Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Introducing a new Enhanced File Management feature in Qlik Cloud! GET THE DETAILS!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
E7M-A
Contributor II
Contributor II
‎2022-10-14 05:47 AM

tFTPConnection - Auth fail for methods 'publickey,gssapi-with-mic,password

Hi Team,

I'm trying to establish SFTP connection using tFTPConnection component and I'm using auth type is Public Key but getting error "Auth fail for methods 'publickey,gssapi-with-mic,password", but with the same host,port..... I'm able login in WinSCP and FilleZilla, so problem with component !

I run the job with debug and i get alos same informations :

 tFTPConnection_1 - Start to work.

 tFTPConnection_1 - Parameters:HOST = context.host_FTP | PORT = context.port_FTP | USER = context.user_FTP | SFTP = true | AUTH_METHOD = PUBLICKEY | PRIVATEKEY = context.Keyprivate_FTP | PASSPHRASE = enc:... | USE_ENCODING = false | USE_PROXY = false | CONNECTION_TIMEOUT = 0 | USE_STRICT_REPLY_PARSING = true | CONFIG_CLIENT = true | CLIENT_PARAMETERS = [{VALUE="ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256", PARAMETER="kex"}, {VALUE="ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256", PARAMETER="server_host_key"}, {VALUE="aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com", PARAMETER="cipher.s2c"}, {VALUE="aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com", PARAMETER="cipher.c2s"}, {VALUE="hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512", PARAMETER="mac.s2c"}, {VALUE="hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512", PARAMETER="mac.c2s"}] | 

 tFTPConnection_1 - SFTP authentication using a public key.

 tFTPConnection_1 - Private key: 'C:/Users/XXXX/.ssh/login_cleprive.ppk'.

 tFTPConnection_1 - Attempt to connect to 'xxx.xxx.xxx.x' with username 'login'.

 Connecting to xxx.xxx.xxx.x port xxxx

 Connection established

 Remote version string: SSH-1.99-OpenSSH_3.9p1

 Local version string: SSH-2.0-JSCH_0.2.1

 CheckCiphers: chacha20-poly1305@openssh.com

 CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512

 CheckSignatures: ssh-ed25519,ssh-ed448

 ssh-ed25519 is not available.

 ssh-ed448 is not available.

 server_host_key proposal before removing unavailable algos is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 server_host_key proposal after removing unavailable algos is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 SSH_MSG_KEXINIT sent

 SSH_MSG_KEXINIT received

 kex: server: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

 kex: server: ssh-rsa,ssh-dss

 kex: server: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr

 kex: server: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr

 kex: server: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

 kex: server: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

 kex: server: none,zlib

 kex: server: none,zlib

 kex: server: 

 kex: server: 

 kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c

 kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com

 kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com

 kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512

 kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512

 kex: client: none

 kex: client: none

 kex: client: 

 kex: client: 

 kex: algorithm: diffie-hellman-group14-sha1

 kex: host key algorithm: ssh-rsa

 kex: server->client cipher: aes128-ctr MAC: hmac-md5 compression: none

 kex: client->server cipher: aes128-ctr MAC: hmac-md5 compression: none

 SSH_MSG_KEXDH_INIT sent

 expecting SSH_MSG_KEXDH_REPLY

 ssh_rsa_verify: ssh-rsa signature true

 Permanently added 'xxx.xxx.xxx.x' (RSA) to the list of known hosts.

 SSH_MSG_NEWKEYS sent

 SSH_MSG_NEWKEYS received

 SSH_MSG_SERVICE_REQUEST sent

 SSH_MSG_SERVICE_ACCEPT received

 Authentications that can continue: publickey,password,keyboard-interactive,gssapi-with-mic

 Next authentication method: publickey

 PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

 Signature algorithms unavailable for non-agent identities = [ssh-ed25519, ssh-ed448]

 No server-sig-algs found, using PubkeyAcceptedAlgorithms = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256]

 rsa-sha2-512 preauth failure

 rsa-sha2-256 preauth failure

 Authentications that can continue: password,keyboard-interactive,gssapi-with-mic

 Next authentication method: password

 Authentications that can continue: gssapi-with-mic

 Next authentication method: gssapi-with-mic

 Disconnecting from xxx.xxx.xxx.x port xxxx

Could someone please have look into it. Please 

Note : Even with tScpConnection i got the same problem, i'm using Talend v8.0.1 with the last version R2022-09, I also find this solution https://community.talend.com/s/article/Expanding-your-SFTP-security-algorithms?language=en_US but doesn't help me !! 

Labels (3)
Labels
1,758 Views
0 Likes
12 Replies
E7M-A
Contributor II
Contributor II
‎2023-01-12 06:01 AM
Author

Hello,

 

Finally the support send me this solution, i hope it gonna help others !

 

Steup 1 :

 

0695b00000bGyMvAAK.png 

Steup 2 :

 

Upload the jar jsch-0.2.4.jar than uploaded in the tLibraryLoad0695b00000bGyN5AAK.png 

Steup 3 :

 

Add the following under tFTPConnection > Advanced settings > Config client

 

0695b00000bGyNyAAK.png

 

 

 

 

 

209 Views
0 Likes
Anonymous
Not applicable
‎2023-01-12 04:52 PM

In response to E7M-A

Hello Thanks for sharing back!

I think the library bump is not necessary.

If you think it is, then please use less tLibraryLoad and: https://help.talend.com/r/en-US/8.0/studio-user-guide/overriding-external-modules-by-customizing-mvn-uri (this basically lets you create a search:replace list that is applied with the pom generation. And in case you replace 0.1 with 0.2 but Talend adds 0.3 your job starts to use 0.3 unless you again replace 0.3 with 0.2 🙂

209 Views
0 Likes
E7M-A
Contributor II
Contributor II
‎2023-01-13 10:00 AM
Author

Hello,

 

Thanks for your suggestion @Balazs Gunics​ , i will do'it in my job

 

Best regards

209 Views
0 Likes