cli sftp not using specified ssh key [closed]
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
Info:
[foo@mysql01 .ssh]$ cat /etc/centos-release ;pwd ;ls -al
CentOS release 6.9 (Final)
/home/foo/.ssh
total 20
drwx------ 2 foo foo 4096 Oct 3 11:00 .
drwx------ 3 foo foo 4096 Oct 3 11:09 ..
-rw------- 1 foo foo 3311 Oct 3 10:54 id_rsa-foo
-rw------- 1 foo foo 742 Oct 3 10:54 id_rsa-foo.pub
-rw-r--r-- 1 foo foo 403 Oct 3 10:55 known_hosts
Regular ssh works OK with key:
[foo@mysql01 .ssh]$ ssh -v bar@sftp01 -i ./id_rsa-foo
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
Last login: Tue Oct 3 10:58:21 2017 from 192.168.10.109
[bar@sftp01 ~]$
SFTP doesn't appear to use the key file I specify - trys all the defaults instead (similar behavior on Mac OSX):
[foo@mysql01 .ssh]$ sftp -v bar@sftp01 -oIdentityFile=./id_rsa-foo
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Trying private key: /home/foo/.ssh/id_rsa
debug1: Trying private key: /home/foo/.ssh/id_dsa
debug1: Trying private key: /home/foo/.ssh/id_ecdsa
debug1: Next authentication method: password
bar@sftp01's password:
Note: sftp works OK if I rename the keys to a default (like "id_rsa" & "id_rsa.pub"), but I'm trying to avoid that.
linux osx sftp
asked Oct 3 '17 at 16:15
Zell
2026
closed as off-topic by Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur Oct 8 '17 at 18:23
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur
add a comment |Â
up vote
0
down vote
favorite
Info:
[foo@mysql01 .ssh]$ cat /etc/centos-release ;pwd ;ls -al
CentOS release 6.9 (Final)
/home/foo/.ssh
total 20
drwx------ 2 foo foo 4096 Oct 3 11:00 .
drwx------ 3 foo foo 4096 Oct 3 11:09 ..
-rw------- 1 foo foo 3311 Oct 3 10:54 id_rsa-foo
-rw------- 1 foo foo 742 Oct 3 10:54 id_rsa-foo.pub
-rw-r--r-- 1 foo foo 403 Oct 3 10:55 known_hosts
Regular ssh works OK with key:
[foo@mysql01 .ssh]$ ssh -v bar@sftp01 -i ./id_rsa-foo
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
Last login: Tue Oct 3 10:58:21 2017 from 192.168.10.109
[bar@sftp01 ~]$
SFTP doesn't appear to use the key file I specify - trys all the defaults instead (similar behavior on Mac OSX):
[foo@mysql01 .ssh]$ sftp -v bar@sftp01 -oIdentityFile=./id_rsa-foo
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Trying private key: /home/foo/.ssh/id_rsa
debug1: Trying private key: /home/foo/.ssh/id_dsa
debug1: Trying private key: /home/foo/.ssh/id_ecdsa
debug1: Next authentication method: password
bar@sftp01's password:
Note: sftp works OK if I rename the keys to a default (like "id_rsa" & "id_rsa.pub"), but I'm trying to avoid that.
linux osx sftp
asked Oct 3 '17 at 16:15
Zell
2026
closed as off-topic by Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur Oct 8 '17 at 18:23
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur
what are the permissions ofid_rsa-foo?
– DopeGhoti
Oct 3 '17 at 16:36
Does anything change if you use the full path instead of./id_rsa-foo?
– SatÅ Katsura
Oct 3 '17 at 17:32
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
1
Does anything change if you movebar@sftp01at the end of the command line, after all options?
– SatÅ Katsura
Oct 3 '17 at 18:02
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Info:
[foo@mysql01 .ssh]$ cat /etc/centos-release ;pwd ;ls -al
CentOS release 6.9 (Final)
/home/foo/.ssh
total 20
drwx------ 2 foo foo 4096 Oct 3 11:00 .
drwx------ 3 foo foo 4096 Oct 3 11:09 ..
