vscode-sftp
vscode-sftp copied to clipboard
Natizyskunk
All configured authentication methods failed, but "Open SSH in terminal" works fine
Do you read the FAQ?
- [X] Yes.
- [ ] I am going to read now.
Describe the bug When trying to connect to the remote server with PublicKey auth it fails, but if I right click on the server in the SFTP Tab and choose "Open SSH in Terminal" the connection works perfect.
To Reproduce Steps to reproduce the behavior:
- Setup server with just Public Key
- Try to expand the server in the SFTP Explorer Tab
- See error
- Right Click the server and choose "Open SSH in Terminal"
- Works
Expected behavior Connecting to the server should work if connecting to SSH with the same options works
Desktop (please complete the following information):
- OS: Windows
- VSCode Version 1.75.1
- Extension Version 1.16.1
Extension Logs from Startup - required
[02-24 14:34:41] [debug] Custom crypto binding not available
[02-24 14:34:41] [debug] Local ident: 'SSH-2.0-ssh2js1.11.0'
[02-24 14:34:41] [debug] Client: Trying #REDACTED# on port 22 ...
[02-24 14:34:41] [debug] Socket connected
[02-24 14:34:41] [debug] Remote ident: 'SSH-2.0-OpenSSH_8.9p1 Ubuntu-3'
[02-24 14:34:41] [debug] Outbound: Sending KEXINIT
[02-24 14:34:41] [debug] Inbound: Handshake in progress
[02-24 14:34:41] [debug] Handshake: (local) KEX method: [email protected],curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512
[02-24 14:34:41] [debug] Handshake: (remote) KEX method: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,[email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
[02-24 14:34:41] [debug] Handshake: KEX algorithm: [email protected]
[02-24 14:34:41] [debug] Handshake: (local) Host key format: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
[02-24 14:34:41] [debug] Handshake: (remote) Host key format: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
[02-24 14:34:41] [debug] Handshake: Host key format: ssh-ed25519
[02-24 14:34:41] [debug] Handshake: (local) C->S cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr
[02-24 14:34:41] [debug] Handshake: (remote) C->S cipher: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
[02-24 14:34:41] [debug] Handshake: C->S Cipher: [email protected]
[02-24 14:34:41] [debug] Handshake: (local) S->C cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr
[02-24 14:34:41] [debug] Handshake: (remote) S->C cipher: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
[02-24 14:34:41] [debug] Handshake: S->C cipher: [email protected]
[02-24 14:34:41] [debug] Handshake: (local) C->S MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-24 14:34:41] [debug] Handshake: (remote) C->S MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-24 14:34:41] [debug] Handshake: C->S MAC: <implicit>
[02-24 14:34:41] [debug] Handshake: (local) S->C MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-24 14:34:41] [debug] Handshake: (remote) S->C MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-24 14:34:41] [debug] Handshake: S->C MAC: <implicit>
[02-24 14:34:41] [debug] Handshake: (local) C->S compression: none,[email protected],zlib
[02-24 14:34:41] [debug] Handshake: (remote) C->S compression: none,[email protected]
[02-24 14:34:41] [debug] Handshake: C->S compression: none
[02-24 14:34:41] [debug] Handshake: (local) S->C compression: none,[email protected],zlib
[02-24 14:34:41] [debug] Handshake: (remote) S->C compression: none,[email protected]
[02-24 14:34:41] [debug] Handshake: S->C compression: none
[02-24 14:34:41] [debug] Outbound: Sending KEXECDH_INIT
[02-24 14:34:41] [debug] Received DH Reply
[02-24 14:34:41] [debug] Host accepted by default (no verification)
[02-24 14:34:41] [debug] Host accepted (verified)
[02-24 14:34:41] [debug] Outbound: Sending NEWKEYS
[02-24 14:34:41] [debug] Inbound: NEWKEYS
[02-24 14:34:41] [debug] Verifying signature ...
