Problems with SFTP and SSH after server update (Ubuntu)

Help & Support
#1

Hi!

In December last year we did a server update on our Ubuntu-server. After that I can't login with DO using SFTP and SSH (public key). I just get the following information:

Server version: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ecdsa-sha2-nistp256 host key, but we don't know it
Host key fingerprint is:
ssh-ed25519 256 [xxx]
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading key file "D:\[xxx]\id_rsa.ppk"
Using username "sfo".
Offered public key
Server refused our key
Server refused our key
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed

What can the problem be? The same SSH logging in (same server, same public and private key,) works fine with MobaXterm, Navicat, WinSCP, and UltraFTP (UltaEdit). I use DO 12.30 on Win10/64.

#2

Please see this thread:

#3

Thanks! Have you been able to test with Ubuntu 22? Have you found a solution where we don't need to tamper with security?

#4

We don't currently have a solution other than enabling the older protocols on the server. (Which, at least as I understand things, is not currently that risky, unless a government or similarly powerful and well-funded organisation is after you.)

We are looking into switching to a new SFTP library to make it possible to add support for newer protocols more easily, as the one we currently use has become difficult to merge changes into our fork. (It was never really designed as a library for other software to use, and the codebase on their side had a large refactor fairly recently, which means we have to manually port changes to our code now.) But we need to finish other work first before we start looking at that.

#5

Thanks for info!