http://www.perlmonks.org?node_id=739524


in reply to Help Required - Problem Automating SFTP

I feel your pain ... SFTP is a rather overloaded word (some people construe it to be FTP over ssh, some people construe it to be SCP and some explicitly SFTP). Your debug statements lend me to believe that the server is not really configured (or properly configured) for SFTP. Can you SFTP outside of perl? (does putty include an SFTP client?). Can you SCP or SSH outside of perl?

I have no experience with SFTP (or SSH) in windows, but for my *nix work, I prefer Net::SSH2 over all the other SSH/SFTP modules.

-derby
  • Comment on Re: Help Required - Problem Automating SFTP

Replies are listed 'Best First'.
Re^2: Help Required - Problem Automating SFTP
by salva (Canon) on Jan 28, 2009 at 12:58 UTC
    Net::SSH2 for SFTP? you are a masochist! ;-)

    Seriously, try using (my) Net::SFTP::Foreign instead, it is far easier to use and more powerful!

    Check also my other module Net::OpenSSH, it is still a work in progress but I am sure you will find it interesting.

      Ha! Not really, when most of my clients say SFTP then configure their servers for SCP - and that's a breeze with Net::SSH2 ... but thanks I'll look into Net::OpenSSH if the need arises (and it probably will!)

      -derby
Re^2: Help Required - Problem Automating SFTP
by Kraythorne (Sexton) on Jan 28, 2009 at 12:42 UTC
    I can connect using filezilla without any problems - it's just command line that is giving me the problems.

    I don't know if the error I'm getting is from my sshd service or the clients' sftp server?

    If it's the clients server then what do I need to ask them to do to accept shell commands? If it's my end then what can I do?

    It seems that I can connect to the client and be verified using the key they supplied, but then loose connection when I try to communicate :-(

      In looking at those messages, it appears you are getting a connection and getting authenticated with SSH, but the remote host is not starting the session shell properly. Confirm all the settings with the remote host admin and have them check to make sure their server is up an responding (and allowing logins to start correctly). It could also be a permissions issue on the remote host if you don't have the appropriate permisions to the login directory, you might not be able to get in to the site even though you can authenticate properly.
      does command line scp work?

      Run a couple of tests using scp and sftp commands with the verbose flag (-v) and post here the output.

        VERBOSE OUTPUT FROM SFTP

        Connecting to *Host_IP*...
        debug1: Reading configuration data /etc/ssh_config
        debug2: ssh_connect: needpriv 0
        debug1: Connecting to *Host_IP* *Host_IP* port *Port*.
        debug1: Connection established.
        debug3: Not a RSA1 key file C:\\id_cmf_mediatech.
        debug2: key_type_from_name: unknown key type '-----BEGIN'
        debug3: key_read: missing keytype
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug3: key_read: missing whitespace
        debug2: key_type_from_name: unknown key type '-----END'
        debug3: key_read: missing keytype
        debug1: identity file C:\\id_cmf_mediatech type -1
        debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
        debug1: match: OpenSSH_5.1 pat OpenSSH*
        debug1: Enabling compatibility mode for protocol 2.0
        debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
        debug1: SSH2_MSG_KEXINIT sent
        debug1: SSH2_MSG_KEXINIT received
        debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
        debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
        debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
        debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
        debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
        debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
        debug2: kex_parse_kexinit: none,zlib
        debug2: kex_parse_kexinit: none,zlib
        debug2: kex_parse_kexinit:
        debug2: kex_parse_kexinit:
        debug2: kex_parse_kexinit: first_kex_follows 0
        debug2: kex_parse_kexinit: reserved 0
        debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
        debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
        debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
        debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
        debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
        debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
        debug2: kex_parse_kexinit: none,zlib@openssh.com
        debug2: kex_parse_kexinit: none,zlib@openssh.com
        debug2: kex_parse_kexinit:
        debug2: kex_parse_kexinit:
        debug2: kex_parse_kexinit: first_kex_follows 0
        debug2: kex_parse_kexinit: reserved 0
        debug2: mac_init: found hmac-md5
        debug1: kex: server->client aes128-cbc hmac-md5 none
        debug2: mac_init: found hmac-md5
        debug1: kex: client->server aes128-cbc hmac-md5 none
        debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
        debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
        debug2: dh_gen_key: priv key bits set: 122/256
        debug2: bits set: 517/1024
        debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
        debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
        debug3: check_host_in_hostfile: filename /home/.ssh/known_hosts
        debug3: check_host_in_hostfile: match line 1
        debug1: Host '*Host_IP*' is known and matches the RSA host key.
        debug1: Found key in /home/.ssh/known_hosts:1
        debug2: bits set: 520/1024
        debug1: ssh_rsa_verify: signature correct
        debug2: kex_derive_keys
        debug2: set_newkeys: mode 1
        debug1: SSH2_MSG_NEWKEYS sent
        debug1: expecting SSH2_MSG_NEWKEYS
        debug2: set_newkeys: mode 0
        debug1: SSH2_MSG_NEWKEYS received
        debug1: SSH2_MSG_SERVICE_REQUEST sent
        debug2: service_accept: ssh-userauth
        debug1: SSH2_MSG_SERVICE_ACCEPT received
        debug2: key: C:\\id_cmf_mediatech (0x0)
        debug1: Authentications that can continue: publickey,gssapi-with-mic,password
        debug3: start over, passed a different list publickey,gssapi-with-mic,password
        debug3: preferred publickey,keyboard-interactive,password
        debug3: authmethod_lookup publickey
        debug3: remaining preferred: keyboard-interactive,password
        debug3: authmethod_is_enabled publickey
        debug1: Next authentication method: publickey
        debug1: Trying private key: C:\\id_cmf_mediatech
        debug1: read PEM private key done: type RSA
        debug3: sign_and_send_pubkey
        debug2: we sent a publickey packet, wait for reply
        debug1: Authentication succeeded (publickey).
        debug2: fd 4 setting O_NONBLOCK
        debug2: fd 5 setting O_NONBLOCK
        debug1: channel 0: new client-session
        debug3: ssh_session2_open: channel_new: 0
        debug2: channel 0: send open
        debug1: Entering interactive session.
        debug2: callback start
        debug2: ssh_session2_setup: id 0
        debug1: Sending subsystem: sftp-server
        debug2: channel 0: request subsystem
        debug2: callback done
        debug2: channel 0: open confirm rwindow 0 rmax 32768
        Request for subsystem 'sftp-server' failed on channel 0
        Connection closed


        If I don't put in the '-s sftp-server' switch the debug ends:


        debug1: Entering interactive session.
        debug2: callback start
        debug2: ssh_session2_setup: id 0
        debug1: Sending subsystem: sftp
        debug2: channel 0: request subsystem
        debug2: callback done
        debug2: channel 0: open confirm rwindow 0 rmax 32768
        Request for subsystem 'sftp' failed on channel 0
        Connection closed

        Any Thoughts?