-rw------- 1 foo foo 3311 Oct 3 10:54 id_rsa-foo
-rw------- 1 foo foo 742 Oct 3 10:54 id_rsa-foo.pub
-rw-r--r-- 1 foo foo 403 Oct 3 10:55 known_hosts
Regular ssh works OK with key:
[foo@mysql01 .ssh]$ ssh -v bar@sftp01 -i ./id_rsa-foo
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
Last login: Tue Oct 3 10:58:21 2017 from 192.168.10.109
[bar@sftp01 ~]$
SFTP doesn't appear to use the key file I specify - trys all the defaults instead (similar behavior on Mac OSX):
[foo@mysql01 .ssh]$ sftp -v bar@sftp01 -oIdentityFile=./id_rsa-foo
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Trying private key: /home/foo/.ssh/id_rsa
debug1: Trying private key: /home/foo/.ssh/id_dsa
debug1: Trying private key: /home/foo/.ssh/id_ecdsa
debug1: Next authentication method: password
bar@sftp01's password:
Note: sftp works OK if I rename the keys to a default (like "id_rsa" & "id_rsa.pub"), but I'm trying to avoid that.
linux osx sftp
asked Oct 3 '17 at 16:15
Zell
2026
Info:
[foo@mysql01 .ssh]$ cat /etc/centos-release ;pwd ;ls -al
CentOS release 6.9 (Final)
/home/foo/.ssh
total 20
drwx------ 2 foo foo 4096 Oct 3 11:00 .
drwx------ 3 foo foo 4096 Oct 3 11:09 ..
-rw------- 1 foo foo 3311 Oct 3 10:54 id_rsa-foo
-rw------- 1 foo foo 742 Oct 3 10:54 id_rsa-foo.pub
-rw-r--r-- 1 foo foo 403 Oct 3 10:55 known_hosts
Regular ssh works OK with key:
[foo@mysql01 .ssh]$ ssh -v bar@sftp01 -i ./id_rsa-foo
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
Last login: Tue Oct 3 10:58:21 2017 from 192.168.10.109
[bar@sftp01 ~]$
SFTP doesn't appear to use the key file I specify - trys all the defaults instead (similar behavior on Mac OSX):
[foo@mysql01 .ssh]$ sftp -v bar@sftp01 -oIdentityFile=./id_rsa-foo
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Trying private key: /home/foo/.ssh/id_rsa
debug1: Trying private key: /home/foo/.ssh/id_dsa
debug1: Trying private key: /home/foo/.ssh/id_ecdsa
debug1: Next authentication method: password
bar@sftp01's password:
Note: sftp works OK if I rename the keys to a default (like "id_rsa" & "id_rsa.pub"), but I'm trying to avoid that.
linux osx sftp
linux osx sftp
asked Oct 3 '17 at 16:15
Zell
2026
asked Oct 3 '17 at 16:15
Zell
2026
asked Oct 3 '17 at 16:15
Zell
2026
asked Oct 3 '17 at 16:15
Zell
2026
asked Oct 3 '17 at 16:15
Zell
2026
2026
closed as off-topic by Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur Oct 8 '17 at 18:23
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur
closed as off-topic by Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur Oct 8 '17 at 18:23
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, Anthon, sebasth, Stephen Rauch, Shadur
what are the permissions ofid_rsa-foo?
– DopeGhoti
Oct 3 '17 at 16:36
Does anything change if you use the full path instead of./id_rsa-foo?
– SatÅ Katsura
Oct 3 '17 at 17:32
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
1
Does anything change if you movebar@sftp01at the end of the command line, after all options?
– SatÅ Katsura
Oct 3 '17 at 18:02
add a comment |Â
what are the permissions ofid_rsa-foo?
