Welcome to the Cumulus Support forum.
Latest Cumulus MX V4 release 4.3.3 (build 4070) - 04 January 2025
Latest Cumulus MX V3 release 3.28.6 (build 3283) - 21 March 2024
Legacy Cumulus 1 release 1.9.4 (build 1099) - 28 November 2014
(a patch is available for 1.9.4 build 1099 that extends the date range of drop-down menus to 2030)
Download the Software (Cumulus MX / Cumulus 1 and other related items) from the Wiki
If you are posting a new Topic on an error or if you need help PLEASE read this first viewtopic.php?p=164080#p164080
Latest Cumulus MX V4 release 4.3.3 (build 4070) - 04 January 2025
Latest Cumulus MX V3 release 3.28.6 (build 3283) - 21 March 2024
Legacy Cumulus 1 release 1.9.4 (build 1099) - 28 November 2014
(a patch is available for 1.9.4 build 1099 that extends the date range of drop-down menus to 2030)
Download the Software (Cumulus MX / Cumulus 1 and other related items) from the Wiki
If you are posting a new Topic on an error or if you need help PLEASE read this first viewtopic.php?p=164080#p164080
SFTP fails with Permission denied (publickey)
Moderator: mcrossley
-
- Posts: 5
- Joined: Mon 24 Oct 2022 3:07 pm
- Weather Station: Davis PV
- Operating System: Raspberry Pi - Ubuntu
SFTP fails with Permission denied (publickey)
I installed Cumulus MX 3.22.2 (build 3213) today on ubuntu on a Raspberry Pi 4.
I setup a connection to an Amazon Lightsail instance running Ubuntu. I can connect with ssh/sftp/scp using the pem key and upload files to the /var/www/html/weather directory just fine.
I'm running Cumulus MX as root on the PI and connecting to the ubuntu user on the Lightsail instance.
When connecting via CumulusMX though I get the following:
2022-10-24 17:09:38.705 RealtimeReconnect: Realtime ftp attempting disconnect
2022-10-24 17:09:38.706 RealtimeReconnect: Realtime ftp disconnected
2022-10-24 17:09:38.706 RealtimeReconnect: Realtime ftp attempting to reconnect
2022-10-24 17:09:39.062 RealtimeReconnect: Realtime ftp attempting to reinitialise the connection
2022-10-24 17:09:39.062 RealtimeSSHLogin: Attempting realtime SFTP connect to host xx.xxx.xxx.xxx on port 22
2022-10-24 17:09:39.397 RealtimeSSHLogin: Error connecting SFTP - Permission denied (publickey).
2022-10-24 17:09:39.397 RealtimeReconnect: Realtime ftp connection failed to connect after reinitialisation
2022-10-24 17:09:39.397 RealtimeReconnect: Sleeping for 20 seconds before trying again...
I've checked the /root/.ssh/known_host file on the PI and ensure the authorized_key file on ubuntu has the key.
Any ideas?
Thanks
Mike
I setup a connection to an Amazon Lightsail instance running Ubuntu. I can connect with ssh/sftp/scp using the pem key and upload files to the /var/www/html/weather directory just fine.
I'm running Cumulus MX as root on the PI and connecting to the ubuntu user on the Lightsail instance.
When connecting via CumulusMX though I get the following:
2022-10-24 17:09:38.705 RealtimeReconnect: Realtime ftp attempting disconnect
2022-10-24 17:09:38.706 RealtimeReconnect: Realtime ftp disconnected
2022-10-24 17:09:38.706 RealtimeReconnect: Realtime ftp attempting to reconnect
2022-10-24 17:09:39.062 RealtimeReconnect: Realtime ftp attempting to reinitialise the connection
2022-10-24 17:09:39.062 RealtimeSSHLogin: Attempting realtime SFTP connect to host xx.xxx.xxx.xxx on port 22
2022-10-24 17:09:39.397 RealtimeSSHLogin: Error connecting SFTP - Permission denied (publickey).
2022-10-24 17:09:39.397 RealtimeReconnect: Realtime ftp connection failed to connect after reinitialisation
2022-10-24 17:09:39.397 RealtimeReconnect: Sleeping for 20 seconds before trying again...
I've checked the /root/.ssh/known_host file on the PI and ensure the authorized_key file on ubuntu has the key.
Any ideas?
Thanks
Mike
Last edited by mbatesco on Tue 01 Nov 2022 12:15 am, edited 2 times in total.
-
- Posts: 2826
- Joined: Wed 08 Jun 2011 11:19 am
- Weather Station: Davis Vantage Pro 2 + Ecowitt
- Operating System: GNU/Linux Ubuntu 24.04 LXC
- Location: Alcaston, Shropshire, UK
- Contact:
Re: SFTP fails with Permission denied (publickey)
Have you told MX where to find your private key in order to perform encryption? Under Settings -> Internet Settings, tick Enable FTP Connections, then select SFTP protocol, then the pre-shared key authentication method, which gives you a box to enter the path to the private key file. Note that MX doesn't use system SSH, it has its own.
-
- Posts: 5
- Joined: Mon 24 Oct 2022 3:07 pm
- Weather Station: Davis PV
- Operating System: Raspberry Pi - Ubuntu
Re: SFTP fails with Permission denied (publickey)
Thank you for the response.
I placed the private key in the CumulusMX directory and pointed to it during the setup. It is the same key I've used with the command line ssh/sftp/scp commands.
Mike
I placed the private key in the CumulusMX directory and pointed to it during the setup. It is the same key I've used with the command line ssh/sftp/scp commands.
Mike
- mcrossley
- Posts: 14072
- Joined: Thu 07 Jan 2010 9:44 pm
- Weather Station: Davis VP2/WLL
- Operating System: Bullseye Lite rPi
- Location: Wilmslow, Cheshire, UK
- Contact:
Re: SFTP fails with Permission denied (publickey)
Check your file permissions on the copied key file, can the user CMX is running under read it?
Same for the server public key.
Same for the server public key.
- rogerthn
- Posts: 545
- Joined: Thu 11 Apr 2013 6:31 pm
- Weather Station: Ecowitt GW1000/GW1003
- Operating System: Raspberry Pi OS bullseye aarch64
- Location: Trollhättan Sweden
- Contact:
Re: SFTP fails with Permission denied (publickey)
I had to convert to PEM RSA private key for CMX
Code: Select all
file /home/pi/.ssh/id_rsa /home/pi/CumulusMX/id_rsa
/home/pi/.ssh/id_rsa: OpenSSH private key
/home/pi/CumulusMX/id_rsa: PEM RSA private key
-
- Posts: 5
- Joined: Mon 24 Oct 2022 3:07 pm
- Weather Station: Davis PV
- Operating System: Raspberry Pi - Ubuntu
Re: SFTP fails with Permission denied (publickey)
I'm double-checking the permissions and started looking at the PEM RSA, I think that might be the issue as the openssh keys have not worked to this point.
Thanks Rogerthn for the tip and I'll see how it works.
Mike
Thanks Rogerthn for the tip and I'll see how it works.
Mike
- rogerthn
- Posts: 545
- Joined: Thu 11 Apr 2013 6:31 pm
- Weather Station: Ecowitt GW1000/GW1003
- Operating System: Raspberry Pi OS bullseye aarch64
- Location: Trollhättan Sweden
- Contact:
Re: SFTP fails with Permission denied (publickey)
OK Mike
My commands below
My commands below
Code: Select all
cp -p /home/pi/.ssh/id_rsa /home/pi/.ssh/id_rsa.SAVED
ssh-keygen -p -N "" -m pem -f /home/pi/.ssh/id_rsa
cp -p /home/pi/.ssh/id_rsa /home/pi/CumulusMX/
cp -p /home/pi/.ssh/id_rsa.SAVED /home/pi/.ssh/id_rsa
- mcrossley
- Posts: 14072
- Joined: Thu 07 Jan 2010 9:44 pm
- Weather Station: Davis VP2/WLL
- Operating System: Bullseye Lite rPi
- Location: Wilmslow, Cheshire, UK
- Contact:
Re: SFTP fails with Permission denied (publickey)
For reference...
SSH.NET supports the following private key formats:Private keys can be encrypted using one of the following cipher methods:
- RSA in OpenSSL PEM and ssh.com format
- DSA in OpenSSL PEM and ssh.com format
- ECDSA 256/384/521 in OpenSSL PEM format
- ECDSA 256/384/521, ED25519 and RSA in OpenSSH key format
- DES-EDE3-CBC
- DES-EDE3-CFB
- DES-CBC
- AES-128-CBC
- AES-192-CBC
- AES-256-CBC
-
- Posts: 5
- Joined: Mon 24 Oct 2022 3:07 pm
- Weather Station: Davis PV
- Operating System: Raspberry Pi - Ubuntu
Re: SFTP fails with Permission denied (publickey)
Finally got some time to work through this, but still no luck.
For some reason, I can connect via the pem key with the command line ssh on a Mac and using SecureCRT without issue.
I've checked the authorized_keys files permissions and ensured the public key is in place. I also checked the private key permissions are correct. I even did a snapshot of the AWS Lightsail instance and recreated the instance with a new default key. I also create several new keys, but each time, I get
2022-10-31 15:20:40.042 RealtimeSSHLogin: Attempting realtime SFTP connect to host xx.xxx.xx.xxx on port 22
2022-10-31 15:20:41.320 RealtimeSSHLogin: Error connecting SFTP - Permission denied (publickey).
2022-10-31 15:20:41.329 Starting Realtime timer, interval = 30 seconds
Is there a debug flag for sftp to get more details? Any other sftp authentications methods that might work? I guess I could try a password but that is not as secure.
Thanks
Mike
For some reason, I can connect via the pem key with the command line ssh on a Mac and using SecureCRT without issue.
I've checked the authorized_keys files permissions and ensured the public key is in place. I also checked the private key permissions are correct. I even did a snapshot of the AWS Lightsail instance and recreated the instance with a new default key. I also create several new keys, but each time, I get
2022-10-31 15:20:40.042 RealtimeSSHLogin: Attempting realtime SFTP connect to host xx.xxx.xx.xxx on port 22
2022-10-31 15:20:41.320 RealtimeSSHLogin: Error connecting SFTP - Permission denied (publickey).
2022-10-31 15:20:41.329 Starting Realtime timer, interval = 30 seconds
Is there a debug flag for sftp to get more details? Any other sftp authentications methods that might work? I guess I could try a password but that is not as secure.
Thanks
Mike
-
- Posts: 5
- Joined: Mon 24 Oct 2022 3:07 pm
- Weather Station: Davis PV
- Operating System: Raspberry Pi - Ubuntu
Re: SFTP fails with Permission denied (publickey) [SOLVED]
Solved the problem.
I'm running Ubuntu 22.04, and there is an issue with ssh-rsa SHA1 hash algorithm being deprecated. Seems like some programs ignore the issue but ssh.Net does not.
In /var/log/auth.log I found: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] and Google this message which lead me to https://askubuntu.com/questions/1409105 ... from-20-04
I did not change the keys, but instead added the following to /etc/ssh/sshd_config
And restarted sshd
Lesson relearned, do not just check the initiating endpoint, but check the other endpoint as well.
Thanks for the help.
Mike
I'm running Ubuntu 22.04, and there is an issue with ssh-rsa SHA1 hash algorithm being deprecated. Seems like some programs ignore the issue but ssh.Net does not.
In /var/log/auth.log I found: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] and Google this message which lead me to https://askubuntu.com/questions/1409105 ... from-20-04
I did not change the keys, but instead added the following to /etc/ssh/sshd_config
Code: Select all
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
Code: Select all
sudo systemctl restart sshd
Thanks for the help.
Mike