SFTP connect failure via command line

[Dave1979]

After upgrading from 1871 to 1927 we are unable to connect to one of our partners SFTP servers when called via a script. Issue not present when connecting via the GUI using the same saved profile.

Log output below:

[code]COMMAND:
"C:\Program Files\CoreFTP\coreftp.exe" -s -site SITE_01 -u "E:\FTPDATA\SITE_01\Outgoing\*.*" -p sftp://<IP REDACTED>/to_xpn/*.* -log E:\_Scripts\SITE_01\Logs\SITE_01_log.txt[/code]

12/13/18 07:30 (1871)
Using fingerprint: <FINGERPRINT REDACTED>Resolving <IP REDACTED>...
<IP REDACTED> [22] connecting...
SSH-2.0-SSHD
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
client -> aes256
server -> aes256
<FINGERPRINT REDACTED>
ssh-rsa
Offering public key
PWD
Current directory is '/'
CWD /
CWD /to_xpn/
STOR /to_xpn/FILE_TO_UPLOAD.TXT
FILE_TO_UPLOAD.TXT - 640075 bytes transferred in 2 seconds
Total uploaded files: 1
Total uploaded data: 625 KB
Total downloaded files: 0
Total downloaded data: 0

12/27/18 07:30 (1927)
Using fingerprint: <FINGERPRINT REDACTED>
Resolving <IP REDACTED>...
<IP REDACTED> [22] connecting...
SSH-2.0-SSHD
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha1
ssh-rsa
ciphers selected:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,des-cbc,des-cbc@ssh.com
client->server cipher: aes256-ctr
client->server mac: hmac-sha1
server->client cipher: aes256-ctr
server->client mac: hmac-sha1
SHA1 <FINGERPRINT REDACTED>
SFTP connection error - Aborted by userCan't establish connection --> <IP REDACTED> @ Thu Dec 27 07:30:01 2018
(10038-30033)Connection FailedTotal uploaded files: 0
Total uploaded data: 0
Total downloaded files: 0
Total downloaded data: 0

[ForumAdmin]

typically there is no sftp:// type of URL in the -p parameter. If you had this working in 1871 it may have just been lucky.

You could try putting the

sftp://<IP REDACTED>/

url alone by itself as a separate parameter and see if this works, but the -p parameter should only have the destination path.


example:

"C:\Program Files\CoreFTP\coreftp.exe" -s sftp://<IP REDACTED>/ -site SITE_01 -u "E:\FTPDATA\SITE_01\Outgoing\*.*" -p /to_xpn/ -log E:\_Scripts\SITE_01\Logs\SITE_01_log.txt

[Dave1979]

I've repeated the test, this time with a download (for operational reasons) with 1927 and then rolling back to 1917. I can download successfully with 1917 but not with 1927 - the same connection error occurs.

I've also amended the path as you suggested.

It may also be worthy of note that this is the only scripted transfer we have that uses public key authentication. Other transfers using password authentication are not affected.

Command:
"C:\Program Files\CoreFTP\coreftp.exe" -s -site SITE_01 -d /from_xpn/*.* -p "E:\FTPDATA\SITE_01\Incoming\" -log E:\_Scripts\SITE_01\test_in_log.txt

Test 1 with build 1927:

01/18/19 13:31 (1927)
Using fingerprint: <FINGERPRINT REDACTED>
Resolving <IP REDACTED>...
<IP REDACTED> [22] connecting...
SSH-2.0-SSHD
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha1
ssh-rsa
ciphers selected:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,des-cbc,des-cbc@ssh.com
client->server cipher: aes256-ctr
client->server mac: hmac-sha1
server->client cipher: aes256-ctr
server->client mac: hmac-sha1
SHA1 <FINGERPRINT REDACTED>
SFTP connection error - Aborted by userCan't establish connection --> <IP REDACTED> @ Fri Jan 18 13:37:30 2019
(10038-30033)Connection FailedTotal uploaded files: 0
Total uploaded data: 0
Total downloaded files: 0
Total downloaded data: 0


Test 2 with build 1917:

01/18/19 13:37 (1917)
Using fingerprint: <FINGERPRINT REDACTED>Resolving <IP REDACTED>...
<IP REDACTED> [22] connecting...
SSH-2.0-SSHD
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha1
ssh-rsa
ciphers selected:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,des-cbc,des-cbc@ssh.com
client->server cipher: aes256-ctr
client->server mac: hmac-sha1
server->client cipher: aes256-ctr
server->client mac: hmac-sha1
SHA1 <FINGERPRINT REDACTED>
offering key...
PWD
Current directory is '/'
CWD /
CWD /from_xpn/
RETR /from_xpn/RESPONSE_FILE.TXT
RESPONSE_FILE.TXT - 5921181 bytes transferred in 5 seconds
Total uploaded files: 0
Total uploaded data: 0
Total downloaded files: 1
Total downloaded data: 5,782 KB

[ForumAdmin]

send the IP of the server to feedback so it can be tested here.

[Dave1979]

Sent to feedback@coreftp.com

Thanks

[ForumAdmin]

Didn't notice this the first time around, but go into Mange - SSL/SSH certificates - accepted SSH...

Then delete the IP or hostname of this particular server. You'll need to connect to it one time in the GUI and accept it's key.

Core FTP should use the old MD5 key calculation for accepted keys but for some reason this one does not work.

[Dave1979]

Deleted, connected to and accepted the SSH key for this server. Still the same I'm afraid.

[ForumAdmin]

if you take out the -s parameter, and run your command line again, is there some sort of prompt popping up?

It may not be related to the fingerprint at all, could be an overwrite prompt (and you may need to add the -o param to your cmd line).

[Dave1979]

Same again I'm afraid. No prompts. "SFTP connection error - Aborted by user" in the output again.