SCP From iSeries to iSeries

305 pts.
Tags:
AS/400
iSeries
iSeries networking
iSeries SFTP
Secure Data Transfer
System i
Hello All,

Can someone help me on following Secure File Transfer issue:

I want to Copy document existing in IFS from One iSeries to another iSeries server using SCP, both the servers are in the same network. I have SSHD running on host. I have followed following steps to transfer file, (I have used SSSSSSSS for my host name, ZZZZZZZ for my host user id & UUUUUUUU for my client user Id below)

CALL QP2TERM

I have established SSH session successfully to host using command: ssh -T ZZZZZZZ@SSSSSSSS

The host is added into known hosts on client.

I am able to execute CL commands from Client SSH on host. I have generated Private & Publick key on client without passphrase and added public key into authorized_keys on host. I have set authorities to directory .ssh and file authorized_keys as required. I used following steps on client to transfer file using SCP:

ssh-agent $SHELL

ssh-add

(Identity added)

scp -vvv /home/UUUUUUU/Citi.txt ZZZZZZZ@SSSSSSSS:/home/UUUUUUU/Citi.txt

I get the following error

Permission denied (publickey,password,keyboard-interactive).

(I have followed steps as given in Redbook Securing Communications with OpenSSH on IBM i5/OS, exception is I don't have SSHD running on Client Server)

I have given complete log below:

> scp -vvv /home/UUUUUUU/Citi.txt ZZZZZZZ@SSSSSSSS:/home/UUUUUUU/Citi.txt Executing: program /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/bin/ssh host SSSSSSSS, user ZZZZZZZ, command scp -v -t /home/UUUUUUU/Citi.txt OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004 debug1: Reading configuration data /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openss h-3.5p1/etc/ssh_config debug3: Seeding PRNG from /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/l ibexec/ssh-rand-helper debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to SSSSSSSS [10.10.10.254] port 22. debug1: Connection established. debug1: identity file /home/UUUUUUU/.ssh/identity type -1 debug3: Not a RSA1 key file /home/UUUUUUU/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: no key found debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: no key found debug1: identity file /home/UUUUUUU/.ssh/id_rsa type 1 debug1: identity file /home/UUUUUUU/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 debug1: match: OpenSSH_3.5p1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.5p1 debug3: RNG is ready, skipping seeding debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 124/256 debug1: bits set: 1553/3191 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/UUUUUUU/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile: filename /home/UUUUUUU/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'SSSSSSSS' is known and matches the RSA host key. debug1: Found key in /home/UUUUUUU/.ssh/known_hosts:1 debug1: bits set: 1588/3191 debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try privkey: /home/UUUUUUU/.ssh/identity debug3: no such identity: /home/UUUUUUU/.ssh/identity debug1: try pubkey: /home/UUUUUUU/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug1: try privkey: /home/UUUUUUU/.ssh/id_dsa debug3: no such identity: /home/UUUUUUU/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: next auth method to try is keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: next auth method to try is password debug2: readpassphrase: not a 5250 return ENOTTY debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive Permission denied, please try again. debug2: readpassphrase: not a 5250 return ENOTTY debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive Permission denied, please try again. debug2: readpassphrase: not a 5250 return ENOTTY debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug1: no more auth methods to try Permission denied (publickey,password,keyboard-interactive). debug1: Calling cleanup 0x20012cd0(0x0) lost connection $



Software/Hardware used:
OS/400 V5R4M0
ASKED: December 18, 2010  9:45 PM
UPDATED: January 5, 2011  3:02 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

If you’re interested in a 3rd party solution, Linoma Software’s <b>GoAnywhere Director </b>product can handle that requirement. You can learn more about GA Director and the secure copy function here: <a href=”http://www.goanywheremft.com/products/director/connectivity/SCP?searched=secure%20copy”>http://www.goanywheremft.com/products/director/connectivity/SCP?searched=secure%20copy</a>

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    Please run this on the target system SSSSSSSS in QP2TERM and post the results here:
    ls /home/ZZZZZZZ/.ssh
    The resulting list should help verify current status and help guide the next steps. Tom
    125,585 pointsBadges:
    report
  • sim400
    Hi Tom, Thanks for looking into this. I was expecting your reply. Here is the result of the command you asked. $ > ls /home/ZZZZZZZ/.ssh authorized_keys $ Thanks, Sim
    305 pointsBadges:
    report
  • TomLiotta
    Although I've managed to recreate what seems to be the same problem, I haven't tracked down which step caused. I first set up two systems to get a working example. After a couple tests, I eventually ran into the problem. So far, I haven't worked backwards in the right way to fix whatever is going wrong, and nothing I've found points to where the issue is. It looks like I'll have to remove all configuration elements on both systems and run forward again. No good help yet. Tom
    125,585 pointsBadges:
    report
  • sim400
    Tom, Once I configure SSHD, Do I need to change any value in Configuration file or Should I leave the default as it is ? Well, I have not yet done the reconfiguration. Thanks Sim
    305 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following