cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SFTP Receiver adapter issue - JSchException: Auth failed

Go to solution
vamsi_akkapeddi
Explorer

on ‎09-25-2013 2:58 PM

0 Kudos

I have SFTP adapter version1 with SP1 installed on PI system. Communicating with target system which has Tectia version of SSH.

We converted PI public key to Tectia version and uploaded them in target system in authorization file under ~home/SSH2.

When I use basic authentication (userid/password) I am able to transfer the file successfully to target. But when keys are being used PI receiver SFTP channel throws error

"Message could not be forwarded to the JCA adapter. Reason: com.jcraft.jsch.JSchException: Auth failed"

exception caught with cause javax.resource.ResourceException: com.jcraft.jsch.JSchException: Auth failed

We checked the logs at target system, it shows

The user's public key matched the key (/home/userid/.ssh2/abcd01-cert.crt.pkeyconv, fingerprint xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxxx/ab66b22e44d1d4f0d65452d89a87249c7c4cdef9) in the user's authorization file (/home/userid/.ssh2/authorization)",Session-Id: 288

Please advice.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

iaki_vila
Active Contributor
‎09-26-2013 8:57 AM
0 Kudos

Hi Naga,

May be the problem is in the tectia system configuration. This web deals about similar problem https://www.zebulak.com/zebulak/2013/06/netsshperl/

Hope this helps.

Regargs.

Show replies
Show replies
vamsi_akkapeddi
Explorer
‎09-27-2013 6:23 PM
0 Kudos

Thank You Very much Iñaki Vila

Looks like ,user I am using, got locked after 5 attempts. My Infra team had to reset it manullay after 5 attempts.

Just putting some links for any reference

http://www.ssh.com/manuals/server-admin/60/userauth-pk.html

Former Member
‎10-03-2013 2:41 PM
0 Kudos

Hi Vamsi Krishna,

  We have a scenario exactly the same as yours. We need to send a file to SFTP Server using "Private Key" Authentication method.

But we are not able to import our partner's public key into PI key store and hence could not select the same in the receiver SFTP Communication Channel.

Were you able to import your partner's public key in PI Key Store ? If so can you please let us know the process.

Thanks,

Sarat

vamsi_akkapeddi
Explorer
‎10-03-2013 3:56 PM
0 Kudos

It should be other way round. You need to send PI public key to your target system and they need to import it. Nothing needed from target system except user name if you are using key based authentication. Make sure that userid have permissions to the folders where you are creating files.

Once you upload PI private key in PI, you should be able to select it Communication channel.

You can check this link to understand how SFTP and FTPS works.

http://blog.goanywheremft.com/2011/10/20/sftp-ftps-secure-ftp-transfers/

saratkishoregoudu
Explorer
‎10-03-2013 7:25 PM
0 Kudos

Hi Vamsi,

  Thanks a lot for your response.

So in the "Receiver" SFTP Channel, do we need to select "PI Private Key" while sending a file to SFTP Server.

Also the user we use in the channel should have access to just the folder in SFTP Server where PI places the file or also to the folder in the SFTP Server where "PI Public Key" is saved.

Also in which scenario do we need to use our partner's "Public Key" ?

Thanks,

Sarat

vamsi_akkapeddi
Explorer
‎10-03-2013 7:33 PM
0 Kudos

Sarat,

You can follow this document

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/305eeb5b-81e7-2f10-d8aa-9216de04c...

User do not need to have access to PI Private key.

Yes you need to select PI private key in Comm channel.

saratkishoregoudu
Explorer
‎10-03-2013 7:44 PM
0 Kudos

Hi Vamsi,

  We have already followed the same document for our Key Store set up to provide our partner with our public key.

Is the issue because of their system supporting only "SSH" keys and PI key storage doesn't support SSH keys for Private key based authentication ?

I am still getting Auth failed issue after following the steps.

Thanks,

Sarat

vamsi_akkapeddi
Explorer
‎10-03-2013 7:59 PM
0 Kudos

Start a new thread Sarat, this thread is already closed.

saratkishoregoudu
Explorer
‎10-03-2013 8:02 PM
0 Kudos

http://scn.sap.com/thread/3432963 is the new thread.

Answers (0)

Ask a Question