I am able to run the java program to connect to SFTP from my local application.
this.host = host;
this.port = port;
this.username = username;
this.jsch = new JSch();
LOGGER.debug("Before calling addIdentity");
this.jsch.addIdentity(privatekey);
LOGGER.debug(String.format("Connecting to SFTP serveur : host : %s \\\\ user : %s", this.host, this.username));
this.session = jsch.getSession(username, host, port);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
config.put("PreferredAuthentications", "publickey");
session.setConfig(config);
session.connect();
LOGGER.info("Session is connected");
this.channel = (ChannelSftp) session.openChannel("sftp");
channel.connect();
However , trying to run the same program in windows server gives the issue as : Auth fail for methods 'publickey'
My application is deployed in Azure app service and from the console in App Service , I am able to connect to SFTP
I checked the privatekey file , path with sftp -o StrictHostKeyChecking=no -i myprivatekey.pem username@hostname.sd.com and able to connect to SFTP
I am clueless about the issue. Any help would be appreciated .
Console: 1: logzio log (via code) :
Please find the Jsch logs:
INFO: Connecting to ft0002.swee.com port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-AWS_SFTP_1.1
INFO: Local version string: SSH-2.0-JSCH_0.2.19
INFO: CheckCiphers: chacha20-poly1305@openssh.com
INFO: CheckKexes: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
INFO: sntrup761x25519-sha512@openssh.com is not available.
DEBUG: kex proposal before removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
DEBUG: kex proposal after removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
INFO: CheckSignatures: ssh-ed25519,ssh-ed448
DEBUG: server_host_key proposal before known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
DEBUG: server_host_key proposal after known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: server proposal: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
INFO: server proposal: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa
INFO: server proposal: ciphers c2s: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: server proposal: ciphers s2c: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: server proposal: MACs c2s: umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
INFO: server proposal: MACs s2c: umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
INFO: server proposal: compression c2s: none,zlib@openssh.com
INFO: server proposal: compression s2c: none,zlib@openssh.com
INFO: server proposal: languages c2s:
INFO: server proposal: languages s2c:
INFO: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
INFO: client proposal: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: compression c2s: none
INFO: client proposal: compression s2c: none
INFO: client proposal: languages c2s:
INFO: client proposal: languages s2c:
INFO: kex: algorithm: ecdh-sha2-nistp256
INFO: kex: host key algorithm: rsa-sha2-512
INFO: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: SSH_MSG_KEX_ECDH_INIT sent
INFO: expecting SSH_MSG_KEX_ECDH_REPLY
INFO: ssh_rsa_verify: rsa-sha2-512 signature true
WARN: Permanently added 'ft0002.swee.com' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_EXT_INFO received
INFO: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: publickey
INFO: Next authentication method: publickey
DEBUG: PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
DEBUG: PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256]
DEBUG: rsa-sha2-512 preauth failure
DEBUG: rsa-sha2-256 preauth failure
I checked few options to rule out certain possibilities.
I created the sample Java program to connect to SFTP server by using the same library JSch (in the same folder where my jar is placed) in the Azure App Server running on Windows.
I tested the program by running ,
javac -cp ".;jsch-0.2.19.jar" main.java java -cp ".;jsch-0.2.19.jar" main
The above test program pushed the file to SFTP server. So , I ruled out the possibility of App Server Infra setup issues and concentrated on my application.
The application which runs in the Azure App server has the wrong username (hostname & port are other parameters to connect to SFTP) and it caused the issue - Auth fail for methods 'publickey'. Still , I am wondering how the irrelevant message is shown for wrong username :(
After correcting the username, I am able to push the file to SFTP server.