SFTP connectivity via Jsch fails with "Auth fail for methods 'publickey'"
I am able to run the java program to connect to SFTP from my local application.
this.host = host;
this.port = port;
this.username = username;
this.jsch = new JSch();
LOGGER.debug("Before calling addIdentity");
this.jsch.addIdentity(privatekey);
LOGGER.debug(String.format("Connecting to SFTP serveur : host : %s \\\\ user : %s", this.host, this.username));
this.session = jsch.getSession(username, host, port);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
config.put("PreferredAuthentications", "publickey");
session.setConfig(config);
session.connect();
LOGGER.info("Session is connected");
this.channel = (ChannelSftp) session.openChannel("sftp");
channel.connect();
However , trying to run the same program in windows server gives the issue as : Auth fail for methods 'publickey'
My application is deployed in Azure app service and from the console in App Service , I am able to connect to SFTP
I checked the privatekey file , path with sftp -o StrictHostKeyChecking=no -i myprivatekey.pem username@hostname.sd.com and able to connect to SFTP
I am clueless about the issue. Any help would be appreciated .
Console: 1: 
logzio log (via code) : 
Please find the Jsch logs:
INFO: Connecting to ft0002.swee.com port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-AWS_SFTP_1.1
INFO: Local version string: SSH-2.0-JSCH_0.2.19
INFO: CheckCiphers: chacha20-poly1305@openssh.com
INFO: CheckKexes: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
INFO: sntrup761x25519-sha512@openssh.com is not available.
DEBUG: kex proposal before removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
DEBUG: kex proposal after removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
INFO: CheckSignatures: ssh-ed25519,ssh-ed448
DEBUG: server_host_key proposal before known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
DEBUG: server_host_key proposal after known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: server proposal: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
INFO: server proposal: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa
INFO: server proposal: ciphers c2s: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: server proposal: ciphers s2c: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: server proposal: MACs c2s: umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
INFO: server proposal: MACs s2c: umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
INFO: server proposal: compression c2s: none,zlib@openssh.com
INFO: server proposal: compression s2c: none,zlib@openssh.com
INFO: server proposal: languages c2s:
INFO: server proposal: languages s2c:
INFO: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
INFO: client proposal: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: compression c2s: none
INFO: client proposal: compression s2c: none
INFO: client proposal: languages c2s:
INFO: client proposal: languages s2c:
INFO: kex: algorithm: ecdh-sha2-nistp256
INFO: kex: host key algorithm: rsa-sha2-512
INFO: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: SSH_MSG_KEX_ECDH_INIT sent
INFO: expecting SSH_MSG_KEX_ECDH_REPLY
INFO: ssh_rsa_verify: rsa-sha2-512 signature true
WARN: Permanently added 'ft0002.swee.com' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_EXT_INFO received
INFO: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: publickey
INFO: Next authentication method: publickey
DEBUG: PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
DEBUG: PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256]
DEBUG: rsa-sha2-512 preauth failure
DEBUG: rsa-sha2-256 preauth failure
Solution
I checked few options to rule out certain possibilities.
I created the sample Java program to connect to SFTP server by using the same library JSch (in the same folder where my jar is placed) in the Azure App Server running on Windows.
I tested the program by running ,
javac -cp ".;jsch-0.2.19.jar" main.java java -cp ".;jsch-0.2.19.jar" main
The above test program pushed the file to SFTP server. So , I ruled out the possibility of App Server Infra setup issues and concentrated on my application.
The application which runs in the Azure App server has the wrong username (hostname & port are other parameters to connect to SFTP) and it caused the issue - Auth fail for methods 'publickey'. Still , I am wondering how the irrelevant message is shown for wrong username :(
After correcting the username, I am able to push the file to SFTP server.
- Cannot add data to a ComplexField using Python SDK for Azure AI Search
- letsencrypt cert request failing for AKS ingress
- Playwright Test execution on Azure Windows machine fails in pipeline with error as No test found, It works perfectly with same command
- How to Combining PowerShell Output from multiple server to Single csv
- How can I find all Azure app registrations with API permissions to a specific app registration?
- Azure Deployment Groups vs Agent Pools
- I cannot extract .sql CREATE TABLEs for each table in my Azure SQL Database in my Azure Repo
- Can not read blobs through BlobContainerClient for blobs with empty folder prefixes
- Are task logs deleted when the node is deleted due to autoscaling in Azure Batch service?
- Azure Function Blob Storage Monitor
- I want to fetch Azure SQL table data from ADF to use as input in copy activity
- How to access code of my Azure website?
- Run JMeter script in AzureDevOps - Bearer Access Token generation
- Azure Function - HTTP trigger request length exceeded
- How and where to define an environment variable on Azure
- Stream Analytics doesn't output the data to SQL but does to a blob storage
- While Hierarchical namespace enabled cannot upload blob with metadata hdi_isfolder
- Cannot log in to Visual Studio Account in VS 2022
- SchemaColumnConvertNotSupportedException: column: [Col_Name], physicalType: INT64, logicalType: string
- create Azure Keyvault secret without exposing values
- Can you create 'User Flows' in Azure with a pay-as-you-go account
- Deploy ARM template at management group scope with Azure DevOps Pipeline
- How to make an azure function that deploys my bicep script from Azure Storage Account
- Basic SQL commands in Terraform
- Can we Deploy Web Application in Azure OpenAI of Production Level
- Get-MgGroupMember by display name instead of userID
- Azure DevOps REST API parent relation link to existing work item error
- What should be put to 'repoOwners' in Managed Identity Federated Credentials policy?
- How to get list of users from CSV file whose LastSignInDate column has a date that is before 90 days from current date or is empty?
- Langchain cannot connect with Azure SQL Database