on 02-26-2015 9:38 AM
Hi Gurus,
I have a scenario where a new SFTP server needs to connect to PI . The Server team has given me server name , port and username .
They have mentioned " NO PASSWORD. FTPS SSL authentication " . They have given me PGP public Key .
I used SFTP channel and used the adapter module " AdvantcoOpenPGPSender " .
After starting the channel I am getting the below error Attached Image :
Error: Cannot connect to SFTP server. SFTP server: XXXXXXXXXXXXXXXXX:21. Kex=diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1. Ciphers=aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-ctr,blowfish-cbc,arcfour256,arcfour128,arcfour,none. MAC=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96. Compression=zlib,zlib@openssh.com,none. FIPS 140-2 compliant=false: Session.connect: java.net.SocketTimeoutException: Read timed out (Software version: 3.0.25)
Am I missing out something ? They have not given me any certificates , Should I upload any certificate in Keystore if its SSl authentication in stead of password ? ..
Please help
Hi Gowtham,
Please go through this document. It might help with the configuration of SFTP.
--
Sendhil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There is no firewall issue , Actaully I was using the expiered certificate , now i have updated the certificate correctly . I am getting the below error .
Error: Cannot connect to SFTP server. SFTP server: XXXXX@tXXXXXXXX:22; server version=SSH-2.0-SSHD. Kex=diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1. Ciphers=aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-ctr,blowfish-cbc,arcfour256,arcfour128,arcfour,none. MAC=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96. Compression=zlib,zlib@openssh.com,none. FIPS 140-2 compliant=false: Auth fail (Software version: 3.0.25)
It says Authentication failed .
The SFTP server team has given username and instead of password they have said "SSH Key Authentication".
They have also given PGP public key that I have used it in module "AdvantcoOpenPGPSender"
I have added the correct certificate and left the password column empty is there any thing else need to be done ???
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Gowtham,
Please check section 4 in below document.
You need to configure like this in your channel.
Regards,
Praveen.
Hi Praveen ,
Here only certificate based authentication is used and not password .
I have updated the certificates,
SFTP team have given me a Sign key and have mentioned that key in "sign.KeyID" parameter of AdvantcoOpenPGPSender Module.
But now the message fails with the error :
Module "Encrypt" (AdvantcoOpenPGPSender): com.advantco.openpgp.util.OpenPGPException: Passphrase for signing key not provided (Software version: 2.0.8)
Am I missing some module parameter ?? Please help
Hi Gowtham,
Please find the below mentioned links for your information:
http://scn.sap.com/community/pi-and-soa-middleware/blog/2012/04/10/pgpencryption-module-how-to-guide
http://wiki.scn.sap.com/wiki/display/XI/Generating+SSH+Keys+for+SFTP+Adapters+-+Type+1
and use their product information document to configure the module.
Use the user they (3rd party) should have provided for the Private key based authentication and get
Private Key View: <SFTP_TEST>
Private Key View Entry: <sftp_keystore>
from your basis team and configure them in SFTP receiver adapter.
Thanks
Hi Gowtham,
Ask them to regenerate the certificates and reploy the same. also check with your basis guys if the DNS entry in your server is maintained or not?
Note: if the certificate is generated with IP you need to use IP only in your channel if the certificate is generated with host name then host name has to used in channel...
Regards,
Naveen
Hi Gowtham,
you are under firewall? basis have opened firewall ports?
Fabio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.