Highlighted
Deepali Gupta Absent Member.
Absent Member.
1973 views

SSH Authentication failing

I have a fresh version 8.0 installed and am trying to connect to another server via PPM using SSH2(using key authentication). But I am unable to connect. The logs show the following:
////
SSH version received from remote host: SSH-2.0-OpenSSH_4.3
SSH version sent to remote host: SSH-2.0-1.0 Kintana SSH client
Initiating key exchange.
Succeeded in key exchange.
Authenticating user.
ERROR: Could not logon to [vsvphxscmdev01].
All SSH authentication methods failed. Check the Key Identity file or password. (KNTA-10903)
////
Tags (1)
0 Likes
6 Replies
Surendra Poosar Absent Member.
Absent Member.

Re: SSH Authentication failing

Deepali,

Did you try to change the transfer protocol to Secure Copy and test it?

Thanks
Surendra.
0 Likes
Deepali Gupta Absent Member.
Absent Member.

Re: SSH Authentication failing

This is working for me now.
After generating the rsa keys, I added following in the server.conf:

com.kintana.core.server.SSH_PRIVATE_IDENTITY_FILE=///.ssh/id_rsa

One thing to be noted is , PPM does not supports DSA keys as of now so only RSA has to be used.
0 Likes
Navaneethan_A Trusted Contributor.
Trusted Contributor.

Re: SSH Authentication failing

Hi,

 

I tried following the above steps but still I am getting the below error. Can some one please advise on this?

 

[2013/11/08 05:14:25 -0500] LOGON_ATTEMPT Rvarghese@STAAP1082D:22

SSH version received from remote host: SSH-2.0-OpenSSH_4.7

SSH version sent to remote host: SSH-2.0-1.0 Kintana SSH client

Initiating key exchange.

Succeeded in key exchange.

Authenticating user.

Found private key identity file. Adding public key authentication module...

Error in module: com.kintana.core.net.ssh2.SSH2PublicKeyAuthModule@16fe85a

Problem while reading the identityFile: ///.ssh/id_rsa

\\.ssh\id_rsa (The network path was not found)

com.kintana.core.net.ssh2.SSH2Exception: Problem while reading the identityFile: ///.ssh/id_rsa

\\.ssh\id_rsa (The network path was not found)

                at com.kintana.core.net.ssh2.SSH2KeyPairLoader.load(SSH2KeyPairLoader.java:88)

                atERROR: java.io.IOException: All SSH authentication methods failed.  Check the Key Identity file or password.   (KNTA-10903)

 

Thanks & Regards,

Navaneethan

0 Likes
Jason Nichols K Absent Member.
Absent Member.

Re: SSH Authentication failing

Do you have the correct path and filename for you SSH Key File defined in your server.conf? Given that the error message says The Network Path Not Found, and the filename looks to be in a Windows UNC format, I would speculate that the filename is not defined correctly in your server.conf file.
0 Likes
Dennis Handly Acclaimed Contributor.
Acclaimed Contributor.

Re: SSH Authentication failing

\\.ssh\id_rsa (The network path was not found)

>Do you have the correct path and filename for you SSH Key File defined in your server.conf?

>and the filename looks to be in a Windows UNC format

 

Right.  It appears that the above path is relative to the User's folder.  But looks like an absolute path here.

0 Likes
Micro Focus Expert
Micro Focus Expert

Re: SSH Authentication failing

Hi,

 

Just to confirm that the problem is with the path. Use an absolute path and that should fix your problem.

 

 

Since this is a topic on SSH2 connectivity from PPM Server, I'd like to let you know that PPM R&D is working on a new PPM SSH2 Client that should provide support for:

 

- DSA keys (in addition to RSA keys)

 

- Additional ciphers besides 3DES (blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-ctr,arcfour,arcfour128,arcfour256)

 

- Can read trusted hosts keys from ~/.ssh/known_hosts rather than mandatory known_hosts file in <PPM_HOME> (so the same known_hosts can be trusted as the one from command line ssh client when run with the same *nix user as used for starting PPM Server)

 

- Strict enforcement of known_hosts trusted hosts keys, unless explicitely disabled.

 

- Should work with pretty much all OpenSSH versions (active as of now), not just the ones currently listed in PPM compatibility matrix.

 

 

We don't know yet when this new client will be officially included in the product as we are still in beta testing phase ; if you are willing to beta-test the new SSH2 client, we have a beta hotfix ready for PPM 9.1X and later (including 9.2X). If you want to give it a try, send me a private message with your email address.

Note that this new SSH2 client is not impacting existing environments defined in PPM: It will add new SSH2 & SCP2 client options to pick from in the environments screen, and existing environments will keep using the "old" SSH2/SCP2 client unless you manually change it.

 

Kind Regards,

Etienne.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.