2000 Standard]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,June 1999 Standard]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,2.0.13 compatible]
2014-02-03 00:00:58, 00001: Changing state from STATE_CONNECTION to STATE_CLOSING
2014-02-03 00:00:58, 00001: RECV: Disconnect packet (reason: 11: Disconnected by application. Too many bad authentication attempts! )
2014-02-03 00:00:58, 00001: Changing state from STATE_CLOSING to STATE_CLOSED
2014-02-03 00:00:58, 00001: Connected for 0 seconds, 2101 bytes sent, 2022 bytes received
2014-02-03 00:00:58, 00001: Disconnected by application.
Too many bad authentication attempts!
2014-02-03 00:00:58, 00001: Channel Closed




From the same server it failed the first time, and when it was rerun in the morning it was successful.
Thanks for your assistance here
Reply With Quote
  #4  
Old 02-09-2014, 09:14 PM
VamsiK.Ganti VamsiK.Ganti is offline
Registered User
 
Join Date: Feb 2014
Posts: 5
Success log:

2014-02-03 08:17:11, 00001: sfxcl version 6.6.1.289 (Official Release - November 4, 2010)
2014-02-03 08:17:11, 00001: Session 00001 established for transfer from sftp://.....
2014-02-03 08:17:11, 00001: SSH2Core version 6.6.0.289
2014-02-03 08:17:11, 00001: FIPS mode enabled
2014-02-03 08:17:11, 00001: Connecting to blah blah:22 ...
2014-02-03 08:17:11, 00001: Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
2014-02-03 08:17:11, 00001: Using protocol SSH2
2014-02-03 08:17:11, 00001: RECV : Remote Identifier = 'SSH-2.0-SSHD'
2014-02-03 08:17:11, 00001: CAP : Remote can re-key
2014-02-03 08:17:11, 00001: CAP : Remote sends language in password change requests
2014-02-03 08:17:11, 00001: CAP : Remote sends algorithm name in PK_OK packets
2014-02-03 08:17:11, 00001: CAP : Remote sends algorithm name in public key packets
2014-02-03 08:17:11, 00001: CAP : Remote sends algorithm name in signatures
2014-02-03 08:17:11, 00001: CAP : Remote sends error text in open failure packets
2014-02-03 08:17:11, 00001: CAP : Remote sends name in service accept packets
2014-02-03 08:17:11, 00001: CAP : Remote includes port number in x11 open packets
2014-02-03 08:17:11, 00001: CAP : Remote uses 160 bit keys for SHA1 MAC
2014-02-03 08:17:11, 00001: CAP : Remote supports new diffie-hellman group exchange messages
2014-02-03 08:17:11, 00001: CAP : Remote correctly handles unknown SFTP extensions
2014-02-03 08:17:11, 00001: CAP : Remote correctly encodes OID for gssapi
2014-02-03 08:17:11, 00001: CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
2014-02-03 08:17:11, 00001: CAP : Remote can do SFTP version 4
2014-02-03 08:17:11, 00001: CAP : Remote uses SHA1 hash in RSA signatures for x.509v3
2014-02-03 08:17:11, 00001: CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
2014-02-03 08:17:11, 00001: SEND : KEXINIT
2014-02-03 08:17:11, 00001: RECV : Read kexinit
2014-02-03 08:17:11, 00001: Available Remote Kex Methods = diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
2014-02-03 08:17:11, 00001: Selected Kex Method = diffie-hellman-group-exchange-sha1
2014-02-03 08:17:11, 00001: Available Remote Host Key Algos = ssh-rsa
2014-02-03 08:17:11, 00001: Selected Host Key Algo = ssh-rsa
2014-02-03 08:17:11, 00001: Available Remote Send Ciphers = aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr
2014-02-03 08:17:11, 00001: Selected Send Cipher = aes256-ctr
2014-02-03 08:17:11, 00001: Available Remote Recv Ciphers = aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr
2014-02-03 08:17:11, 00001: Selected Recv Cipher = aes256-ctr
2014-02-03 08:17:11, 00001: Available Remote Send Macs = hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha256,hmac-sha256@ssh.com
2014-02-03 08:17:11, 00001: Selected Send Mac = hmac-sha1
2014-02-03 08:17:11, 00001: Available Remote Recv Macs = hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha256,hmac-sha256@ssh.com
2014-02-03 08:17:11, 00001: Selected Recv Mac = hmac-sha1
2014-02-03 08:17:11, 00001: Available Remote Compressors = none,zlib
2014-02-03 08:17:11, 00001: Selected Compressor = none
2014-02-03 08:17:11, 00001: Available Remote Decompressors = none,zlib
2014-02-03 08:17:11, 00001: Selected Decompressor = none
2014-02-03 08:17:11, 00001: Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
2014-02-03 08:17:11, 00001: SEND : KEXDH_GEX_REQUEST
2014-02-03 08:17:11, 00001: RECV : KEXDH_GEX_GROUP
2014-02-03 08:17:11, 00001: SEND : KEXDH_INIT
2014-02-03 08:17:11, 00001: RECV : KEXDH_REPLY
2014-02-03 08:17:11, 00001: SEND : NEWKEYS
2014-02-03 08:17:11, 00001: Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
2014-02-03 08:17:11, 00001: RECV: Remote Hostkey: 43:1c:3d:59:79:f3:13:f7:4a:2c:c3:0b:f5:d1:7b:e5:21:fb:be:c2
2014-02-03 08:17:11, 00001: RECV : NEWKEYS
2014-02-03 08:17:11, 00001: Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
Connection to blah blah established
2014-02-03 08:17:11, 00001: SEND: SERVICE_REQUEST[ssh-userauth]
2014-02-03 08:17:11, 00001: RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
2014-02-03 08:17:11, 00001: SENT : USERAUTH_REQUEST [none]
2014-02-03 08:17:11, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
2014-02-03 08:17:11, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,agent,fingerprint: 4c:d0:70:ba:02:5b:3b:34:e8:c3:4a:6d:7b:44:29:21:6c:8f:d7:54]
2014-02-03 08:17:12, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,agent,May 2000 Standard]
2014-02-03 08:17:12, 00001: RECV : AUTH_SUCCESS
2014-02-03 08:17:12, 00001: RECV : Server Sftp Version: 3
2014-02-03 08:17:12, 00001: SEND : fs-multiple-roots-supported request[On]
2014-02-03 08:17:12, 00001: SEND : vendor-id request
2014-02-03 08:17:12, 00001: RECV : fs-multiple-roots-supported reply: 8
2014-02-03 08:17:12, 00001: SEND : Stat .
2014-02-03 08:17:12, 00001: SEND : RealPath, base=.
2014-02-03 08:17:12, 00001: Resolved RealPath: /

