in reply to transfer a file via SFTP

I get the same permission denied error, except line 62 instead of line 51 (perhaps different versions of Net::SFTP??), when username and/or password are incorrect.

On CentOS5 linux ssh logins are logged to /var/log/secure. On a failed login attempt with an invalid user I get entries like the following:

Jul 23 12:44:53 alula sshd[4911]: Invalid user frog from 127.0.0.1
Jul 23 12:44:53 alula sshd[4912]: input_userauth_request: invalid user
+ frog
Jul 23 12:44:53 alula sshd[4911]: pam_unix(sshd:auth): check pass; use
+r unknown
Jul 23 12:44:53 alula sshd[4911]: pam_unix(sshd:auth): authentication 
+failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=alula.home.local
Jul 23 12:44:53 alula sshd[4911]: pam_succeed_if(sshd:auth): error ret
+rieving information about user frog
Jul 23 12:44:55 alula sshd[4911]: Failed password for invalid user fro
+g from 127.0.0.1 port 34572 ssh2
Jul 23 12:44:55 alula sshd[4911]: pam_unix(sshd:auth): check pass; use
+r unknown
Jul 23 12:44:55 alula sshd[4911]: pam_succeed_if(sshd:auth): error ret
+rieving information about user frog
Jul 23 12:44:57 alula sshd[4911]: Failed password for invalid user fro
+g from 127.0.0.1 port 34572 ssh2
Jul 23 12:44:57 alula sshd[4911]: pam_unix(sshd:auth): check pass; use
+r unknown
Jul 23 12:44:57 alula sshd[4911]: pam_succeed_if(sshd:auth): error ret
+rieving information about user frog
Jul 23 12:44:59 alula sshd[4911]: Failed password for invalid user fro
+g from 127.0.0.1 port 34572 ssh2
Jul 23 12:44:59 alula sshd[4912]: Connection closed by 127.0.0.1
Jul 23 12:44:59 alula sshd[4911]: PAM 2 more authentication failures; 
+logname= uid=0 euid=0 tty=ssh ruser= rhost=alula.home.local

[download]

I had specified the non-existent user name 'frog' to Net::SFTP.

I suggest you review the logs on your ssh server to determine whether the user authentication is succeeding and the cause of any authentication failure.

update: Don't know what made me think the error message cc received was indicating line 51.

Replies are listed 'Best First'.
Re^2: transfer a file via SFTP
by cc (Beadle) on Jul 23, 2009 at 22:42 UTC
    THX, but still cannot find a solution for this problem.
    I've created my public and private keys using:
    # ssh-keygen -t rsa

    [download]
    and the public key id_rsa.pub from the client machine was installed on the sftp server.
    The user name is absolutely correct.
    I can login from the command line to this server and transfer a file without problems:
    # sftp  myuser@X.X.X.X
Connecting to X.X.X.X...
sftp> put TEST.txt
Uploading TEST.txt to /HOME/TEST.txt
TEST.txt                             100%   22     0.0KB/s   00:00
sftp> ls
TEST.txt
sftp> rm TEST.txt
Removing /HOME/TEST.txt
sftp> quit

    [download]
    I cannot understand why this perl script above doesn't work.
[reply]
[d/l]
[select]

      The ssh logs from your server should be very helpful in determining why permission is denied.

      You have generated an RSA key but Net::SSH::Perl, on which Net::SFTP is based, uses DSA by default. By default it appears to ignore RSA keys. The version I have also ignores ~/.ssh/identity, despite the documentation that this is one of the default identity files. Therefore, it appears necessary to specify an RSA identity file explicitly.

      I have done this with the following configuration:

      my %args = (ssh_args => { identity_files => [ "/home/username/.ssh/id_
+rsa" ], } );
$args{debug} = 1;
$args{user} = "username";

      [download]

      With the identity_files argument to Net::SSH::Perl specified, as above, the id_rsa file was read and authentication completed successfully.

      Alternatively, you can create a DSA identity file with ssh-keygen -t dsa. Net::SSH::Perl will use a DSA key named $ENV{HOME}/.ssh/id_dsa by default.

