SFTP simple password authentication did not connect

Help and Support
1

First of all, huge kudos for creating rclone. It has worked very well with Google Drive and project has a lot of potential!

I use an SFTP servers a lot. There are SFTP servers, where the keys are not setup.
When I try to connect to those, the rclone connection always fails. While common sftp connection still works.

So is there a strategic policy, that rclone should not work with sftp servers simply with a password and without any keys (ssh-agents or specifying a key file), or is there something else?

I have tried this on three different hosts, which all have a different version of rclone (1.38, 1.39 and 1.40 (latest beta from 29.3.2018)).

Error is: “Failed to create file system for “******:”: NewFs: couldn’t connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain”

2

:smiley:

rclone definitely works with a username and password with sftp. Did you set one in the config?

It should look something like this

[sftpp]
type = sftp
host = example.com
user = sftptest
port = 
pass = *** ENCRYPTED ***

That works for me.

Can you post the output when running with -vv?

3

It has basically the same output:
2018/04/01 06:28:03 DEBUG : Using config file from “/home/******/.config/rclone/rclone.conf”
2018/04/01 06:28:03 DEBUG : rclone: Version “v1.38” starting with parameters [“rclone” “-vv” “lsd” “localhost_sftp:”]
2018/04/01 06:28:03 Failed to create file system for “localhost_sftp:”: NewFs: couldn’t connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain

Config:

[localhost_sftp]
host = localhost
user = **********
port =
pass = *** ENCRYPTED ***
key_file =

And with common sftp:
$ sftp *******@localhost
Password:
Connected to localhost.
sftp>

As I haven’t ever touched Go, I didn’t want to dig into code.

4

And I also tried (in beta client) with this config: “use_insecure_cipher = true”
But no change.

5

Strange! Which SFTP server are you using?

The no supported methods is a bit strange.

Can you try unsetting all the SSH environment variables and see if that makes a difference so your SSH agent is out of the picture.

6

There are multiple versions of OpenSSH.

OpenSSH_7.3p1-hpn14v11
OpenSSH_7.5p1-hpn14v12lpk

In test environment, there is no SSH agent used, so only SSH* var is:
SSH_ASKPASS=/usr/bin/ksshaskpass

7

I’ve tested the same thing with my ubuntu laptop 1:7.5p1-10ubuntu0.1, with fedora 27 7.5p1-5.fc27.x86_64 and with centos 7 7.4p1-13.el7_4.x86_64.

The first two didn’t exhibit the problem, but centos 7 did

[centos@centos-test ~]$ rclone lsf sftpp:
2018/04/01 15:37:12 Failed to create file system for "sftpp:": NewFs: couldn't connect SSH: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain

So I tried the sftp command and it worked (but didn’t prompt for a password)

[centos@centos-test ~]$ sftp centos@localhost
Connected to localhost.
sftp> ^D

I then unset the SSH variables and it no longer worked, indicating that Centos 7 only allows login with key.

[centos@centos-test ~]$ unset SSH_AUTH_SOCK
[centos@centos-test ~]$ unset SSH_CONNECTION
[centos@centos-test ~]$ sftp centos@localhost
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Couldn't read packet: Connection reset by peer

So I don’t think I’ve managed to replicate your problem :frowning:

Can you just double check you weren’t trying sftp with the SSH* env vars?

It must be something about the setup of your servers. Can you tell me more about them?

(I did those tests with the latest beta BTW)

8

Actually, problem was exactly what error message says. password authentication is not enabled.
Changing conf with “PasswordAuthentication yes”, changed the situation. :slight_smile:
Didn’t come to think of this, because on these servers it used keyboard-interactive, but it wasn’t actually setup with OTP, but just simple password auth using the keyboard-interactive and I have always disabled the password authentication in those servers.

So once again, problem was between the chair and keyboard. :wink:

Thanks for pointing me to correct direction.

9

No worries, and glad you got it working in the end!