× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2018

RE: Setting Up sFTP for a Second Vendor - Host key

Thanks to those who have responded. I am still trying to get my sFTP connection set up with my vendor.

Kevin said the permissions were picky, so I did command: chmod 755 /home/someuser on the home directory as the IBM document said I should.
I sent them my ssh public key and they added it to their keyring.
Chris said to do ssh -T user@xxxxxxxxxx.server, so I did. It all looked normal until it asked for a password. Here is the dialog.

ssh -T somecompany.com
The authenticity of host 'somecompany.com (99.999.99.9)' can't be established.
RSA key fingerprint is SHA256:wbb2bQRmDJqQaLbuYKsnGdxQ40mIIedeXChRsAYC3ig.
Are you sure you want to continue connecting (yes/no)?
yes
Warning: Permanently added 'somecompany.com,99.999.99.9' (RSA) to the list of known hosts.
Password Authentication
Password:

Is my IBMi asking for a password or is the vendor's system asking for a password? The vendor says it's my system.
He thinks at this point I should be able to sftp to his system and get his public key and load it on my system.


----------------------------------------------------------------------

message: 1
date: Fri, 4 May 2018 14:35:46 +0000
from: Christopher Bipes <chris.bipes@xxxxxxxxxxxxxxx>
subject: RE: Setting Up sFTP for a Second Vendor - Host key
verification failed Error

First you need to get and verify the remote host key. It has to be in your known_host file under the .ssh directory.
log on as user2
call qp2term
ssh -T user@xxxxxxxxxx.server

Accept the host key
exit out and then try your FTP.

--
Chris Bipes
Director of Information Services
CrossCheck, Inc.

707.665.2100, ext. 1102 - 707.793.5700 FAX chris.bipes@xxxxxxxxxxxxxxx www.cross-check.com Notice of Confidentiality: This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information.? If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited.? If you have received this e-mail in error, please immediately notify me by e-mail (by replying to this message) or telephone (noted above) and permanently delete the original and any copy of any e-mail and any printout thereof.? Thank you for your cooperation with respect to this?matter.

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxx> On Behalf Of Adams, Jay
Sent: Friday, May 04, 2018 7:30 AM
To: 'midrange-l@xxxxxxxxxxxx' <midrange-l@xxxxxxxxxxxx>
Subject: Setting Up sFTP for a Second Vendor - Host key verification failed Error

A couple of months ago I set up sFTP so I could send some extracted data from our ERP system to a vendor.
I set up userid USER1 and made the home directory: /home/USER1.
I created my ssh private and public keys and put them in /home/USER1 in a hidden directory called .ssh.
I exchanged public keys with the vendor and put his public key in /home/USER1/.ssh.
I got it to work and we send them data every night using sFTP.

Now I want to set up sFTP for another vendor.
I set up userid USER2 and made its home directory /home/USER2.
I assume I can use the same ssh private and public keys for this vendor. (Maybe this is a bad assumption and I need to generate another set of keys?) So I copied the .ssh directory from /home/USER1 to /home/USER2 and deleted USER1's public key.
The .ssh directory for USER2 has in it: id_rsa, id_rsa.pub, and known_hosts.

So now I am trying to connect to the vendor's FTP server for the first time.
On my IBMi I logged in under USER2.
I called QP2TERM and executed command: sftp User2FTPServer.com.
I am getting the following error: Host key verification failed. Connection closed

What I am doing wrong?

Your help is appreciated,
Jay


message: 3
date: Fri, 4 May 2018 09:56:00 -0500
from: "Kevin Bucknum" <Kevin@xxxxxxxxxxxxxxxxxxx>
subject: RE: Setting Up sFTP for a Second Vendor - Host key
verification failedError

Add the -v flag. Also make sure that you have SSH'd in first and accepted their key. Go in to /home/USER2 and do a ls -la to see the permissions on the .ssh directory. Go into the .ssh directory and do a ls -la to see the permissions on the files in there. SSH (which sftp runs on top of) is very picky about all of those things.




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550

________________________________________________

Confidentiality Notice: This email from Qualicaps (including all attachments) is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, copying, or distribution is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
_________________________________________________________

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.