[reply]
[d/l]
        THX, I changed the script and now RSA authentication works, but the *.txt file won't be transfered. 
        #!/usr/bin/perl -w

use strict;
use warnings;

use File::Copy;
use File::Find;
use Net::Netrc;
use Net::SFTP;
use MIME::Lite;
use Getopt::Std;
use Mail::Sender;


my $file       = '/srv/*.txt';
my $server     = 'X.X.X.X';
my $user       = 'myuser';
my $sftp;
my %args       = ( ssh_args => { user            => 'myuser',

                                 identity_files  => [ '/home/.ssh/id_r
+sa' ],

                                 protocol        => '2,1',

                                 debug           => 1,

                               }

);

my $linux = "admin\@domain.net";
my $recipient1 = "recipient1\@domain.net";
my $recipient2 = "recipient2\@domain.net";
my $recipient3 = "recipient3\@domain.net>";


# write a log
BEGIN
{
use CGI::Carp qw(carpout);
my $errorlog = "/srv/logs/transferlog.txt";
open(LOG, ">$errorlog") or die("Unable to open $errorlog: $!\n");
print LOG "Errors:\n";
carpout(*LOG);
}

# create backup subfolder
my @dt = localtime;
my $subfolder_name = ((((1900 + $dt[5]) * 100 + 1 + $dt[4]) * 100 + $d
+t[3]) * 100 + $dt[2]) * 100 + $dt[1];
mkdir "/srv/OUT/$subfolder_name" or die "$subfolder_name: $!";


foreach my $file (</srv/*.txt>) {


# sftp file transfer
$sftp = Net::SFTP->new($server, %args) or die "could not open connecti
+on to $server\n";

$sftp->put($file, $file) or die "could not upload $file\n";


# move files to the backup directory
unless(move("$file", "/srv/OUT/$subfolder_name"))

{
               print STDERR "Oops!  Couldn't move the file: $!";
}

move "/srv/logs/transferlog.txt", "/srv/OUT/$subfolder_name";

               sleep (1 * 5)
}


# send a mail if transfer completed
my $sender = new Mail::Sender
  {smtp => 'localhost', from => $linux};
  $sender->MailFile({to => "$recipient1, $recipient2, $recipient3",
  subject => 'data transfer',
  msg => 'data transfer should be completed',
  file => "/srv/OUT/$subfolder_name/transferlog.txt"});

exit;

        [download]

        I'm getting these messages:
        cc: Reading configuration data /root/.ssh/config
cc: Reading configuration data /etc/ssh_config
cc: Allocated local port 1023.
cc: Connecting to X.X.X.X, port 22.
cc: Remote protocol version 2.0, remote software version 4.0.7.1 SSH S
+ecure Shell Windows NT Server

cc: Net::SSH::Perl Version 1.34, protocol version 2.0.
cc: No compat match: 4.0.7.1 SSH Secure Shell Windows NT Server
.
cc: Connection established.
cc: Sent key-exchange init (KEXINIT), wait response.
cc: Algorithms, c->s: 3des-cbc hmac-sha1 none
cc: Algorithms, s->c: 3des-cbc hmac-sha1 none
cc: Entering Diffie-Hellman Group 1 key exchange.
cc: Sent DH public key, waiting for reply.
cc: Received host key, type 'ssh-dss'.
cc: Host 'X.X.X.X' is known and matches the host key.
cc: Computing shared secret key.
cc: Verifying server signature.
cc: Waiting for NEWKEYS message.
cc: Send NEWKEYS.
cc: Enabling encryption/MAC/compression.
cc: Sending request for user-authentication service.
cc: Service accepted: ssh-userauth.
cc: Trying empty user-authentication request.
cc: Authentication methods that can continue: gssapi,publickey,passwor
+d.
cc: Next method to try is publickey.
cc: Trying pubkey authentication with key file '/home/.ssh/id_rsa'
cc: Login completed, opening dummy shell channel.
cc: channel 0: new [client-session]
cc: Requesting channel_open for channel 0.
cc: channel 0: open confirm rwindow 100000 rmax 16384
cc: channel 1: new [client-session]
cc: Requesting channel_open for channel 1.
cc: Sending subsystem: sftp
cc: Requesting service subsystem on channel 1.
cc: channel 1: open confirm rwindow 100000 rmax 16384
[Fri Jul 24 19:26:15 2009] cc.cgi: Couldn't get handle: Permission den
+ied at cc.cgi line 59
[Fri Jul 24 19:26:15 2009] cc.cgi: could not upload /srv/TEST.txt

        [download]

        Howto solve this problem?
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom