1.  Home
  2. MIDRANGE-L
  3. June 2023

Re: Help with SFTP : error "Host key verification failed"

Le 07/06/2023 à 18:44, Scott Klement a écrit :
Did you try it?!  it works fine for me.

You were writing something about 5250 vs pure Unix terminal, so I did some tests below and you are right.


If I connect to pub400 with putty, I can indeed run a password based sftp on itself


-bash-5.1.8 dimarco@xxxxxxxxxxxxxx:~ $ sftp -P 2222 dimarco@localhost
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
ECDSA key fingerprint is SHA256:2+aoGFgJ2WpcUlX+RoM9dxfftTUcQBRFs13ssUd43eQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
*********************************************
* WELCOME TO PUB400.COM - your public IBM i *
* ----------------------------------------- *
* Please take note of the following:        *
* - all access is logged                    *
* - please be polite and do not disturb     *
*   other users!                            *
* - this system is of limited support       *
* - see https://pub400.com                 ; *
*********************************************

-> Enter your password for Logon below:
dimarco@localhost's password:
Connected to localhost.
sftp>

But if I do the same from PASE or QShell, it does not work.

> sftp -P 2222 localhost
  *********************************************
  * WELCOME TO PUB400.COM - your public IBM i *
  * ----------------------------------------- *
  * Please take note of the following:        *
  * - all access is logged                    *
  * - please be polite and do not disturb     *
  *   other users!                            *
  * - this system is of limited support       *
  * - see https://pub400.com                 ; *
  *********************************************
-> Enter your password for Logon below:
Permission denied, please try again.
Permission denied, please try again.
dimarco@localhost: Permission denied (publickey,password,keyboard-interactive).
Connection closed.
Connection closed
$


So you are right, the key is not to use 5250 and never thought to proceed like you did. However, I am not sure that IBM would like to update their documentation :-)


Here's what I see:

$ sftp scotty@xxxxxxxxxxxxxxxxxxxxxxx
Password for scotty@xxxxxxxxxxxxxxxxxxxxxxx:
Connected to grungy.scottklement.com.
sftp>


On 6/7/23 11:37 AM, Marc Rauzier wrote:

Le 07/06/2023 à 18:32, Scott Klement a écrit :
The OpenSSH client that IBM provides for IBM i *does* indeed support password authentication.

I agree for ssh command, but I don't for sftp (and scp).

I was not sure of that but got confirmation here https://www.ibm.com/support/pages/configuring-ibm-i-ssh-sftp-and-scp-clients-use-public-key-authentication


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.