Solved

SCP authentication problem

Posted on 2010-09-14
13
1,762 Views
Last Modified: 2012-06-27
Experts,
Perplexing problem here. when I try to use scp (winscp, pscp, etc) from a windows xp box connect to a linux box I get an authentication error. When I ssh to the same linux box with the same username/password, I have no problems authenticating. Not sure what to look for???

Any help would be greatly appreciated.
0
Comment
Question by:fyrfyter
  • 4
  • 2
  • 2
  • +4
13 Comments
 
LVL 7

Expert Comment

by:tlovie
ID: 33677429
have you tried connecting to the box by using the IP and port numbers instead of the DNS names?  This might help you diagnose the problem.
0
 
LVL 5

Expert Comment

by:_-MYFOX-_
ID: 33677554
Nei file di log  c'è qualche messaggio di errore particolare ??
Se provi ad effettuare un collegamento SFPT funziona ?! Anche se quest'ultimo effettua una connessione attraverso la porta 22, ma giusto per avere qualche info in più ...
My2Cent
0
 

Author Comment

by:fyrfyter
ID: 33677805
tlovie,
I did try that. same result. It is not a connection issue, but an authentication issue. I can connect just fine using the dns name. It just doesn't accept my password.

myfox,
Sorry, I dont speak that language.


Thanks,
0
 
LVL 5

Expert Comment

by:_-MYFOX-_
ID: 33677821
Oops here's the translation ...
In the log file is there any particular error message?
If you try to make a connection SFPT working?! Even if he makes a connection through port 22, but just to get some more info ...
My2Cent
0
 
LVL 7

Expert Comment

by:tlovie
ID: 33677831
Do you have access to the logs of the ssh server?  perhaps the default crypto methods inside of putty/pscp are not supported on the server side.  are you able to authenticate to any other linux servers using putty?  I'm assuming that you're using a recent version of putty 0.60.
0
 

Author Comment

by:fyrfyter
ID: 33677996
Heres the pscp log:

P:\>pscp -r -v username@host.com:"/home/username/Picture/Studio
M" P:\
Looking up host "host.com"
Connecting to 11.11.11.11 port 22
Server version: SSH-1.5-Cisco-1.25
We believe remote version has SSH-1 ignore bug
We believe remote version needs a plain SSH-1 password
We believe remote version can't handle SSH-1 RSA authentication
We claim version: SSH-1.5-PuTTY_Release_0.60
Using SSH protocol version 1
Received public keys
Host key fingerprint is:
      1024 "omitted"
Encrypted session key
AES not supported in SSH-1, skipping
Using 3DES encryption
Trying to enable encryption...
Initialised triple-DES inner-CBC encryption
Installing CRC compensation attack detector
Successfully started encryption
Sent username "username"
username@host.com's password:
Sending unpadded password
Sent password
Access denied
Authentication refused
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Expert Comment

by:dKrishnasamy
ID: 33679164
Add the following line in /etc/ssh/sshd_config

Protocol 2

and restart sshd service by giving the following command.

service sshd restart, client also use ssh2

Regards
- Krishna
0
 
LVL 27

Expert Comment

by:Nopius
ID: 33679339
1) Cisco SSH server can't handle 'SCP' sessions
2) Cisco server uses SSH version 1, that doesn't support SFTP

So you can't 'SCP' there by any means. What you can do is to login via SSH, put your files to some external FTP/HTTP server, then use this IOS command to copy these files to the Cisco:

>enable
Password: *****
# copy ftp://remotehost.com/ flash:

You may copy in another direction too.

Hope this helps.

Regards,
Arty
0
 
LVL 7

Expert Comment

by:expert1010
ID: 33680940
Cisco do handle scp (server and client) in IOS since about 12.2-12.3. I think you need to upgrade.
0
 

Author Comment

by:fyrfyter
ID: 33684800
Thanks for your comments.
Krishna,
Protocol 2 is already in the sshd_config file.

Arty,
This is not a cisco issue. If you look at my original post, I am trying to connect via an scp client from a windows box to a linux box. IOS is not involved.

The thing that is odd is that if I tail the /var/log/auth.log file, there are no entries for the failed authentication attempt from the scp client. But the scp client returns an authentication failed error...
0
 
LVL 7

Expert Comment

by:expert1010
ID: 33686213
You could try to install cygwin and from there try to scp to see if works. I think that it doesn't use any native dll. Experts may correct me here. If it's like that there seems to be some trouble with your native windows binaries.

http://www.cygwin.com/

Download the setup.exe and start it.
Install standard + the openssh (input ssh in the search window and check the checkbox for openssh binary)
proceed to finalize. It will take a little time to install.
Start the the Cygwin Bash shell from start-button->cygwin->Cygwin Bash shell
Run scp and ssh to see if it works.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 33747734
Winscp offers a number of data transfer protocols. These include SFTP (the default), SCP, and FTP. The defaultis not SCP! Unfortunately if you just click on the stored session, you don't get to view this. I'd suggest create the session again from scratch, and ensure that either SCP is selected or click the box which says 'Allow SCP fallback'. That way there will an attempt to connect via port 22 which will appear in your auth.log file.

I suspect that you've used the default winscp configuration which is SFTP, which will fail!

HTH:)

(   (()
(`-' _\
 ''  ''
0
 

Accepted Solution

by:
fyrfyter earned 0 total points
ID: 33749677
Experts,
I am very embarrassed to admit this, but the host I was trying to connect to was configured to accept ssh connections on a non-standard port. I should have checked that first. Sorry to have wasted everybody's time.

Thank you all for your responses. The problem is solved.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Resolve DNS query failed errors for Exchange
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now