Page 1 of 3 123 LastLast
Results 1 to 10 of 22
  1. #1
    Join Date
    Apr 2014
    Posts
    18

    Default SFTP error code 103

    I found a thread on this forum (http://www.scootersoftware.com/vbull...2526-Error-103) that is the same symptoms as I'm getting.

    Version 4.0.3 (build 19420), installed yesterday.

    Code:
    1/9/2015 2:32:48 PM  Connecting to host.domain.com
    1/9/2015 2:32:48 PM  Server key [ssh-rsa 2040 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx]
    1/9/2015 2:32:48 PM  Authorization successful.
    1/9/2015 2:32:48 PM  Connection failed: Failed to establish SFTP connection (error code is 103)
    1/9/2015 2:32:48 PM  Connection closed.
    1/9/2015 2:32:48 PM  Unable to load sftp://user@host.domain.com/directory: Failed to establish SFTP connection (error code is 103)
    


    This connection used to work. It broke when we upgraded the openssl and sshd on our AIX box, which required a key regeneration. WinSCP has no trouble connecting to this box with the new key. Cygwin SSH and PuTTY also connect without any issues. Only BC4 has a problem. I'm using a saved PW. When I don't use the saved PW, and remove the cached key from BCProfiles.xml, I get the following:

    Code:
    1/9/2015 2:32:48 PM  Connecting to host.domain.com
    1/9/2015 2:32:48 PM  Server key [ssh-rsa 2040 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx]
    1/9/2015 2:48:37 PM  Public key agent authorization failed.
    1/9/2015 2:48:37 PM  Keyboard interactive authorization failed.
    
    (Enter PW here)
    Code:
    1/9/2015 2:48:52 PM  Connection closed.
    1/9/2015 2:48:52 PM  Connection failed: Connection lost (error code is 10058)
    
    I can probably do some more forensic examination if you tell me what you want to see.

    Thanks.
    Last edited by Phil.Barila; 09-Jan-2015 at 03:01 PM.

  2. #2
    Join Date
    Oct 2007
    Location
    Madison, WI
    Posts
    4,730

    Default

    Phil,

    I replied to the email you also sent. You can reply here in the forum or by email, whichever is most convenient.

    Copy of what I sent by email:

    We just determined today that we have a bug (#0005317) that makes SFTP connections with private keys fail, it appears specific to newer versions of openssl.

    In my testing, CentOS 5.11 with OpenSSL 4.3 worked with a private key, but CentOS 6.6 with OpenSSL 5.3 failed. We also had a customer report a failure with CentOS 7.

    What version of OpenSSH is on your AIX box? To display the version, run "ssh -V".
    Chris K Scooter Software

  3. #3
    Join Date
    Apr 2014
    Posts
    18

    Default

    Code:
    user@host ~
    $ ssh -V
    OpenSSH_6.0p1
    
    user@host ~
    $
    Anything else I can do?

  4. #4
    Join Date
    Oct 2007
    Location
    Madison, WI
    Posts
    11,918

    Default

    Hello,

    I'm afraid this may be related to a bug we found here:
    http://www.scootersoftware.com/vbull...n-EC2-and-mac)

    We're still narrowing down exactly which versions of OpenSSH are affected, and we're working on a fix (not in 4.0.4, just released).
    Aaron P Scooter Software

  5. #5
    Join Date
    Apr 2014
    Posts
    18

    Default

    I would guess it's related. I look forward to you sorting it out quickly and getting out a fix.

    Please ask if there's any additional forensics you'd like me to perform.

    Phil

  6. #6
    Join Date
    Oct 2007
    Location
    Madison, WI
    Posts
    4,730

    Default

    Phil,

    We just released Beyond Compare 4.0.5 with updated SSL support. Please let us know if it resolves your issue.

    To update, open "Help > Check for Updates" in BC or run the installer from our website and select "Upgrade" as the install type.
    Chris K Scooter Software

  7. #7
    Join Date
    Apr 2014
    Posts
    18

    Default

    I'm so very sorry to tell you that Version 4.0.5 (build 19480) fails with the same symptoms.

  8. #8
    Join Date
    Oct 2007
    Location
    Madison, WI
    Posts
    11,918

    Default

    Hello,

    Could you try regenerating a new key? Sometimes, we have seen issues with a specific key pair that causes odd problems. We also have a KB article to help generate and setup a key:
    http://www.scootersoftware.com/suppo...ftp_privatekey

    If you are following different steps, how do any deviate from the above guide?

    Also, we do still have a bug where a copy of the .pub file is needed on the client (bc4) machine in the same directory as the private key if you have a passphrase. This is a known issue we are still looking into; in the meantime, I suggest having the matching .pub alongside your private key.
    Aaron P Scooter Software

  9. #9
    Join Date
    Apr 2014
    Posts
    18

    Default

    We're using username/PW authentication. The only private key is on the server. The server's public key is cached, of course. Are you testing against this scenario?

    As noted above, Cygwin SSH, PuTTY, and WinSCP all connect with this server, using its key pair, just fine.

  10. #10
    Join Date
    Oct 2007
    Location
    Madison, WI
    Posts
    11,918

    Default

    Hello,

    Given that your setup works in other applications, it is likely we should be able to use it, too, and that we have a few kinks to still work out. 4.0.5 implemented a new major version of a helper library, and we tested against a variety of servers for increased support, but still have a few holes to fix.

    For general terminology, the expected setup is to use either a Username/Password or a Key Pair for connection. If both are defined, we use one first and if it fails fall back on the other. A Key Pair can be defined with a Passphrase, which prompts for a password but isn't the same authentication. So I would expect that you are using either Username/Password or a Key Pair (with an optional Passphrase).

    The guide I link to above has the steup instructions for the Key Pair. The Public (.pub) key is the key that is on the server, as other users could potentially access that system and find that key. It's added to the authorized_keys file. The private key is kept private on your client machine. When you connect, the client checks the public key on the server vs. the private key locally and tries to authenticate.

    For troubleshooting purposes, I'd recommend defining the BC FTP Profile to use either Username/Password *or* the Private key. This way, we can troubleshoot a specific connection method.

    If you generate a new key pair using the above article's steps, does this help? As I mentioned, we've seen an odd issue a couple times where BC has trouble with specific key pair files and regenerating the key can sometimes help.
    Aaron P Scooter Software

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •