MyClient可以成功连接到我尝试的任何SFTP服务器,除了MyHost。我尝试的每个其他客户都可以连接到MyHost。我什至在Windows机器上使用了客户端PHP代码,并成功连接。
MyClient
:Ubuntu 20上的PHP 7.4。(下面代码)。MyHost:Windows Server 2016 with opensshsftp.
为什么?
日志就像密码不正确一样。但是,由于成功地在其他客户端使用了相同的密码,因此我知道事实并非如此。
// Create connection string.
$connection_handle = curl_init($this->protocol .'://' . $this->server . ':' . $this->port . $this->remote_directory . '/test.txt');
// Create a test file.
$file_content = 'We the people of the United States of America in order to form a more perfect union:';
$file_handle = fopen('php://temp', 'r+');
fwrite($file_handle, $file_content);
rewind($file_handle);
if (!$file_handle)
{
throw new APIException('Unable to create memory file handle.');
}
// Set up
curl_setopt($connection_handle, CURLOPT_USERPWD, $this->user_id . ':' . $this->password);
curl_setopt($connection_handle, CURLOPT_UPLOAD, true);
curl_setopt($connection_handle, CURLOPT_PROTOCOLS, $this->protocol == 'sftp' ? CURLPROTO_SFTP : CURLPROTO_FTP);
curl_setopt($connection_handle, CURLOPT_INFILE, $file_handle);
curl_setopt($connection_handle, CURLOPT_INFILESIZE, strlen($file_content));
curl_setopt($connection_handle, CURLOPT_VERBOSE, true);
curl_setopt($connection_handle, CURLOPT_CONNECTTIMEOUT, 5);
// Using a self signed cert locally.
curl_setopt($connection_handle, CURLOPT_SSL_VERIFYHOST, FALSE);
$response = curl_exec($connection_handle);
* Trying MyHost
* TCP_NODELAY set
* Connected to MyHost (MyHost) port 22 (#0)
* User: wsftptest
* Authentication using SSH public key file
* Authentication failure
* Closing connection 0
MyHost日志:
debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
debug1: userauth-request for user MyHostUser service ssh-connection method keyboard-interactive [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method keyboard-interactive [preauth]
debug1: keyboard-interactive devs [preauth]
debug1: auth2_challenge: user=wsftptest devs= [preauth]
debug1: kbdint_alloc: devices '' [preauth]
debug2: auth2_challenge_start: devices [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 5.311ms (requested 5.311ms) [preauth]
debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
debug3: send packet: type 51 [preauth]
debug3: receive packet: type 1 [preauth]
Received disconnect from MyHost port 38392:11: Bye Bye [preauth]
Disconnected from authenticating user MyHostUser MyHost port 38392 [preauth]
I通过猜测检查发现,如果我在SFTP主机上禁用“键盘相互作用”身份验证,则身份验证开始正常工作。
添加行:
KbdInteractiveAuthentication no到sshd_config文件。我不知道为什么有效。我的想法是,PHP卷发正在跳过密码身份验证并跳到键盘相互作用。由于某种原因,在键盘相互作用方法中未识别该客户端的密码。禁用键盘相互作用后,主机日志显示并接受密码方法。也许在此版本的OpenSSH上打破了键盘相互关系,或者它期望键盘代码而不是实际的ASCII。想要一个完整的答案,但是我已经在这个问题上预算超出了预算,所以我必须接受这种解决方法并继续前进。