[02-24 14:34:41] [debug] Verified signature
[02-24 14:34:41] [debug] Handshake completed
[02-24 14:34:41] [debug] Outbound: Sending SERVICE_REQUEST (ssh-userauth)
[02-24 14:34:41] [debug] Inbound: Received SERVICE_ACCEPT (ssh-userauth)
[02-24 14:34:41] [debug] Outbound: Sending USERAUTH_REQUEST (none)
[02-24 14:34:41] [debug] Inbound: Received USERAUTH_FAILURE (publickey,password)
[02-24 14:34:41] [debug] Client: none auth failed
[02-24 14:34:41] [debug] Outbound: Sending USERAUTH_REQUEST (publickey -- check)
[02-24 14:34:41] [debug] Inbound: Received USERAUTH_FAILURE (publickey,password)
[02-24 14:34:41] [debug] Client: publickey auth failed
[02-24 14:34:41] [debug] Outbound: Sending DISCONNECT (11)
[02-24 14:34:41] [debug] Socket ended
[02-24 14:34:41] [debug] Socket closed
sftp.json
{
"name": "Test API",
"host": "#REDACTED#",
"protocol": "sftp",
"port": 22,
"username": "#REDACTED#",
"remotePath": "/home/test/test.#REDACTED#.com/",
"downloadOnOpen": true,
"uploadOnSave": true,
"useTempFile": false,
"openSsh": false,
"privateKeyPath": "D:/Websites/Keys/#REDACTED#.key"
}
Open SSH in Terminal Command line same key and user are used of course
ssh -t #REDACTED#@#REDACTED# -p 22 -i "D:\Websites\Keys\#REDACTED#.key"
I have tried the pre-release version 1.16.2 as well as setting openSSH to true after noticing Remote ident: 'SSH-2.0-OpenSSH_8.9p1 Ubuntu-3' but still can not connect
I have noticed this also happen on new RHEL9 installs we have. Problem doesnt appear in RHEL8
[02-27 12:19:00] [debug] Custom crypto binding not available
[02-27 12:19:00] [debug] Local ident: 'SSH-2.0-ssh2js1.11.0'
[02-27 12:19:00] [debug] Client: Trying builder.domain.ca on port 22 ...
[02-27 12:19:00] [debug] Socket connected
[02-27 12:19:00] [debug] Remote ident: 'SSH-2.0-OpenSSH_8.7'
[02-27 12:19:00] [debug] Outbound: Sending KEXINIT
[02-27 12:19:00] [debug] Inbound: Handshake in progress
[02-27 12:19:00] [debug] Handshake: (local) KEX method: [email protected],curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512
[02-27 12:19:00] [debug] Handshake: (remote) KEX method: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
[02-27 12:19:00] [debug] Handshake: KEX algorithm: [email protected]
[02-27 12:19:00] [debug] Handshake: (local) Host key format: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
[02-27 12:19:00] [debug] Handshake: (remote) Host key format: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256
[02-27 12:19:00] [debug] Handshake: Host key format: ecdsa-sha2-nistp256
[02-27 12:19:00] [debug] Handshake: (local) C->S cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr
[02-27 12:19:00] [debug] Handshake: (remote) C->S cipher: aes128-ctr,aes192-ctr,aes256-ctr
[02-27 12:19:00] [debug] Handshake: C->S Cipher: aes128-ctr
[02-27 12:19:00] [debug] Handshake: (local) S->C cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr
[02-27 12:19:00] [debug] Handshake: (remote) S->C cipher: aes128-ctr,aes192-ctr,aes256-ctr
[02-27 12:19:00] [debug] Handshake: S->C cipher: aes128-ctr
[02-27 12:19:00] [debug] Handshake: (local) C->S MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-27 12:19:00] [debug] Handshake: (remote) C->S MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-27 12:19:00] [debug] Handshake: C->S MAC: [email protected]
[02-27 12:19:00] [debug] Handshake: (local) S->C MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-27 12:19:00] [debug] Handshake: (remote) S->C MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[02-27 12:19:00] [debug] Handshake: S->C MAC: [email protected]
[02-27 12:19:00] [debug] Handshake: (local) C->S compression: none,[email protected],zlib
[02-27 12:19:00] [debug] Handshake: (remote) C->S compression: none,[email protected]
[02-27 12:19:00] [debug] Handshake: C->S compression: none
[02-27 12:19:00] [debug] Handshake: (local) S->C compression: none,[email protected],zlib
[02-27 12:19:00] [debug] Handshake: (remote) S->C compression: none,[email protected]
[02-27 12:19:00] [debug] Handshake: S->C compression: none
[02-27 12:19:00] [debug] Outbound: Sending KEXECDH_INIT
[02-27 12:19:00] [debug] Received DH Reply
[02-27 12:19:00] [debug] Host accepted by default (no verification)
[02-27 12:19:00] [debug] Host accepted (verified)
[02-27 12:19:00] [debug] Outbound: Sending NEWKEYS
[02-27 12:19:00] [debug] Inbound: NEWKEYS
[02-27 12:19:00] [debug] Verifying signature ...
