Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
6.4k views
in .NET FTP by (320 points)
I'm evaluating the EDTftp/PRO package, mainly for the SFTP capabilities, and have run into an issue with ServerValidation.

In the below code, when I change the ServerValidation type to none, and comment out the knownhosts property, I can connect and upload to the server. When I have the ServerValidation set to Auto or AutoNoName, with the known_hosts file, I get the exception below. The known_hosts file has an entry for the machine, and it works when I ssh through cygwin. Any thoughts would be outstanding.

Thanks

Code

_sftp.ServerAddress = "machine";
_sftp.ServerPort = 22;
_sftp.UserName = "user";
_sftp.Password = "passphrase";
_sftp.Protocol = EnterpriseDT.Net.Ftp.FileTransferProtocol.SFTP;
_sftp.ServerValidation = EnterpriseDT.Net.Ftp.SecureFTPServerValidationType.AutomaticNoNameCheck;
_sftp.KnownHosts.KnownHostsFile = @"C:\cygwin\home\junodaa\.ssh\known_hosts";
_sftp.ClientPrivateKeyFile = @"C:\cygwin\home\junodaa\.ssh\id_dsa";
_sftp.AuthenticationMethod = EnterpriseDT.Net.Ssh.AuthenticationType.PublicKey;
_sftp.Timeout = 1500;

Exception

{"Authentication failure" }
[EnterpriseDT.Net.Ftp.Ssh.SFTPException]: {EnterpriseDT.Net.Ftp.Ssh.SFTPException}
System.Object: {EnterpriseDT.Net.Ftp.Ssh.SFTPException}
_className: null
_COMPlusExceptionCode: -532459699
_exceptionMethod: <undefined value>
_exceptionMethodString: null
_helpURL: null
_HResult: -2146232832
_innerException: { }
_message: "Authentication failure"
_remoteStackIndex: 0
_remoteStackTraceString: null
_source: null
_stackTrace: {System.Array}
_stackTraceString: null
_xcode: -532459699
_xptrs: 0
HelpLink: null
HResult: -2146232832
InnerException: { }
Message: "Authentication failure"
Source: "edtFTPnetPRO"
StackTrace: " at EnterpriseDT.Net.Ftp.Ssh.SSHFTPClient.Connect()\r\n at EnterpriseDT.Net.Ftp.SecureFTPConnection.Connect()\r\n at SFTPTest.Form1.Form1_Load(Object sender, EventArgs e) in c:\\projects\\eb\\prototypes\\sftptest\\form1.cs:line 109"
TargetSite: {System.Reflection.RuntimeMethodInfo}

8 Answers

0 votes
by (165k points)
It all looks sensible. Does the log file reveal anything useful? Could you post a snippet that looks relevant?
0 votes
by (320 points)
Which log are you speaking of? The server log does not show anything out of the ordinary that I can see. Does the component offer escalated logging that I haven't seen yet?

Thanks

It all looks sensible. Does the log file reveal anything useful? Could you post a snippet that looks relevant?
0 votes
by (165k points)
Yes, in the help you'll find a howto topic on logging.

Does the component offer escalated logging that I haven't seen yet?
0 votes
by (165k points)
A quick question while you are generating a log file - you are absolutely sure that AuthenticationMethod = EnterpriseDT.Net.Ssh.AuthenticationType.PublicKey is working with server validation set to none?
0 votes
by (320 points)
A quick question while you are generating a log file - you are absolutely sure that AuthenticationMethod = EnterpriseDT.Net.Ssh.AuthenticationType.PublicKey is working with server validation set to none?


Yes I am quite sure. Here is the output of the log, only changing the SecureFTPServerValidationType and knownhostsfile lines. I also pasted the begining of the link from known_hosts. I know that's working because from a cygwin prompt I am able to type ssh icebook -l user and I do not get asked to save a rsa footprint, nor do I get challenged for anything except the private passphrase.

icebook,172.20.241.90 ssh-rsa AAA
_sftp.ServerAddress = "icebook"

INFO [EnterpriseDT.Net.Ftp.Ssh.KnownHostsManager] 27 Sep 2006 07:57:06.046 : Reading known hosts file 'C:\cygwin\home\junodaa\.ssh\known_hosts'
INFO [EnterpriseDT.Net.Ftp.Ssh.KnownHostsManager] 27 Sep 2006 07:57:06.203 : Successfully read known hosts file 'C:\cygwin\home\junodaa\.ssh\known_hosts'
INFO [LicenseProperties] 27 Sep 2006 07:57:06.218 : Licence expiry date: 10/28/2006
INFO [LicenseProperties] 27 Sep 2006 07:57:06.218 : Trial license
INFO [LicenseProperties] 27 Sep 2006 07:57:06.218 : Licence expiry date: 10/28/2006
INFO [LicenseProperties] 27 Sep 2006 07:57:06.218 : Trial license
ERROR [EnterpriseDT.Net.Ftp.Ssh.SSHFTPClient] 27 Sep 2006 07:57:07.609 : No stored public key matches supplied public key


INFO [LicenseProperties] 27 Sep 2006 08:03:37.546 : Licence expiry date: 10/28/2006
INFO [LicenseProperties] 27 Sep 2006 08:03:37.546 : Trial license
INFO [LicenseProperties] 27 Sep 2006 08:03:37.546 : Licence expiry date: 10/28/2006
INFO [LicenseProperties] 27 Sep 2006 08:03:37.546 : Trial license
INFO [EnterpriseDT.Net.Ftp.Ssh.SSHFTPClient] 27 Sep 2006 08:03:38.062 : Waiting for SSH channel to be opened
0 votes
by (165k points)
Hmm, the other possibility is that the server is sending you a DSA public key, which won't match an RSA key. Your command line client may be configured to request RSA public keys only from the server.

In the client set RSA public keys only by doing this:

ftpConnection.PreferredHostKeyAlgorithms = SSHPublicKeyAlgorithm.RSA;

You could also add the server's DSA key to the known_hosts file so that no matter what key type is returned it should get validated.

I will make a note to add more information to the debug about the type of public key returned by the server.
0 votes
by (320 points)
That was it, the line forcing RSA handled it perfectly. Thank you very much.
0 votes
by (320 points)
The newest version (purchased) seems to decide this on it's own. Thanks alot for the timely new feature!

Categories

...