Re^7: sftp->do_write howto?

Of course! How foolish of me... all we needed was debugging enabled ;-)

You're remote SSH server is *probably* not accepting cleartext password tunneling. In other words, its /etc/ssh/sshd_config is saying something like:

PasswordAuthentication no
[download]

And that's what's causing (my) error when trying to use a username and password for authentication. When I changed it to yes, and restarted the remote SSH server, the scripts works, because debugging now said:

wolf: Sending request for user-authentication service.
wolf: Service accepted: ssh-userauth.
wolf: Trying empty user-authentication request.
wolf: Authentication methods that can continue: publickey,password,keyboard-interactive.

Where it used to be (with PasswordAuthentication no):

wolf: Sending request for user-authentication service.
wolf: Service accepted: ssh-userauth.
wolf: Trying empty user-authentication request.
wolf: Authentication methods that can continue: publickey,keyboard-interactive.

So the above debugging says that the remote SSH server only accepts ssh keys or a keyboard interactive password..

My advise is: create an ssh-key for the user that runs your script, and add the public key of that user to the authorized_keys file of your remote user. This is more secure than enabling clear text password tunneling ;-)

HTH

to ask a question is a moment of shame
to remain ignorant is a lifelong shame

Comment on Re^7: sftp->do_write howto? Select or Download Code

Replies are listed 'Best First'.
Re^8: sftp->do_write howto? by chrism01 (Friar) on Sep 30, 2005 at 02:08 UTC
Wolf, That's extremely enlightening and probably correct. The line in the config file is commented out, but I suspect it defaults to no (it's a BSD box). I certainly get the response you mentioned for 'no' when I added the debugging. It's been decided however that due to the low value of the info and multi-layer security (it's entirely an internal system) that we really don't need to take this any further. I'll certainly try and remember it for future ref though(!) I didn't realise there was a diff between interactive passwd and via a script. I assumed it'd use the same encryption/checking... wrong.. :-( Thx again Chris PS: how's your Net::SNMP? See my node 495954.	[reply]
Re^9: sftp->do_write howto? by insaniac (Friar) on Sep 30, 2005 at 09:04 UTC
wolf is just the name of my laptop ;-) I've replied your Net::SNMP node, hope it helps... Cheers mate.. to ask a question is a moment of shame to remain ignorant is a lifelong shame	[reply]