Emissão de SFTP - Permissão negada

1

Estamos tentando fazer arquivos SFTP do mainframe para novos servidores linux. Fornecemos a nossa chave pública (mainframe) para a equipe do servidor de destino e configuramos essa. Ao enviar arquivos, estamos recebendo o seguinte erro:

Co:Z SFTP version: 3.1.0 (5.0p1) 2015-05-01                                                                                                                                                                                                                                                        Copyright (C) Dovetailed Technologies, LLC. 2008-2014. All rights reserved.                                                                                                                                                                                                                         debug3: connect_to_server arg=/bin/ssh                                                                                                                                                                                                                                                    
debug3: connect_to_server arg=-oForwardX11 no                                                                                                                                                                                                                                              debug3: connect_to_server arg=-oForwardAgent no                                                                                                                                                                                                                                            debug3: connect_to_server arg=-oClearAllForwardings yes                                                                                                                                                                                                                                   
debug3: connect_to_server arg=-F/export/home/HEATFTP/.ssh/ssh_config                                                                                                                                                                                                                      
debug3: connect_to_server arg=-v                                                                                                                                                                                                                                                         debug3: connect_to_server arg=-obatchmode yes                                                                                                                                                                                                                                             debug3: connect_to_server arg=3.40.64.86                                                                                                                                                                                                                                                   debug3: connect_to_server arg=sftp                                                                                                                                                                                                                                                        OpenSSH_5.0p1, OpenSSL 1.0.1c 10 May 2012                                                                                                                                                                                                                                                          debug1: Reading configuration data /export/home/HEATFTP/.ssh/ssh_config                                                                                                                                                                                                                            
debug1: Reading configuration data /etc/ssh/zos_ssh_config                                                                                                                                                                                                                                         
debug3: Seeding PRNG from /usr/lib/ssh/ssh-rand-helper                                                                                                                                                                                                                                             
debug1: zsshSmfSetConnSmfStatus: changing SMF status from 0 to 83                                                                                                                                                                                                                                  
debug1: Rhosts Authentication disabled, originating port will not be trusted.                                                                                                                                                                                                                      
debug2: ssh_connect: needpriv 0                                                                                                                                                                                                                                                                    
debug1: Connecting to 3.40.64.86 3.40.64.86¨ port 22.                                                                                                                                                                                                                                             
debug1: Connection established.                                                                                                                                                                                                                                                                    
debug1: cipher_init: none from source OpenSSL                                                                                                                                                                                                                                                      
debug1: cipher_init: none from source OpenSSL                                                                                                                                                                                                                                                      
debug3: zsshGetpw: passwd name=HEATFTP, uid=999999901, gid=1, dir=/export/home/HEATFTP, shell=/bin/sh                                                                                                                                                                                              
debug3: Not a RSA1 key file /export/home/HEATFTP/.ssh/id_rsa.                                                                                                                                                                                                                                      
debug2: key_type_from_name: unknown key type '-----BEGIN'                                                                                                                                                                                                                                          
debug3: key_read: missing keytype                                                                                                                                                                                                                                                                  
debug3: key_read: missing whitespace                                                                                                                                                                                                                                                               
debug3: key_read: missing whitespace                                                                                                                                                                                                                                                               
debug2: key_type_from_name: unknown key type '-----END'                                                                                                                                                                                                                                            
debug3: key_read: missing keytype                                                                                                                                                                                                                                                                  
debug1: identity file /export/home/HEATFTP/.ssh/id_rsa type 1                                                                                                                                                                                                                                      
debug1: Remote protocol version 2.0, remote software version SecureLink SSH Server (Version 3.3.0.62)                                                                                                                                                                                              
debug1: no match: SecureLink SSH Server (Version 3.3.0.62)                                                                                                                                                                                                                                         
debug1: Enabling compatibility mode for protocol 2.0                                                                                                                                                                                                                                               
debug1: Local version string SSH-2.0-OpenSSH_5.0                                                                                                                                                                                                                                                   
debug2: fd 3 setting O_NONBLOCK                                                                                                                                                                                                                                                                    
debug3: RNG is ready, skipping seeding                                                                                                                                                                                                                                                             
debug1: SSH2_MSG_KEXINIT sent                                                                                                                                                                                                                                                                      
debug1: SSH2_MSG_KEXINIT received                                                                                                                                                                                                                                                                  
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffi                                                                                                                                                               
e-hellman-group1-sha1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
debug2: kex_parse_kexinit:                                                                                                                                                                                                                                                                         debug2: kex_parse_kexinit:                                                                                                                                                                                                                                                                         debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                                                                                                                                                                     debug2: kex_parse_kexinit: reserved 0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              debug2: kex_parse_kexinit: none,zlib                                                                                                                                                                                                                                                               debug2: kex_parse_kexinit: none,zlib                                                                                                                                                                                                                                                               debug2: kex_parse_kexinit:                                                                                                                                                                                                                                                                         debug2: kex_parse_kexinit:                                                                                                                                                                                                                                                                         debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                                                                                                                                                                     