Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > File Transfer

Reply
 
Thread Tools Display Modes
  #1  
Old 09-04-2014, 09:24 AM
tbc tbc is offline
Registered User
 
Join Date: Sep 2014
Posts: 1
USERAUTH_FAILURE Problem

Hello,

I'm trying to connect to a host for a secure file transfer. But the Connection is always rejected. The Tracelog is:

i SecureFX version 7.2.6.606 (Official Release - August 19, 2014)
i Attempting to connect to yyy.yyy.de
i Session 00001 established for session yyy.yyy.de
i SSH2Core version 7.2.0.606
i Connecting to yyy.yyy.de:22 ...
i Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
i Using protocol SSH2
i RECV : Remote Identifier = 'SSH-2.0-OpenSSH_6.1'
i CAP : Remote can re-key
i CAP : Remote sends language in password change requests
i CAP : Remote sends algorithm name in PK_OK packets
i CAP : Remote sends algorithm name in public key packets
i CAP : Remote sends algorithm name in signatures
i CAP : Remote sends error text in open failure packets
i CAP : Remote sends name in service accept packets
i CAP : Remote includes port number in x11 open packets
i CAP : Remote uses 160 bit keys for SHA1 MAC
i CAP : Remote supports new diffie-hellman group exchange messages
i CAP : Remote correctly handles unknown SFTP extensions
i CAP : Remote correctly encodes OID for gssapi
i CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
i CAP : Remote can do SFTP version 4
i CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
i CAP : Remote correctly handles zlib@openssh.com
i SEND : KEXINIT
i RECV : Read kexinit
i Available Remote Kex Methods = ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
i Selected Kex Method = diffie-hellman-group14-sha1
i Available Remote Host Key Algos = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
i Selected Host Key Algo = ssh-dss
i Available Remote Send Ciphers = aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
i Selected Send Cipher = aes256-ctr
i Available Remote Recv Ciphers = aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
i Selected Recv Cipher = aes256-ctr
i Available Remote Send Macs = hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
i Selected Send Mac = hmac-sha2-512
i Available Remote Recv Macs = hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
i Selected Recv Mac = hmac-sha2-512
i Available Remote Compressors = none,zlib@openssh.com
i Selected Compressor = none
i Available Remote Decompressors = none,zlib@openssh.com
i Selected Decompressor = none
i Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
i SEND : KEXDH_INIT
i RECV : KEXDH_REPLY
i Changing state from STATE_KEY_EXCHANGE to STATE_READY_FOR_NEW_KEYS
i RECV: Remote Hostkey: a4:58:cf:ef:52:1a:15:e5:33:27:00:7e:4c:f2:04:bc
i SEND : NEWKEYS
i Changing state from STATE_READY_FOR_NEW_KEYS to STATE_EXPECT_NEWKEYS
i RECV : NEWKEYS
i Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
i SEND: SERVICE_REQUEST[ssh-userauth]
i RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
i SENT : USERAUTH_REQUEST [none]
i RECV : USERAUTH_FAILURE, continuations [publickey]
i SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4b:c1:08:75:37:af:db:56:bf:48:10:01:2f:0a:ef:a0]
i RECV : USERAUTH_FAILURE, continuations [publickey]
i SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4b:c1:08:75:37:af:db:56:bf:48:10:01:2f:0a:ef:a0]
i RECV : USERAUTH_FAILURE, continuations [publickey]
i SEND: Disconnect packet: The user canceled authentication.
i Changing state from STATE_CONNECTION to STATE_SEND_DISCONNECT
i Changing state from STATE_SEND_DISCONNECT to STATE_CLOSED
i Connected for 15 seconds, 2100 bytes sent, 2101 bytes received

Can anyone give me a hint?

regards
Reply With Quote
  #2  
Old 09-04-2014, 09:55 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi tbc,

Thanks for the post. Here are the lines in the log file that indicate the issue:
i SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4b:c1:08:75:37:af:db:56:bf:48:10:01:2f:0a:ef:a0]
i RECV : USERAUTH_FAILURE, continuations [publickey]
You can see that SecureFX is attempting publickey authentication, but the server is rejecting the public/private key pair that SecureFX is configured to use.

You will need to configure the remote server to accept the public/private key pair that you are attempting to use.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #3  
Old 09-12-2014, 04:22 AM
pvod pvod is offline
Registered User
 
Join Date: Sep 2014
Posts: 1
Are you trying ssh shell connection or SFTP/SCP?

also this doesn't look ok, are you sure you're using the correct key?

Code:
i Available Remote Host Key Algos = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
i Selected Host Key Algo = ssh-dss
Code:
i SENT : USERAUTH_REQUEST [publickey (ssh-rsa) - unsigned,fingerprint: 4b:c1:08:75:37:af:db:56:bf:48:10:01:2f:0a:ef:a0]
Reply With Quote
  #4  
Old 09-12-2014, 10:41 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi pvod,

Thanks for the post. I have attached a screenshot to help explain the difference between a host key and a public/private key pair used for authentication.

It is entirely possible that the algorithm (RSA or DSA) used to generate a host key or a public/private key pair will be different.

Additionally, whether one is using SFTP or SCP, the connection protocol is still SSH2 and should not impact this situation.

Does this help to clarify?
Attached Images
File Type: png ServerHostKeyVsClientPublicKey.png (45.3 KB, 395 views)
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:42 PM.