ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

Setting SFTP - access denied...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Setting SFTP - access denied...

    Hi all,

    20 years in iSeries (development side), first time setting SFTP - all on my own

    I followed instructions up to the point when I send public key to the other side.
    Their reply was "the public key has been applied".
    When I try to connect I get "Permission denied, please try again"

    So looks like either they haven't applied it correctly or I missed something, how do I know?

    p.s.I'm able to connect using the password, but need a batch processing.


    Thanks.
    Irena.
    Last edited by InfraRed; February 7, 2019, 01:08 PM.

  • #2
    I so hate when people do this.. So please forgive me..
    I'm sure someone will come behind me and help with your current issue.
    That said... I struggled with this issue a few years back and ended up going with
    Arpeggio software. http://www.arpeggiosoftware.com/



    The solution was simple and price very very reasonable.
    All my answers were extracted from the "Big Dummy's Guide to the As400"
    and I take no responsibility for any of them.

    www.code400.com

    Comment


    • #3
      What are you using to connect? sftp? ssh? Are you logging on with the sftp user ID or your own? If your own, what connection string are you using? Are you doing this in batch or interactively?

      Comment


      • #4
        Originally posted by john.sev99 View Post
        What are you using to connect? sftp? ssh? Are you logging on with the sftp user ID or your own? If your own, what connection string are you using? Are you doing this in batch or interactively?
        Interactively:
        I login with SFTPUSER.
        then start PASE: call QP2TERM
        then sftp RMTUSER@RMTHOST (actual names)
        get "permission denied..."

        thx.

        Comment


        • #5
          It's been a while, but I think you will need to first connect to the system using ssh. When you first connect to a system via ssh/sftp, you will get a message about a trusted host. From memory, this doesn't get displayed using sftp but does if you use ssh. You need to reply Y to the message to add the host into the user profiles known hosts file. I would try connecting using ssh first.

          Comment


          • #6
            Originally posted by john.sev99 View Post
            It's been a while, but I think you will need to first connect to the system using ssh. When you first connect to a system via ssh/sftp, you will get a message about a trusted host. From memory, this doesn't get displayed using sftp but does if you use ssh. You need to reply Y to the message to add the host into the user profiles known hosts file. I would try connecting using ssh first.
            sorry, I didn't mention, I actually did - I get prompted for a password. When I enter it I get connected.
            Last edited by InfraRed; February 7, 2019, 02:41 PM.

            Comment


            • #7
              That would imply there is a key problem.
              Did you set up the keys using the sftp profile? Have you changed any authorities on the sftp profiles directories? Did you supply them with the public key generated by the sftp profile? If all is correct on your side, it would imply the keys have not been setup correctly on the remote host.

              Comment


              • #8
                Hi Irena.

                Jamie mentioned our company in this thread and I would be happy to help you. Once you try using shell scripting to automate your login you will find that some of the replies get suppressed so scripting it becomes a nightmare. Also the nature of SFTP is different than FTP in that you have to deal with attributes of the files being correct and not just the data itself. There are also things like selecting algorithms to use and then you may discovering since you can't work directly with DB files with the IBM ssh tool you will spend a lot of time duplicating data and managing that information. And of course the key management is something that is also handled in our software which is extremely important too.

                Our ARP-SFTP product does have a trial version. It can be downloaded here after you create a login on our site: https://www.arpeggiosoftware.com/ind...-up?Itemid=538

                Also I would be happy to help you with setting up a test connection to your partner. My email is rbrown@arpeggiosoftware.com.

                Rich

                Comment


                • #9
                  Thanks for suggestions.
                  Does it matter i use rsa or dsa public key?

                  Comment

                  Working...
                  X