In December last year we did a server update on our Ubuntu-server. After that I can't login with DO using SFTP and SSH (public key). I just get the following information:
Server version: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ecdsa-sha2-nistp256 host key, but we don't know it
Host key fingerprint is:
ssh-ed25519 256 [xxx]
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading key file "D:\[xxx]\id_rsa.ppk"
Using username "sfo".
Offered public key
Server refused our key
Server refused our key
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
What can the problem be? The same SSH logging in (same server, same public and private key,) works fine with MobaXterm, Navicat, WinSCP, and UltraFTP (UltaEdit). I use DO 12.30 on Win10/64.
We don't currently have a solution other than enabling the older protocols on the server. (Which, at least as I understand things, is not currently that risky, unless a government or similarly powerful and well-funded organisation is after you.)
We are looking into switching to a new SFTP library to make it possible to add support for newer protocols more easily, as the one we currently use has become difficult to merge changes into our fork. (It was never really designed as a library for other software to use, and the codebase on their side had a large refactor fairly recently, which means we have to manually port changes to our code now.) But we need to finish other work first before we start looking at that.
One year later: any new solution yet? Opus 13 doesn't seem to solve it - I just upgraded in the hope that you should have a newer protocols library. DO is the only file software with FTP-functions which I have (I have several) which doesn't support these newer protocols...
We'll be completely replacing the SFTP code as the first big piece of work we do once the dust settles on the initial release.
It wasn't done for 13.1 because we'd all still be waiting for 13 and the other features to be released if we had, but it's the next thing we'll do after all the small changes and feedback from the release are worked through.
On Feb 5 Leo wrote: "We'll be completely replacing the SFTP code as the first big piece of work we do once the dust settles on the initial release. ... it's the next thing we'll do".
How is the status of this? It seems that the SFTP code isn't replaced yet - at leat I can't see any change. Maybe there was a lot of dust ...