WinSCP: the server refused our key

Question

WinSCP: the server refused our key

Ok, I have a working server connection on our production machine. I need to reproduce this on my development machine so that I can transfer my own files. Everything is the same, right down to the OS.

When I try to connect, all I get is:

The server refused our key.

Here is my log file ...

. 2013-01-28 15:26:25.738 Session name: hex166t@65.XXX.XX.XXX (Modified stored session)
. 2013-01-28 15:26:25.738 Host name: 65.XXX.XX.XXX (Port: 1XXXX)
. 2013-01-28 15:26:25.738 User name: hex166t (Password: Yes, Key file: Yes)
. 2013-01-28 15:26:25.738 Tunnel: No
. 2013-01-28 15:26:25.738 Transfer Protocol: SFTP
. 2013-01-28 15:26:25.738 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. 2013-01-28 15:26:25.738 Proxy: none
. 2013-01-28 15:26:25.738 SSH protocol version: 2; Compression: No
. 2013-01-28 15:26:25.738 Bypass authentication: No
. 2013-01-28 15:26:25.738 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. 2013-01-28 15:26:25.738 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2013-01-28 15:26:25.738 SSH Bugs: A,A,A,A,A,A,A,A,A,A
. 2013-01-28 15:26:25.738 SFTP Bugs: A,A
. 2013-01-28 15:26:25.738 Return code variable: Autodetect; Lookup user groups: A
. 2013-01-28 15:26:25.738 Shell: default
. 2013-01-28 15:26:25.738 EOL: 0, UTF: 2
. 2013-01-28 15:26:25.738 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2013-01-28 15:26:25.738 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2013-01-28 15:26:25.738 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2013-01-28 15:26:25.738 Cache directory changes: Yes, Permanent: Yes
. 2013-01-28 15:26:25.738 DST mode: 1
. 2013-01-28 15:26:25.738 --------------------------------------------------------------------------
. 2013-01-28 15:26:25.808 Looking up host "65.XXX.XX.XXX"
. 2013-01-28 15:26:25.808 Connecting to 65.XXX.XX.XXX port 1XXXX
. 2013-01-28 15:26:25.858 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:25.858 Detected network event
. 2013-01-28 15:26:25.938 Detected network event
. 2013-01-28 15:26:25.938 Server version: SSH-2.0-Connect:Enterprise_UNIX_2.4.02
. 2013-01-28 15:26:25.938 Using SSH protocol version 2
. 2013-01-28 15:26:25.938 We claim version: SSH-2.0-WinSCP_release_5.1.3
. 2013-01-28 15:26:25.938 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:25.998 Detected network event
. 2013-01-28 15:26:25.998 Doing Diffie-Hellman group exchange
. 2013-01-28 15:26:25.998 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:26.258 Detected network event
. 2013-01-28 15:26:26.258 Doing Diffie-Hellman key exchange with hash SHA-1
. 2013-01-28 15:26:26.438 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:26.678 Detected network event
. 2013-01-28 15:26:26.898 Verifying host key rsa2 0x23,0xdf2a07bac36 with fingerprint ssh-rsa 2048 fe:03:bc:ad:66 
. 2013-01-28 15:26:26.908 Host key matches cached key
. 2013-01-28 15:26:26.908 Host key fingerprint is:
. 2013-01-28 15:26:26.908 ssh-rsa 2048 fe:03:bc:ad:66 
. 2013-01-28 15:26:26.908 Initialised AES-256 CBC client-    >server encryption
. 2013-01-28 15:26:26.908 Initialised HMAC-SHA1 client-    >server MAC algorithm
. 2013-01-28 15:26:26.908 Initialised AES-256 CBC server-    >client encryption
. 2013-01-28 15:26:26.908 Initialised HMAC-SHA1 server-    >client MAC algorithm
. 2013-01-28 15:26:26.908 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:27.048 Detected network event
. 2013-01-28 15:26:27.048 Reading private key file "Z:\prd\PS_DATA\HSBCfingateway\hsbccerts\hsbc-ensco.ppk"
. 2013-01-28 15:26:27.058 Using username "hex166t".
. 2013-01-28 15:26:27.108 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:27.158 Detected network event
. 2013-01-28 15:26:27.168 Offered public key
. 2013-01-28 15:26:27.168 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:27.228 Detected network event
. 2013-01-28 15:26:27.228 Server refused our key
. 2013-01-28 15:26:27.258 Server refused our key
. 2013-01-28 15:26:27.258 Attempting keyboard-interactive authentication
. 2013-01-28 15:26:27.258 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:27.298 Detected network event
. 2013-01-28 15:26:27.298 Server refused keyboard-interactive authentication
. 2013-01-28 15:26:27.298 Prompt (7, SSH password, , &Password: )
. 2013-01-28 15:26:27.298 Using stored password.
. 2013-01-28 15:26:27.308 Sent password
. 2013-01-28 15:26:27.308 Waiting for the server to continue with the initialisation
. 2013-01-28 15:26:27.418 Detected network event
. 2013-01-28 15:26:27.418 Password authentication failed
. 2013-01-28 15:26:27.418 Access denied
. 2013-01-28 15:26:27.458 Prompt (7, SSH password, , &Password: )
. 2013-01-28 15:26:45.497 Attempt to close connection due to fatal exception:
. 2013-01-28 15:26:45.497 Closing connection.
. 2013-01-28 15:26:45.497 Sending special code: 12
. 2013-01-28 15:26:45.559 (ESshFatal)

+3

putty ssh private-key winscp

Flynn kinkade 28 jan. 13 at 21:52

source to share

3 answers

Martin Prikryl · Answer 1 · 2013-04-03T13:21:41+0000

You do not have the correct private key validation setup.

Make sure to add the public key to ~/.ssh/authorized_keys

on the server.

You will get a public key fingerprint in the correct format in PuTTYgen in the public key to be inserted into the authorized_keys file when you upload your private key.

For more information, see Configuring SSH Public Key Authentication .

Vu doan · Answer 2 · 2013-07-12T07:43:40+0000

In my case, I tried

$chmod 0600 authorized_keys

and it works great.

m.nguyencntt · Answer 3 · 2019-03-28T06:26:59+0000

I faced the same problem, found and solved by running these commands on the destination server:

chmod 700 .ssh
chmod 600 .ssh/authorized_keys
chown $USER:$USER .ssh -R

WinSCP: the server refused our key

More articles: