MIDRANGE dot COM Mailing List Archive


MIDRANGE-L » January 2013

SFTP with key authentication failing after server migration


 
I have a client who we migrated to a new 8202-E4C a few weeks ago.
They do a daily scheduled file transfer to an outside vendor using SFTP with key authentication.
Since the server migration, the SFTP has been failing.

Initially the SFTP standard error output reported the following messages:

Bad owner or permissions on /home/PERFRM/.ssh/config
Connection closed

I have reset the authority on that file using the following command:

chmod 600 /home/PERFRM/.ssh/config

The SFTP standard error output now shows the following messages:

Permission denied, please try again.
Permission denied, please try again.
Permission denied (password).
Connection closed

So I'm wondering now if the server migration has impacted the key authentication in some way (other than the permissions of the config file).

The destination server still has the user's public key. But could it be seeing the user as NOT the authenticated user now because the connection is coming from a different server.

In other words, does the server in some way become part of the SFTP key authentication?
If so, will generating a new key for the user on the new server and providing it to the outside vendor solve the problem?

Thanks for any input.

Scott
________________________________


Scott Schollenberger
Vice President, Research & Development

P: 610-239-9988 x305
F: 610-239-9995
E: SSchollenberger@xxxxxxxxxxxxxxxxxx
[http://www.harriscomputer.com/images/signatures/HarrisSchools.gif]

[http://www.harriscomputer.com/images/signatures/DivisionofHarris.gif]<http://www.harriscomputer.com/>
100-2011 Renaissance Blvd.
King of Prussia, PA
19406
www.harris-schoolsolutions.com<http://www.harris-schoolsolutions.com>

This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.


Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2013 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact