1.  Home
  2. MIDRANGE-L
  3. June 2023

Re: Help with SFTP : error "Host key verification failed"

Hi Patrik



This is the log .. but i'm not able to understand if Local rights for ssh
key authentication are too permissive .. and eventually how to if true
(Local rights for ssh key authentication are too permissive) change the
situation



Thanks in advance



$

sftp -vvv myuser@xxxxxxxxxxxxx

OpenSSH_6.9p1, OpenSSL 1.0.2n 7 Dec 2017

debug1: Reading configuration data
/QOpenSys/QIBM/ProdData/SC1/OpenSSH/etc/ssh_config

debug2: ssh_connect: needpriv 0

debug1: Connecting to YYY.WW.HHH.ZZ [YYY.WW.HHH.ZZ] port 22.

debug1: Connection established.

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_rsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/USER/.ssh/id_ed25519-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.9

debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0

debug1: match: OpenSSH_8.0 pat OpenSSH* compat 0x04000000

debug2: fd 3 setting O_NONBLOCK

debug1: Authenticating to YYY.WW.HHH.ZZ:22 as 'myuser'

debug3: hostkeys_foreach: reading file "/home/USER/.ssh/known_hosts"

debug3: record_hostkey: found key type ECDSA in file
/home/USER/.ssh/known_hosts:1

debug3: load_hostkeys: loaded 1 keys from YYY.WW.HHH.ZZ

debug3: order_hostkeyalgs: prefer hostkeyalgs:
ecdsa-sha2-nistp256-cert-v01@xxxxxx

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug2: kex_parse_kexinit:
curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nkkkkk

debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.cohhh

debug2: kex_parse_kexinit: chacha20-poly1305@openssqqqq

debug2: kex_parse_kexinit: chacha20-poly1305@xxxxxxxxxxx,aes12poiiop

debug2: kex_parse_kexinit: umac-64-etm@openssh.coooui

debug2: kex_parse_kexinit: umac-64-etm@openssh.cokjhklh

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit: first_kex_follows 0

debug2: kex_parse_kexinit: reserved 0

debug2: kex_parse_kexinit: curve25519-sha25opi

debug2: kex_parse_kexinit:
rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519

debug2: kex_parse_kexinit: aes256-gcm@xxxxxxxxxxx,chacha20-poly1305@openpio

debug2: kex_parse_kexinit:
aes256-gcm@xxxxxxxxxxx,chacha20-poly1305@openssholuui

debug2: kex_parse_kexinit: hmac-sha2-256-etm@xxxxxxxxxxx,hmpoipi-512

debug2: kex_parse_kexinit: hmac-sha2-256-etm@poi

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit: first_kex_follows 0

debug2: kex_parse_kexinit: reserved 0

debug1: kex: server->client chacha20-poly1305@xxxxxxxxxxx <implicit> none

debug1: kex: client->server chacha20-poly1305@xxxxxxxxxxx <implicit> none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256
SHA256:pxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

debug3: hostkeys_foreach: reading file "/home/USER/.ssh/known_hosts"

debug3: record_hostkey: found key type ECDSA in file
/home/USER/.ssh/known_hosts:1

debug3: load_hostkeys: loaded 1 keys from YYY.WW.HHH.ZZ

debug1: Host 'YYY.WW.HHH.ZZ' is known and matches the ECDSA host key.

debug1: Found key in /home/USER/.ssh/known_hosts:1

debug2: set_newkeys: mode 1

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug2: set_newkeys: mode 0

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug2: service_accept: ssh-userauth

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug2: key: /home/USER/.ssh/id_rsa (0),

debug2: key: /home/USER/.ssh/id_dsa (0),

debug2: key: /home/USER/.ssh/id_ecdsa (0),

debug2: key: /home/USER/.ssh/id_ed25519 (0),

debug3: input_userauth_banner

****************************************************************************
******

** WARNING:
**

**
**

** THE PROGRAMS AND DATA HELD ON THIS SYSTEM ARE THE PROPERTY OF AND
LICENSED **

** BY SFTPSRV SDS EUROPE
**

**
**

** IF THE COMPANY HAS NOT AUTHORIZED ACCESS TO THIS SYSTEM YOU WILL BE
**

** COMMITTING A CRIMINAL OFFENCE IF YOU DO NOT IMMEDIATELY DISCONNECT
**

**
**

** UNAUTHORIZED ACCESS IS STRICTLY FORBIDDEN AND A DISCIPLINARY OFFENCE
**

**
**

****************************************************************************
******

debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password

debug3: start over, passed a different list
publickey,gssapi-keyex,gssapi-with-mic,password

debug3: preferred publickey,keyboard-interactive,password

debug3: authmethod_lookup publickey

debug3: remaining preferred: keyboard-interactive,password

debug3: authmethod_is_enabled publickey

debug1: Next authentication method: publickey

debug1: Trying private key: /home/USER/.ssh/id_rsa

debug3: no such identity: /home/USER/.ssh/id_rsa: No such file or directory

debug1: Trying private key: /home/USER/.ssh/id_dsa

debug3: no such identity: /home/USER/.ssh/id_dsa: No such file or directory

debug1: Trying private key: /home/USER/.ssh/id_ecdsa

debug3: no such identity: /home/USER/.ssh/id_ecdsa: No such file or
directory

debug1: Trying private key: /home/USER/.ssh/id_ed25519

debug3: no such identity: /home/USER/.ssh/id_ed25519: No such file or
directory

debug2: we did not send a packet, disable method

debug3: authmethod_lookup password

debug3: remaining preferred: ,password

debug3: authmethod_is_enabled password

debug1: Next authentication method: password

debug1: read_passphrase: can't open /dev/tty: No such device or address

debug2: readpassphrase: not a 5250 return ENOTTY

debug2: we sent a password packet, wait for reply

debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password

Permission denied, please try again.

debug1: read_passphrase: can't open /dev/tty: No such device or address

debug2: readpassphrase: not a 5250 return ENOTTY

debug2: we sent a password packet, wait for reply

debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password

Permission denied, please try again.

debug1: read_passphrase: can't open /dev/tty: No such device or address

debug2: readpassphrase: not a 5250 return ENOTTY

debug2: we sent a password packet, wait for reply

debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password

debug2: we did not send a packet, disable method

debug1: No more authentication methods to try.

Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

Connection closed

$




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.