2014-02-03 08:17:12, 00001: Transfer(00000001): SEND : Stat /ProductList
2014-02-03 08:17:12, 00001: Transfer(00000001): SEND : RealPath, base=/ProductList
2014-02-03 08:17:12, 00001: Transfer(00000001): Resolved RealPath: /ProductList

Beginning transfer.
Reply With Quote
  #5  
Old 02-10-2014, 11:36 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,307
Hi VamsiK.Ganti,

Thanks for the updates. Here are the interesting lines from the log files:
Success:
2014-02-03 08:17:11, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,agent,fingerprint: 4c:d0:70:ba:02:5b:3b:34:e8:c3:4a:6d:7b:44:29:21:6c:8f:d7:54]
2014-02-03 08:17:12, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,agent,May 2000 Standard]
2014-02-03 08:17:12, 00001: RECV : AUTH_SUCCESS
Failure:
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4c:d0:70:ba:02:5b:3b:34:e8:c3:4a:6d:7b:44:29:21:6c:8f:d7:54]
2014-02-03 00:00:58, 00001: SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - signed,May 2000 Standard]
2014-02-03 00:00:58, 00001: RECV : USERAUTH_FAILURE, continuations [password,publickey,keyboard-interactive]
Because the fingerprints for the public-key used in authentication are the same, it seems like the configuration in SecureCRT has not changed. You will need to consult with the server administrator to see what might have caused the problem.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #6  
Old 02-10-2014, 04:06 PM
VamsiK.Ganti VamsiK.Ganti is offline
Registered User
 
Join Date: Feb 2014
Posts: 5
The only difference we could find is the word "agent".

Is it some settings issue or any type of authentication issue where first it uses password, if it is unsuccessful it uses key to authenticate?
Reply With Quote
  #7  
Old 02-11-2014, 08:28 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,307
Hi VamsiK.Ganti,

You can find information about the Secure Shell Agent at the following location:
http://www.vandyke.com/solutions/ssh...iew_agent.html
Basically, when you see agent, SecureCRT is obtaining the public-key authentication credentials from the Secure Shell Agent rather than from the public-key file.

Does this help to clarify that difference?
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #8  
Old 02-11-2014, 03:31 PM
VamsiK.Ganti VamsiK.Ganti is offline
Registered User
 
Join Date: Feb 2014
Posts: 5
So the issue could be with public-key file ? and if we check config again, we can figure out the error?

Thanks in Advance,

Regards,
Vamsi Krishna
Reply With Quote
  #9  
Old 02-11-2014, 04:10 PM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,307
Hi VamsiK.Ganti,
Quote:
So the issue could be with public-key file ?
Not to my knowledge. SecureCRT is using the same credentials each time. It is just getting the credentials from different locations. The location doesn't change what SecureCRT is sending to the remote server, and that is verifiable via the fingerprint for each attempt. They are identical.
Quote:
and if we check config again, we can figure out the error?
If a cause can be found, you will need to consult with the SSH server administrator to find it.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
Reply

Tags
authentication failure , publickey , ssh , useruath


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 04:13 AM.