× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I am not an expert. But, my first question is: Why are you swapping the
private keys? An encryption key is determined just session start and the
private keys which are not exchanged. The public keys, which ARE exchanged,
are used to decrypt the data.

Second: I did not see this in the log. Maybe it is not an issue. But, the
known_hosts file in the .ssh directory of one machine has to have an entry for
the other machine. It is more than just the name. The >easy< way to get that
populated is to use: sftp xxxxx.xxxxx.com -o StrictHostKeyChecking=no

I >think< that will address debug line where remote host will not be trusted.

Are there any firewalls involved? Is port 22 allowed through?

You might hve some good luck by searching the archives. Scott Klement has
posted a numbers of times about sftp.

John McKee

Quoting Kirk Goins <kgoins@xxxxxxxxxxx>:

I have a client trying to setup SFTP Connect with a vendor. We have
created keys and provided the private key to the site we are trying to
log on to. When we try to connect to from the i5 we get the following.
Both keys are in the users/home/.ssh folder.

Any help would be appreciated

Thanks

> sftp -o port=10022 -v
yyyy@xxxxxxxxxx
Connecting to zzzzzz.com

OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar
2004
debug1: Reading configuration data
/QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv

debug1: Connecting to zzzzzz.com[ x.x.x.x ] port
10022.
debug1: Connection
established.

debug1: identity file /home/xxxxxx/.ssh/id_rsa type
-1
debug1: identity file /home/xxxxxx/.ssh/id_dsa type
-1
debug1: Remote protocol version 2.0, remote software version
Connect:Enterprise_UNIX_2.4.02
debug1: no match:
Connect:Enterprise_UNIX_2.4.02

debug1: Enabling compatibility mode for protocol
2.0
debug1: Local version string
SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT
sent

debug1: SSH2_MSG_KEXINIT
received

debug1: kex: server->client aes128-cbc hmac-md5
none
debug1: kex: client->server aes128-cbc hmac-md5
none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST
sent
debug1: expecting
SSH2_MSG_KEX_DH_GEX_GROUP

debug1: dh_gen_key: priv key bits set:
129/256
debug1: bits set:
1591/3191

debug1: SSH2_MSG_KEX_DH_GEX_INIT
sent
debug1: expecting
SSH2_MSG_KEX_DH_GEX_REPLY

Host key verification
failed.

debug1: Calling cleanup
0x20013a74(0x0)
Connection
closed

$


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.






As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.