sftp - SSH Server confirms Client? -

-

my company uses commercial (tibco mft) software system handle file transfers, , encountered instance unable connect specific clients sftp server. connect day when going linux terminal on same local server, when trying use software failed authenticate. using simple user/password set connect them. fixed (in software control panel) selecting "use default key"(which way our key)in ssh options, selection had been "none". mind, should have been required use some sort of key, brought attention have lot of sftp push file transfers use server configurations ssh key marked "none". have looked around , not found satisfactory answer. have suspicions though:

  • does remote server have file containing keys remote systems (sort of known_hosts?), , if client system not in file, won't let me log in?
  • does have "double key exchange" used in ssh2? if customer server using ssh1 not require server key?

i appreciate insight in this.

ssh can setup accept both keys , username/password. target system can support both.

you not have "known_hosts" file verify (with keys) host connect from. verify host you connect to. common limit access host using ip restrictions either via firewall or ssh configuration.

but still might access account on host using keys.

if target system sort of unix have account name accessing it. user account have home directory on server. in account home directory have folder named ".ssh" within folder have file named "authorized_keys". can in file list number of public keys accessing account. if have proper private/public key pair able access account.

so answer specific questions: - no. such restrictions ip based. - no. server key used verify server connect to.

first key exchange verify host connect to. being asked first time connect host. when accept have encrypted session. if allowed enter username/password after this. if host setup use key based authentication must supply keys.

both ssh client , ssh server should provide logs many hints happens.

many unix servers use openssh , can see configuration file at: /etc/ssh/sshd_config

if try connect ssh server requires key based authentication , not accept username/password typically error: "no supported authentication methods avaiable (server sent: public key)".

when using commercial solution suspect ssh stack might old , outdated , not using modern cipher suites. can see ciphers used on linux server searching "ciphers" in "/etc/ssh/sshd_config"

for further troubleshooting recommend connect directly using putty source system. can ferrit out if tibco mft uses outdated stack , needs updating.

you can putty at: http://www.chiark.greenend.org.uk/~sgtatham/putty/

to further need connection logs , configuration files. should have connection error tells wrong.


Comments

Post a Comment

Popular posts from this blog

Fail to load namespace Spring Security http://www.springframework.org/security/tags -

-
i have problem namespace of spring security on xhtml page. don't understand why can't load uri, , have following issue: whitelabel error page application has no explicit mapping /error, seeing fallback. tue jul 21 16:58:12 utc 2015 there unexpected error (type=not found, status=404). please need help! possible uri has been changed? best regards you using incorrect namespace url. correct url http://www.springframework.org/schema/security the error page seeing spring source website since not recognize url. try visiting http://www.springsource.org/security/tags in browser update : spring security tags used in jsp page correct tag lib declaration is: <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Read more

sql - MySQL query optimization using coalesce -

-
can explain me why second query faster first? (first 1 takes around 40 seconds, second 1 less 0.1) select releases.feature_code, releases.platform_id, version, release_date, general_available, uri, filesize, display_name, feature_name.full_name, if ((select exists(select 1 release_exceptions releases.feature_code = release_exceptions.feature_code , releases.platform_id = release_exceptions.platform_id , releases.version = release_exceptions.version) = 1), 1, 0) release_exceptions releases left outer join platform using(platform_id) left outer join feature_name using(feature_code) order version desc; ~~~ query 2 ------------------ ~~~ select feature_code, version, release_date, general_available, platform_id, uri, filesize, display_name, feature_name.full_name, coalesce(release_exceptions, 0) release_exceptions mus.releases left outer join ( select distinct feature_code, version, platform_id, 1 release_exceptions mus.release_exceptions ) release_exceptions using ...
Read more

unity3d - Unity local avoidance in user created world -

-
i'm using unity3d networked multiplayer online game have large complex 3d terrain scene forest, trees, cliff, hills, mountains, bounders, etc. players can build structures sort of minecraft, , put them anywhere in scene, or move them around anytime. aside human controlled players, there automated ai players , objects animals roaming around scene following path. the problem how make these automated ai players , animals, able navigate around static , dynamic player created structures, because path follow can blocked player created structures, or other players , other ai objects, cliffs etc. have find away around them or on track if tumble down off high cliff example. so made navmesh , used navagents, takes care of static, non moving objects, how make ai players navigate around each other , dynamic structures created players can number in hundreds? i thought of adding navmeshobstacle everything, result in being attached hundreds of objects since user created structures b...
Read more