SFTP Unix client to windows Server "Couldnt canonicalise"

Posted on 2007-10-08
Last Modified: 2012-10-30
Unfortunately im sitting in between two suppliers so i dont have all the necessary OS info to hand but hopefully it wont matter too much as this is an SFTP question.

The situation is such that we have a windows based SFTP server hosted at our supplier.  We have a customer who needs to be able to copy and retrieve files from their unix based machine to our server.

We have tested the comunications using FTP and they workfine, as does their account when using FTP.  However the nature of the file contents is sensitive so they wish to use SFTP command line shell and a script.
We cannot get the unix system to complete the login.  I have tested to login to the windows based SFTP using WinSCP and initially reproduced the problem.  Then realised that / must be specified to login to root directory.  WinSCP logs in fine using the account details.
I then installed Cygwin and the SSH package to try to "simulate" using the SFTP command line from unix and it just will not log me in.
Trying to login with the command $ SFTP user@server:/
Have tried a few variations, such as no :/, ~/, //, \, \\
and receive the error "Couldn't canonicalise.  Need CWD" everytime
I tried to access the file directly via SFTP and via SCP comand lines and get a "permission denied" message.
However I can access the file just fine using WinSCP client and exactly the same account details.

Im confused as I figured that SFTP, like FTP, is independant of platform and should allow transfer of files.  I believed it to be a problem in the script on the customer side, but having spent the last couple of hours trying diferent syntax trying to get SFTP unix comand to login and not getting any joy, im beginning to wonder if that is so?  Could it be a problem with cross platform communication.  can it be a security problem betwen OS's that they cant read each others security settings?

Thanks in advance.

Question by:Aditro
    LVL 9

    Expert Comment

    > I tried to access the file directly via SFTP and via SCP comand lines and get a "permission denied" message.

    There must be a 'Permission denied' message between "Couldn't canonicalise" and "Need CWD", too.  Is it there?

    Author Comment

    No the message isnt there.   below i have pasted an extract from the log file.  We have actually solved this now using a different protocol, but i am still interested to know the problem here.  As said it seemed strange that it worked with a windows client.  I expected SFTP to work independant of platform.

    debug1: Connection established.
    debug1: permanently_set_uid: 0/3
    debug1: identity file /.root/.ssh/id_rsa type 1
    debug1: identity file /.root/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version 3.2.3 F-Secure SSH Windows NT Server
    debug1: no match: 3.2.3 F-Secure SSH Windows NT Server
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.9
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug1: Host 'XXXXXXX' is known and matches the DSA host key.
    debug1: Found key in /.root/.ssh/known_hosts:33
    debug1: ssh_dss_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering public key: /.root/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /.root/.ssh/id_dsa
    debug1: Next authentication method: password
    XXXXXXXXXXXXXXX's password:
    debug1: Authentication succeeded (password).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.
    debug1: Sending subsystem: sftp
    Couldn't canonicalise: Failure
    Need cwd
    $ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
    debug1: channel 0: free: client-session, nchannels 1
    debug1: fd 0 clearing O_NONBLOCK
    debug1: fd 1 clearing O_NONBLOCK
    debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 4.6 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
    debug1: Exit status 0

    LVL 9

    Accepted Solution

    > As said it seemed strange that it worked with a windows client.  I expected SFTP to work independant of platform.

    There are actually two protocols for file transfer over SSH -- scp and sftp.  Perhaps windows client used scp...

    Expert Comment

    This same issue occurred for me on SFTP from windows to UNIX.

    Even though the home directory was readable to the login ID, the root file system was not and SFTP was not able to traverse up the tree.

    # cd /
    # ls -ld
    drwx--x--x  20 root     root          22 Oct  1 13:16 .


    # chmod a+r /
    # ls -ld
    drwxr-xr-x  20 root     root          22 Oct  1 13:16 .

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Suggested Solutions

    Title # Comments Views Activity
    Ora2pg 4 80
    cron job says it ran, no results 25 81
    Redirect mail server from IP to IP 2 44
    SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
    This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now