– DopeGhoti
Oct 3 '17 at 16:36
Does anything change if you use the full path instead of./id_rsa-foo?
– SatÅ Katsura
Oct 3 '17 at 17:32
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
1
Does anything change if you movebar@sftp01at the end of the command line, after all options?
– SatÅ Katsura
Oct 3 '17 at 18:02
what are the permissions of
id_rsa-foo?– DopeGhoti
Oct 3 '17 at 16:36
what are the permissions of
id_rsa-foo?– DopeGhoti
Oct 3 '17 at 16:36
Does anything change if you use the full path instead of
./id_rsa-foo?– SatÅ Katsura
Oct 3 '17 at 17:32
Does anything change if you use the full path instead of
./id_rsa-foo?– SatÅ Katsura
Oct 3 '17 at 17:32
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
1
1
Does anything change if you move
bar@sftp01 at the end of the command line, after all options?– SatÅ Katsura
Oct 3 '17 at 18:02
Does anything change if you move
bar@sftp01 at the end of the command line, after all options?– SatÅ Katsura
Oct 3 '17 at 18:02
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
@sato_katsura
You're right! I had to move the arguments around (weird):
[foo@mysql01 .ssh]$ sftp -v -oIdentityFile=./id_rsa-foo bar@sftp01
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending subsystem: sftp
sftp>
answered Oct 3 '17 at 22:01
Zell
2026
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
@sato_katsura
You're right! I had to move the arguments around (weird):
[foo@mysql01 .ssh]$ sftp -v -oIdentityFile=./id_rsa-foo bar@sftp01
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending subsystem: sftp
sftp>
answered Oct 3 '17 at 22:01
Zell
2026
add a comment |Â
up vote
0
down vote
accepted
@sato_katsura
You're right! I had to move the arguments around (weird):
[foo@mysql01 .ssh]$ sftp -v -oIdentityFile=./id_rsa-foo bar@sftp01
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending subsystem: sftp
sftp>
answered Oct 3 '17 at 22:01
Zell
2026
add a comment |Â
up vote
0
down vote
accepted
up vote
0
down vote
accepted
@sato_katsura
You're right! I had to move the arguments around (weird):
[foo@mysql01 .ssh]$ sftp -v -oIdentityFile=./id_rsa-foo bar@sftp01
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending subsystem: sftp
sftp>
answered Oct 3 '17 at 22:01
Zell
2026
@sato_katsura
You're right! I had to move the arguments around (weird):
[foo@mysql01 .ssh]$ sftp -v -oIdentityFile=./id_rsa-foo bar@sftp01
Connecting to sftp01...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sftp01 [192.168.10.104] port 22.
debug1: Connection established.
debug1: identity file ./id_rsa-foo type 1
debug1: identity file ./id_rsa-foo-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sftp01' is known and matches the RSA host key.
debug1: Found key in /home/foo/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Next authentication method: publickey
debug1: Offering public key: ./id_rsa-foo
debug1: Server accepts key: pkalg ssh-rsa blen 533
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key './id_rsa-foo':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending subsystem: sftp
sftp>
answered Oct 3 '17 at 22:01
Zell
2026
answered Oct 3 '17 at 22:01
Zell
2026
answered Oct 3 '17 at 22:01
Zell
2026
answered Oct 3 '17 at 22:01
Zell
2026
2026
add a comment |Â
add a comment |Â
what are the permissions of
id_rsa-foo?– DopeGhoti
Oct 3 '17 at 16:36
Does anything change if you use the full path instead of
./id_rsa-foo?– SatÅ Katsura
Oct 3 '17 at 17:32
permissions: 600 for both keys
– Zell
Oct 3 '17 at 17:49
I tried the full path also: /home/foo/.ssh/id_rsa-foo (same behavior)
– Zell
Oct 3 '17 at 17:50
1
Does anything change if you move
bar@sftp01at the end of the command line, after all options?– SatÅ Katsura
Oct 3 '17 at 18:02