cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cannot connect to SFTP server

Go to solution
Former Member

on ‎02-26-2015 9:38 AM

0 Kudos

Hi Gurus,

I have a scenario where a new SFTP server needs to connect to PI . The Server team has given me server name , port and username .

They have mentioned " NO PASSWORD. FTPS SSL authentication " . They have given me PGP public Key .

I used SFTP channel and used the adapter module " AdvantcoOpenPGPSender " .

After starting the channel I am getting the below error Attached Image :

Error: Cannot connect to SFTP server. SFTP server: XXXXXXXXXXXXXXXXX:21. Kex=diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1. Ciphers=aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-ctr,blowfish-cbc,arcfour256,arcfour128,arcfour,none. MAC=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96. Compression=zlib,zlib@openssh.com,none. FIPS 140-2 compliant=false: Session.connect: java.net.SocketTimeoutException: Read timed out (Software version: 3.0.25)

Am I missing out something ? They have not given me any certificates , Should I upload any certificate in Keystore if its SSl authentication in stead of password ? ..

Please help

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

sendhil_kumar
Active Participant
‎02-26-2015 10:52 AM
0 Kudos

Hi Gowtham,

Please go through this document. It might help with the configuration of SFTP.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/305eeb5b-81e7-2f10-d8aa-9216de04c...

--

Sendhil

Show replies
Show replies
Former Member
‎02-27-2015 7:42 AM
0 Kudos

Hi Senthil,

The document you have given is for SAP PI 7.11 with SP8 and above our server in SAP PI 7.11 SP6

Answers (2)

Answers (2)

Former Member
‎02-27-2015 6:35 AM
0 Kudos

There is no firewall issue , Actaully I was using the expiered certificate , now i have updated the certificate correctly . I am getting the below error .

Error: Cannot connect to SFTP server. SFTP server: XXXXX@tXXXXXXXX:22; server version=SSH-2.0-SSHD. Kex=diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1. Ciphers=aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-ctr,blowfish-cbc,arcfour256,arcfour128,arcfour,none. MAC=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96. Compression=zlib,zlib@openssh.com,none. FIPS 140-2 compliant=false: Auth fail (Software version: 3.0.25)


It says Authentication failed .

The SFTP server team has given username and instead of password they have said "SSH Key Authentication".

They have also given PGP public key that I have used it in module "AdvantcoOpenPGPSender"


I have added the correct certificate and left the password column empty is there any thing else need to be done ???


Show replies
Show replies
former_member182412
Active Contributor
‎02-27-2015 7:47 AM
0 Kudos

Hi Gowtham,

Please check section 4 in below document.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/305eeb5b-81e7-2f10-d8aa-9216de04c...

You need to configure like this in your channel.

Regards,

Praveen.

Former Member
‎03-04-2015 5:58 AM
0 Kudos

Hi Praveen ,

Here only certificate based authentication is used and not password .

I have updated the certificates,

SFTP team have given me a Sign key and have mentioned that key in "sign.KeyID" parameter of      AdvantcoOpenPGPSender Module.

But now the message fails with the error :


Module "Encrypt" (AdvantcoOpenPGPSender): com.advantco.openpgp.util.OpenPGPException: Passphrase for signing key not provided (Software version: 2.0.8)

Am I missing some module parameter ?? Please help

Former Member
‎03-04-2015 8:30 AM
0 Kudos

Hi Gowtham,

Please find the below mentioned links for your information:

http://scn.sap.com/community/pi-and-soa-middleware/blog/2012/04/10/pgpencryption-module-how-to-guide

http://wiki.scn.sap.com/wiki/display/XI/Generating+SSH+Keys+for+SFTP+Adapters+-+Type+1

and use their product information document to configure the module.

Use the user they (3rd party) should have provided for the Private key based authentication and  get

Private Key View: <SFTP_TEST>

Private Key View Entry: <sftp_keystore>

from your basis team and configure them in SFTP receiver adapter.

Thanks

naveen_chichili
Active Contributor
‎03-04-2015 11:41 AM
0 Kudos

Hi Gowtham,

Ask them to regenerate the certificates and reploy the same. also check with your basis guys if the DNS entry in your server is maintained or not?

Note: if the certificate is generated with IP you need to use IP only in your channel if the certificate is generated with host name then host name has to used in channel...

Regards,

Naveen

Former Member
‎03-05-2015 8:51 AM
0 Kudos

Hi Naveen and Akhila thanks for your reply .

I got the sign passphrase from the basis team who generated the certificate .

I requested the SFTP server team to reload the certificate now its working fine

I am able to send file to SFTP server successfully .

former_member182412
Active Contributor
‎03-05-2015 9:01 AM
0 Kudos

Hi Gowtham,

Thanks for sharing final solution with us.

Please close the thread as below mentioned blog.

Regards,

Praveen.

Former Member
‎02-26-2015 10:55 AM
0 Kudos

Hi Gowtham,

you are under firewall? basis have opened firewall ports?

Fabio

Show replies
Show replies
Ask a Question