debug2: kex_parse_kexinit: reserved 0                                                                                                                                                                                                                                                              debug1: mac_setup_by_id: hmac-md5 from source OpenSSL                                                                                                                                                                                                                                              debug2: mac_setup: found hmac-md5                                                                                                                                                                                                                                                         debug1: kex: server->client aes128-ctr hmac-md5 zlib                                                                                                                                                                                                                                               debug1: mac_setup_by_id: hmac-md5 from source OpenSSL                                                                                                                                                                                                                                               debug2: mac_setup: found hmac-md5                                                                                                                                                                                                                                                                   debug1: kex: client->server aes128-ctr hmac-md5 zlib                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       debug2: dh_gen_key: priv key bits set: 128/256                                                                                                                                                                                                                                                     
debug2: bits set: 474/1024                                                                                                                                                                                                                                                                         
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent                                                                                                                                                                                                                                                              
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY                                                                                                                                                                                                                                                        
debug3: check_host_in_hostfile: filename /export/home/HEATFTP/.ssh/known_hosts                                                                                                                                                                                                                     
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts                                                                                                                                                                                                                                  
debug3: __catgets: NLS setup complete (1), using message catalog openssh.cat                                                                                                                                                                                                                     
                                                                                                                                                                                             debug2: bits set: 503/1024                                                                                                                                                                                                                                                                         
debug1: ssh_rsa_verify: signature correct                                                                                                                                                                                                                                                          
debug2: kex_derive_keys                                                                                                                                                                                                                                                                            
debug2: set_newkeys: mode 1                                                                                                                                                                                                                                                                        
debug1: cipher_init: aes128-ctr from source OpenSSL                                                                                                                                                                                                                                                
debug1: Enabling compression at level 6.                                                                                                                                                                                                                                                           
debug1: SSH2_MSG_NEWKEYS sent                                                                                                                                                                                                                                                                      
debug1: expecting SSH2_MSG_NEWKEYS                                                                                                                                                                                                                                                                 
debug2: set_newkeys: mode 0                                                                                                                                                                                                                                                                        
debug1: cipher_init: aes128-ctr from source OpenSSL                                                                                                                                                                                                                                                
debug1: SSH2_MSG_NEWKEYS received                                                                                                                                                                                                                                                                  
debug1: SSH2_MSG_SERVICE_REQUEST sent                                                                                                                                                                                                                                                              
debug2: service_accept: ssh-userauth                                                                                                                                                                                                                                                               
debug1: SSH2_MSG_SERVICE_ACCEPT received                                                                                                                                                                                                                                                           
debug2: key: /export/home/HEATFTP/.ssh/id_rsa (1055C980)                                                                                                                                                                                                                                           
debug3: input_userauth_banner                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
gemft.sftp.gateway                                                                                                                                                                                                                                                                                 debug1: Authentications that can continue: publickey                                                                                                                                                                                                                                               
debug3: start over, passed a different list publickey                                                                                                                                                                                                                                              
debug3: preferred publickey                                                                                                                                                                                                                                                                        
debug3: authmethod_lookup publickey                                                                                                                                                                                                                                                                
debug3: remaining preferred:                                                                                                                                                                                                                                                                       
debug3: authmethod_is_enabled publickey                                                                                                                                                                                                                                                            
debug1: Next authentication method: publickey                                                                                                                                                                                                                                                      
debug1: Offering public key: /export/home/HEATFTP/.ssh/id_rsa                                                                                                                                                                                                                                       debug3: send_pubkey_test                                                                                                                                                                                                                                                                           
debug2: we sent a publickey packet, wait for reply                                                                                                                                                                                                                                                 
debug1: Authentications that can continue: publickey                                                                                                                                                                                                                                               
debug2: we did not send a packet, disable method                                                                                                                                                                                                                                                   
debug1: No more authentication methods to try.                                                                                                                                                                                                                                                     
debug3: __catgets: NLS setup complete (1), using message catalog openssh.cat                                                                                                                                                                                                                       
FOTS1373 Permission denied (publickey).                                                                                                                                                                                                                       Ý22.256¨ Connection closed 

Como podemos corrigir esse problema? Atualmente alguns SFTP estão funcionando bem por anos, para nova configuração estamos enfrentando esse problema.

    
por Loganathan 24.02.2016 / 09:55

1 resposta

1

Sua chave está sendo rejeitada provavelmente devido a permissões de arquivo erradas no servidor.

debug1: Offering public key: /export/home/HEATFTP/.ssh/id_rsa                                                     
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey 
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.   

A pasta .ssh e também o diretório $ HOME não devem ser legíveis por ninguém além do proprietário.

Pergunte à equipe do servidor de destino sobre isso.

    
por 24.02.2016 / 13:27

Tags