EldoS | Feel safer!

Software components for data protection, secure storage and transfer

new to sftp and secureblackbox

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#10811
Posted: 08/18/2009 14:24:56
by Joe Pettit (Standard support level)
Joined: 08/18/2009
Posts: 7

I have on older Delphi app that used Delphi 7 and Indy FTP components that I need to update. My clients have recently changed their FTP site to use vsftpd and openssh. My app is required to connect to the new site via sftp. I am not an expert in SFTP or Secureblackbox but I am trying to get a test app out to the client asap, I have been playing with the sample "simplesftpdemo" and I am confused by what I should use for some of the properties such as authentication type and private key. This is the information the client has provided me with so far : (this info was based on the client connecting to the vsftp server with filezilla) - "verify that you have the connections set to either SSH or FTPES – FTP over explicit TLS/SSL and that you have the IP set to 11.1.111.11 port 22 and a host file entry set to: 11.1.111.11 ftps.xxxxx.com".
Any help would be greatly appreciated.
Thanks, Joe
#10812
Posted: 08/18/2009 14:46:52
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. By default SFTP servers requires user login and corresponding password to allow connection, and this login/password should be provided by your client (along with server's ip and so on). Or, server can require public-key authentication which needs your private key.
So please describe your problem in more details : you have a login and password, but SimpleSFTP demo cannot connect (but Filezilla does), or ...?
#10827
Posted: 08/19/2009 10:56:07
by Joe Pettit (Standard support level)
Joined: 08/18/2009
Posts: 7

I have a valid user name and password. When the client connects to the vsftp site through filezilla they seem to just specify the user name and password and then they connect to the site. When I try and connect to the site via the simpleftp demo app, I specify the user name and password, I leavie the "private key file" field blank and hit ok.
The message log says "connecting to 11.1.1.1.1" and server key [zzzzz] received.
Then I get a prompt dialog with a caption of "keyboard authentication", prompting for a password- so I have the client reenter the same password again.
the log then says : "Auth type [16] failed" ; "Error 114" ; "SFTP connection failed with mesage erro : 10058" ; Sever software openssh_5.1"
This is all pretty new to me. Would like to connect without having to reenter password - which may mean just setting the authentication type correctly - but not sure what to do at this point.
#10828
Posted: 08/19/2009 11:08:25
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Please check if you are entering username with valid case (i.e. Joe instead of joe). I just checked such issue on other OpenSSH server, and it doesn't allow keyboard-interactive auth with first uppercase letter.
#10830
Posted: 08/19/2009 14:12:36
by Joe Pettit (Standard support level)
Joined: 08/18/2009
Posts: 7

I checked and the case of the username and password are all lower case so that seems ok. I changed the authentication type to "SSH_AUTH_TYPE_PASSWORD", I did this because as I said the client is able to access the vsftp site with filezilla just by entering the username and password.
When I run the app now I still get "Auth failed Error 114" ; "SFTP connection failed with mesage erro : 10058" ; Sever software openssh_5.1"
#10831
Posted: 08/19/2009 15:52:35
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

As I see, vsftp is the FTP (FTPS) server, but you are trying SFTP and OpenSSH server. So, maybe they require different credentials? And, again, can you connect to that OpenSSH server via FileZilla SFTP client (not FTPS) with login and password you are trying with SimpleSftp demo?
#10843
Posted: 08/20/2009 14:02:46
by Joe Pettit (Standard support level)
Joined: 08/18/2009
Posts: 7

I am just starting to learn about vsftp and sftp. I just purchased secureblackbox client edition and based on all the settings in the "ElSimpleSftpClient" component this is more complicated than I expected. So it is somewhat understandable that I am struggling but I am surprised that I can't connect to the vsftp server even using the simplesftpdemo that comes with the system. Here is what I was told : “we will be using vsftpd and openssh as the server software. Client software will be required to connect via sftp”. I am writing the "client software" peice described above. When I run the simpledemo app I can't even connect to the server. Here is the information in the log "connecting to xxx" ; "server key [adfafd...] received" ; "Auth type [4] failed" ; "Error 114" ; "SFTP connection failed with message error 10058"
I have researched error 114 abd I have used different "authorization types" and I have tried turning compression algorithms off ... I have tried all the suggested remedies and I can't get it to work. At this point don't even know what to try next. Was led to believe this would be rather simple.
#10845
Posted: 08/20/2009 14:35:44
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

If it shows 'auth type 16(4) failed', it means, that really server tells about authentication failure, i.e. you are providing invalid username/password.
You can ask server's administrator to check sshd logs, or about the auth configuration.
Also, if it is possible to open a testing account on that server, you can open helpdesk ticket and post account details there to let us test the connection from our side.
#10846
Posted: 08/20/2009 15:56:12
by Joe Pettit (Standard support level)
Joined: 08/18/2009
Posts: 7

Something intersting ... i think. The provider of the vsftp site looked at the server log files and he could see when my client connected to the site with filezilla but he said he has no log entries showing an attempt to connect to the server by the simplesftpdemo program (we know this based on times). THe simplesftpdemo log shows the lines "Connecting to 11.1.111.11" ; "Server key [112222...] received". What does this mean is really happenning? I was assuming that this key was sent back from the server. I would think the log would show that someone tried to connect.
#10847
Posted: 08/20/2009 16:04:00
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

It means, that initial SSH handshake was made successfully, but after there was a problem during user authentication. However, server should also log invalid auth attempt.
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 8983 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!