Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi Team,
I'm trying to establish SFTP connection using tFTPConnection component and I'm using auth type is Public Key but getting error "Auth fail for methods 'publickey,gssapi-with-mic,password", but with the same host,port..... I'm able login in WinSCP and FilleZilla, so problem with component !
I run the job with debug and i get alos same informations :
tFTPConnection_1 - Start to work.
tFTPConnection_1 - Parameters:HOST = context.host_FTP | PORT = context.port_FTP | USER = context.user_FTP | SFTP = true | AUTH_METHOD = PUBLICKEY | PRIVATEKEY = context.Keyprivate_FTP | PASSPHRASE = enc:... | USE_ENCODING = false | USE_PROXY = false | CONNECTION_TIMEOUT = 0 | USE_STRICT_REPLY_PARSING = true | CONFIG_CLIENT = true | CLIENT_PARAMETERS = [{VALUE="ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256", PARAMETER="kex"}, {VALUE="ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256", PARAMETER="server_host_key"}, {VALUE="aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com", PARAMETER="cipher.s2c"}, {VALUE="aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com", PARAMETER="cipher.c2s"}, {VALUE="hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512", PARAMETER="mac.s2c"}, {VALUE="hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512", PARAMETER="mac.c2s"}] |
tFTPConnection_1 - SFTP authentication using a public key.
tFTPConnection_1 - Private key: 'C:/Users/XXXX/.ssh/login_cleprive.ppk'.
tFTPConnection_1 - Attempt to connect to 'xxx.xxx.xxx.x' with username 'login'.
Connecting to xxx.xxx.xxx.x port xxxx
Connection established
Remote version string: SSH-1.99-OpenSSH_3.9p1
Local version string: SSH-2.0-JSCH_0.2.1
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
CheckSignatures: ssh-ed25519,ssh-ed448
ssh-ed25519 is not available.
ssh-ed448 is not available.
server_host_key proposal before removing unavailable algos is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
server_host_key proposal after removing unavailable algos is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
kex: server: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
kex: server: ssh-rsa,ssh-dss
kex: server: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
kex: server: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
kex: server: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
kex: server: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
kex: server: none,zlib
kex: server: none,zlib
kex: server:
kex: server:
kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com
kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com
kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512
kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512
kex: client: none
kex: client: none
kex: client:
kex: client:
kex: algorithm: diffie-hellman-group14-sha1
kex: host key algorithm: ssh-rsa
kex: server->client cipher: aes128-ctr MAC: hmac-md5 compression: none
kex: client->server cipher: aes128-ctr MAC: hmac-md5 compression: none
SSH_MSG_KEXDH_INIT sent
expecting SSH_MSG_KEXDH_REPLY
ssh_rsa_verify: ssh-rsa signature true
Permanently added 'xxx.xxx.xxx.x' (RSA) to the list of known hosts.
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_SERVICE_ACCEPT received
Authentications that can continue: publickey,password,keyboard-interactive,gssapi-with-mic
Next authentication method: publickey
PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
Signature algorithms unavailable for non-agent identities = [ssh-ed25519, ssh-ed448]
No server-sig-algs found, using PubkeyAcceptedAlgorithms = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256]
rsa-sha2-512 preauth failure
rsa-sha2-256 preauth failure
Authentications that can continue: password,keyboard-interactive,gssapi-with-mic
Next authentication method: password
Authentications that can continue: gssapi-with-mic
Next authentication method: gssapi-with-mic
Disconnecting from xxx.xxx.xxx.x port xxxx
Could someone please have look into it. Please
Note : Even with tScpConnection i got the same problem, i'm using Talend v8.0.1 with the last version R2022-09, I also find this solution https://community.talend.com/s/article/Expanding-your-SFTP-security-algorithms?language=en_US but doesn't help me !!
Hello,
Finally the support send me this solution, i hope it gonna help others !
Steup 1 :
Steup 2 :
Upload the jar jsch-0.2.4.jar than uploaded in the tLibraryLoad
Steup 3 :
Add the following under tFTPConnection > Advanced settings > Config client
Hello Thanks for sharing back!
I think the library bump is not necessary.
If you think it is, then please use less tLibraryLoad and: https://help.talend.com/r/en-US/8.0/studio-user-guide/overriding-external-modules-by-customizing-mvn-uri (this basically lets you create a search:replace list that is applied with the pom generation. And in case you replace 0.1 with 0.2 but Talend adds 0.3 your job starts to use 0.3 unless you again replace 0.3 with 0.2 🙂
Hello,
Thanks for your suggestion @Balazs Gunics , i will do'it in my job
Best regards