I am trying to move files into an SFTP server at 8001 port using code and not just GUI and command line tools. FileZilla, sftp CLI in Windows and Linux works just fine. But somehow the Python code or Java Script code I write fails to connect.
paramiko - SSHException: Negotiation failed.
When I looked at the known_hosts file in Windows saving public host key during initial sign in using FileZilla, I see that an ecdsa-sha2-nistp384 key and for host [xxx.xxxxxxx.com]:8001 is being created. There is also an ssh-rsa key for the same host.
I tried various ways to troubleshoot with Stack Overflow
added ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
I do not have access to the SFTP server. They just gave me username, password, host and port.
Should I ask them to whitelist my IP as suggested here?
"Could not authenticate with username and password" when trying to connect with SFTP
Because it's similar to that situation where I am able to connect with FileZilla and all other tools but not with code or script.
But I dont understand the logic behind that (because I am a beginner) since I am using FileZilla from my PC and am totally able to connect.
Paramiko Code ==>
import paramiko
from paramiko import client, sftp_client
host = "xxx.xxxxxx.com"
port = 8001
user = "xxxx"
password = "xxxxxxxx"
class SFTP:
sftp: sftp_client.SFTPClient
ssh: client.SSHClient
host: str
user: str
password: str
def __init__(self, host: str, user: str, password: str):
self.host = host
self.user = user
self.password = password
def __enter__(self) -> sftp_client.SFTPClient:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(self.host,8001, username=self.user, password=self.password)
self.ssh = ssh
sftp = ssh.open_sftp()
self.sftp = sftp
return sftp
def __exit__(self, exc, _, __) -> bool:
if exc is None:
self.sftp.close()
self.ssh.close()
return True
raise exc
with SFTP(host, user, password) as sftp:
print("Connected to SFTP")
Output :
SSHException Traceback (most recent call last)
Cell In[5], line 1
----> 1 with SFTP(host, user, password) as sftp:
2 print("Connected to SFTP")
Cell In[4], line 24, in SFTP.__enter__(self)
22 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
23 # print(ssh.load_host_keys().keys())
---> 24 ssh.connect(self.host,8001, username=self.user, password=self.password)
25 self.ssh = ssh
27 sftp = ssh.open_sftp()
File ~\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\paramiko\client.py:451, in SSHClient.connect(self, hostname, port, username, password, pkey, key_filename, timeout, allow_agent, look_for_keys, compress, sock, gss_auth, gss_kex, gss_deleg_creds, gss_host, banner_timeout, auth_timeout, channel_timeout, gss_trust_dns, passphrase, disabled_algorithms, transport_factory, auth_strategy)
448 other_types = [x for x in sec_opts.key_types if x != keytype]
449 sec_opts.key_types = [keytype] + other_types
--> 451 t.start_client(timeout=timeout)
453 # If GSS-API Key Exchange is performed we are not required to check the
454 # host key, because the host is authenticated via GSS-API / SSPI as
455 # well as our client.
456 if not self._transport.gss_kex_used:
File ~\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\paramiko\transport.py:723, in Transport.start_client(self, event, timeout)
721 if e is not None:
722 raise e
...
725 timeout is not None and time.time() >= max_time
726 ):
727 break
SSHException: Negotiation failed.
I tried pysftp code from
Paramiko/pysftp connection fails with "Negotiation failed/invalid DH value", however GUIs and sftp connects
To get same negotiation failed with pysftp.CnOpts log output as
DEB [20230914-09:57:50.277] thr=1 paramiko.transport: starting thread (client mode): 0x10143f70
DEB [20230914-09:57:50.281] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_3.3.1
DEB [20230914-09:57:50.290] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-8.43 FlowSsh: Bitvise SSH Server (WinSSHD) 8.43
INF [20230914-09:57:50.290] thr=1 paramiko.transport: Connected (version 2.0, client 8.43)
INF [20230914-09:57:50.293] thr=1 paramiko.transport: Disconnect (code 11): Client software or version not permitted.
This comes from the server:
Client software or version not permitted
We cannot help you with that. You have to ask the server administrator to allow your client (Paramiko).
You can of course fake different "version string" using Transport.local_version (it defaults to SSH-2.0-paramiko_<version>).