[02-27 12:19:00] [debug] Verified signature
[02-27 12:19:00] [debug] Handshake completed
[02-27 12:19:00] [debug] Outbound: Sending SERVICE_REQUEST (ssh-userauth)
[02-27 12:19:00] [debug] Inbound: Received SERVICE_ACCEPT (ssh-userauth)
[02-27 12:19:00] [debug] Outbound: Sending USERAUTH_REQUEST (none)
[02-27 12:19:00] [debug] Inbound: Received USERAUTH_BANNER
[02-27 12:19:00] [debug] Inbound: Received USERAUTH_FAILURE (publickey,gssapi-keyex,gssapi-with-mic,password)
[02-27 12:19:00] [debug] Client: none auth failed
[02-27 12:19:00] [debug] Outbound: Sending USERAUTH_REQUEST (password)
[02-27 12:19:02] [debug] Inbound: Received USERAUTH_FAILURE (publickey,gssapi-keyex,gssapi-with-mic,password)
[02-27 12:19:02] [debug] Client: password auth failed
[02-27 12:19:02] [debug] Outbound: Sending USERAUTH_REQUEST (keyboard-interactive)
[02-27 12:19:02] [debug] Inbound: Received USERAUTH_FAILURE (publickey,gssapi-keyex,gssapi-with-mic,password)
[02-27 12:19:02] [debug] Client: keyboard-interactive auth failed
[02-27 12:19:02] [debug] Outbound: Sending DISCONNECT (11)
[02-27 12:19:02] [error] Error: [builder001.domain.ca]: All configured authentication methods failed
at Client.
I'm experiencing the same on Windows 11. Right-click > 'Open SSH in Terminal' works, showing that the configuration is correct, but expanding the server shows "All configured authentication methods failed" error. Please help!
I have also encountered it. I use rsa-rsa2-256. I can also ssh normally in the terminal, but the "All configured authentication methods failed" problem appears in vscode. Later, after research, I found that the implementations from the terminal and vscode are not the same. The former is openssh, and the latter is javascript.
Later, I chose to use ed25519 to generate public and private keys
ssh-keygen -t ed25519
and copy the key to the remote host
ssh-copy-id -i ~/.ssh/id_ed25519 -p port user@host
Test: Can be password-free on the terminal
ssh -i ~/.ssh/id_ed25519 -p port user@host
In sftp.json of vscode, specifying fields can bypass this problem.
"privateKeyPath": "~/.ssh/id_ed25519"
This problem does not exist in the lower version of openssh-server-7.4p1-22.el7_9.x86_64 (Centos7.9.2008), but the system of my problem server is CentOS Stream release 9, openssh-server-8.7p1-28. el9.x86_64, openssh-8.7p1-28.el9.x86_64. Although I know that the lower version of openssh supports ssh-rsa encryption, it doesn't seem to be the crux of the problem.
I got the same issue on macos ventura. Any help really appreciated.
This problem has nothing to do with the OS, because mine is the same OS as yours. This is only relevant for the openssh client and server. Maybe you can refer to my method to try to bypass this problem.
I've even seen the sftp plugin connect to the server but disconnect for some reason. The following is the debug log of the openssh server.
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: PAM: initializing for "xxx"
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: PAM: setting PAM_RHOST to "xxx.xxx.xxx.xxx"
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: PAM: setting PAM_TTY to "ssh"
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: userauth-request for user xxx service ssh-connection method publickey [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: attempt 1 failures 0 [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: Received disconnect from xxx.xxx.xxx.xxx port 65510:11: [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: Disconnected from authenticating user xxx xxx.xxx.xxx.xxx port 65510 [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: do_cleanup [preauth]
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: monitor_read_log: child log fd closed
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: do_cleanup
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: PAM: cleanup
Apr 4 00:09:54 amazing-idea-1 sshd[8333]: debug1: Killing privsep child 8334
I have the same problem with my Ubuntu 22.04 dedicated server. I've made another ssh key with ed25519 encryption as @tengfei-xy mentioned and now it works fine
I have also encountered it. I use rsa-rsa2-256. I can also ssh normally in the terminal, but the "All configured authentication methods failed" problem appears in vscode. Later, after research, I found that the implementations from the terminal and vscode are not the same. The former is openssh, and the latter is javascript.
Later, I chose to use ed25519 to generate public and private keys
ssh-keygen -t ed25519and copy the key to the remote host
ssh-copy-id -i ~/.ssh/id_ed25519 -p port user@hostTest: Can be password-free on the terminal
ssh -i ~/.ssh/id_ed25519 -p port user@hostIn sftp.json of vscode, specifying fields can bypass this problem.
"privateKeyPath": "~/.ssh/id_ed25519"This problem does not exist in the lower version of openssh-server-7.4p1-22.el7_9.x86_64 (Centos7.9.2008), but the system of my problem server is CentOS Stream release 9, openssh-server-8.7p1-28. el9.x86_64, openssh-8.7p1-28.el9.x86_64. Although I know that the lower version of openssh supports ssh-rsa encryption, it doesn't seem to be the crux of the problem.
This workaround works using RSA key too. Thank you for the hint!
Same issues on MacOS Ventura. Double-checked the ip, username and privateKeyPath, everything is correct.
