C37c1cd4347cd3be4c3cc87411d70d1d241199b8
By:
diogenes

Proftpd: no more auth methods available, disconnecting

July 22, 2016 1.1k views
Security Ubuntu

Hello

i have a strange problem and i can't find a solution.
I'm running a proftpd server with a public key, server is running fine except sometimes when the connection is lost i receive a message:

Authentication log (see session log for details):
Using username "audiplo".
Authenticating with public key "rsa-key-20141231" from agent.

Authentication failed.

tail -f /var/log/proftpd/sftp.log

2016-07-21 21:44:55,669 mod_sftp/0.9.9[16439]: error using DisplayLogin 'welcome.msg': No such file or directory
2016-07-21 21:44:55,671 mod_sftp/0.9.9[16439]: sent server version 'SSH-2.0-mod_sftp/0.9.9'
2016-07-21 21:44:55,837 mod_sftp/0.9.9[16439]: received client version 'SSH-2.0-WinSCP_release_5.7.5'
2016-07-21 21:44:55,837 mod_sftp/0.9.9[16439]: handling connection from SSH2 client 'WinSCP_release_5.7.5'
2016-07-21 21:44:55,991 mod_sftp/0.9.9[16439]:  + Session key exchange: diffie-hellman-group-exchange-sha256
2016-07-21 21:44:55,991 mod_sftp/0.9.9[16439]:  + Session server hostkey: ssh-rsa
2016-07-21 21:44:55,991 mod_sftp/0.9.9[16439]:  + Session client-to-server encryption: aes256-ctr
2016-07-21 21:44:55,992 mod_sftp/0.9.9[16439]:  + Session server-to-client encryption: aes256-ctr
2016-07-21 21:44:55,992 mod_sftp/0.9.9[16439]:  + Session client-to-server MAC: hmac-sha2-256
2016-07-21 21:44:55,992 mod_sftp/0.9.9[16439]:  + Session server-to-client MAC: hmac-sha2-256
2016-07-21 21:44:55,992 mod_sftp/0.9.9[16439]:  + Session client-to-server compression: none
2016-07-21 21:44:55,992 mod_sftp/0.9.9[16439]:  + Session server-to-client compression: none
2016-07-21 21:44:57,343 mod_sftp/0.9.9[16439]: sending acceptable userauth methods: publickey
2016-07-21 21:44:57,493 mod_sftp/0.9.9[16439]: public key MD5 fingerprint: 51:6b:79:25:46:76:b2:1b:56:c4:91:ff:5f:b2:bd:f1
2016-07-21 21:44:57,493 mod_sftp/0.9.9[16439]: sending publickey OK
2016-07-21 21:44:57,731 mod_sftp/0.9.9[16439]: public key MD5 fingerprint: 51:6b:79:25:46:76:b2:1b:56:c4:91:ff:5f:b2:bd:f1
2016-07-21 21:44:57,732 mod_sftp/0.9.9[16439]: no more auth methods available, disconnecting
2016-07-21 21:44:57,732 mod_sftp/0.9.9[16439]: disconnecting (No other authentication mechanisms available)

If i remove the key on pageant and add again, connection works fine...

2016-07-21 21:46:27,234 mod_sftp/0.9.9[16444]: error using DisplayLogin 'welcome.msg': No such file or directory
2016-07-21 21:46:27,237 mod_sftp/0.9.9[16444]: sent server version 'SSH-2.0-mod_sftp/0.9.9'
2016-07-21 21:46:27,388 mod_sftp/0.9.9[16444]: received client version 'SSH-2.0-WinSCP_release_5.7.5'
2016-07-21 21:46:27,389 mod_sftp/0.9.9[16444]: handling connection from SSH2 client 'WinSCP_release_5.7.5'
2016-07-21 21:46:27,542 mod_sftp/0.9.9[16444]:  + Session key exchange: diffie-hellman-group-exchange-sha256
2016-07-21 21:46:27,542 mod_sftp/0.9.9[16444]:  + Session server hostkey: ssh-rsa
2016-07-21 21:46:27,542 mod_sftp/0.9.9[16444]:  + Session client-to-server encryption: aes256-ctr
2016-07-21 21:46:27,542 mod_sftp/0.9.9[16444]:  + Session server-to-client encryption: aes256-ctr
2016-07-21 21:46:27,542 mod_sftp/0.9.9[16444]:  + Session client-to-server MAC: hmac-sha2-256
2016-07-21 21:46:27,543 mod_sftp/0.9.9[16444]:  + Session server-to-client MAC: hmac-sha2-256
2016-07-21 21:46:27,543 mod_sftp/0.9.9[16444]:  + Session client-to-server compression: none
2016-07-21 21:46:27,543 mod_sftp/0.9.9[16444]:  + Session server-to-client compression: none
2016-07-21 21:46:28,925 mod_sftp/0.9.9[16444]: sending acceptable userauth methods: publickey
2016-07-21 21:46:29,080 mod_sftp/0.9.9[16444]: public key MD5 fingerprint: c7:1d:84:b8:4a:56:19:a8:cb:ec:2f:44:35:dd:32:b6
2016-07-21 21:46:29,080 mod_sftp/0.9.9[16444]: sending publickey OK
2016-07-21 21:46:29,318 mod_sftp/0.9.9[16444]: public key MD5 fingerprint: c7:1d:84:b8:4a:56:19:a8:cb:ec:2f:44:35:dd:32:b6
2016-07-21 19:46:29,322 mod_sftp/0.9.9[16444]: sending userauth success
2016-07-21 19:46:29,322 mod_sftp/0.9.9[16444]: user 'audiplo' authenticated via 'publickey' method
2016-07-21 19:46:29,629 mod_sftp/0.9.9[16444]: unsupported 'simple@putty.projects.tartarus.org' channel requested, ignoring
2016-07-21 19:46:29,813 mod_sftp/0.9.9[16444]: 'subsystem' channel request for 'sftp' subsystem
2016-07-21 19:46:30,038 mod_sftp/0.9.9[16444]: using SFTP protocol version 6 for this session (channel ID 0)
2016-07-21 19:46:30,185 mod_sftp/0.9.9[16444]: client sent 'vendor-id' extension: { vendorName = 'Martin Prikryl', productName = 'WinSCP', productVersion = '5.7.5', buildNumber = 5665 }

Tks

1 comment
  • Is there a chance your key file has a comment line that looks like this?
    Comment: "1023-bit RSA, converted by sammy@localhost.digitalocean from "
    Try removing that if so.

    You may also want to increase your log level by adding this to the top of your proftpd.conf

    TraceLog /path/to/proftpd-trace.log
      Trace ssh2:20 sftp:20
    
1 Answer

This question was answered by @BrookDO:

Is there a chance your key file has a comment line that looks like this?
Comment: "1023-bit RSA, converted by sammy@localhost.digitalocean from "
Try removing that if so.

You may also want to increase your log level by adding this to the top of your proftpd.conf

TraceLog /path/to/proftpd-trace.log
 Trace ssh2:20 sftp:20

View the original comment

Have another answer? Share your knowledge.