Your best friend for file transfer.

Fetch application logoFetch

SFTP help needed (11 posts)

  • Started 6 years ago by RPSfan
  • Latest reply 2 years ago from Jim Matthews
  • RPSfan Member

    I have been using Fetch to access a site through sftp for months without a problem. Recently (possibly when I upgraded to OS X 10.5.2 but I'm not sure), it stopped working. I get a message from Fetch saying the connection could not be established. Regular FTP access works fine.

    I tried the sftp command in terminal and that doesn't work either. I get a message saying the DSA host key has changed. But if I use "sudo sftp sitename", it works.

    I don't know if this is a Fetch issue or an OS X issue, but I was hoping I could get help here or a pointer to the right place. Thanks.

    Posted 6 years ago #

  • Scott McGuire Administrator

    Hi,

    Each SFTP server has an "SSH host key" that enables secure transfers. When you connect to an SFTP server, Mac OS X stores that server's key for future use. Sometimes a server's key changes and no longer matches the one stored on your Macintosh. This could indicate a security problem, although usually it really just means some legitimate change was made to the server and nothing sinister is going on. But Fetch errs on the side of safety and instead refuses to make the connection.

    So, my guess is your server's key may have changed and that is the reason you can't connect. To fix this problem, you should clear your Mac's store of SSH keys, so that you can get a fresh key from the server.

    Please do the following to clear your SSH keys:

    * In Fetch, choose Fetch Help from the Help menu.
    * In the help window, search for "known hosts".
    * Double-click on the "RSA host key differs warning" help topic (it should be the one at the top of the list).
    * A help topic opens in the help window.
    * Scroll down to the "Delete the known_hosts file for me" link.
    * Click the link, and follow the instructions.

    Once that's done, try connecting to your server using SFTP again. If you're warned that "the authenticity of the host can't be established" (you may or may not be), that is normal and you should continue.

    This should also fix the problem with the SFTP command in the Terminal.

    Please let us know if this fixes the problem or not.

    Thanks,

    Scott McGuire
    Fetch Softworks

    Posted 6 years ago #

  • RPSfan Member

    That fixed it. Thanks so much for your help.

    Posted 6 years ago #

  • Zephyrmusic Member

    I just this same exact problem - transferring files over SFTP with no problem, then one day it just quit and hasn't worked for the last week. Regular FTP is fine, and I had someone test the SFTP from another location and it was fine, so the login, etc. is still good.

    I cleared the SSH keys (and verified the SSH folder is in fact empty) but it hasn't solved the problem. I still get the error message that the connection could not be established or was lost.

    The only possible wrinkle in all of this is that the connection needs to use port 21000. This has worked until now - so what's changed?

    BTW, I've tried shutting off the firewall (both in the computer and on the router) to no avail.

    Posted 2 years ago #

  • Jim Matthews Administrator

    Hi,

    I would recommend the following trouble-shooting steps:

    1) Choose "Utilities" from the Go menu in the Finder
    2) Open Terminal
    3) Type:

    sftp -v username@hostname

    where username and hostname are the username and hostname for your SFTP account. Then press Return.

    You should be prompted for a password.

    Are you able to login? If not, could you post the transcript (i.e. everything the server says after you enter the sftp command)?

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

  • Zephyrmusic Member

    Two things about the following transcript:

    1) I see it's trying port 22, whereas the host requires port 21000
    2) I have since learned this is not just a problem on one computer, but all of them (I tried it with multiple FTP programs.) I'm wondering if my ISP (Verizon Fios) has suddenly blocked port 21000 or something?

    Here's the transcript from Terminal:

    Connecting to cndmusic.net...
    OpenSSH_5.2p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /etc/ssh_config
    debug1: Connecting to cndmusic.net [184.72.45.141] port 22.
    debug1: connect to address 184.72.45.141 port 22: Operation timed out
    ssh: connect to host cndmusic.net port 22: Operation timed out
    Connection closed

    Posted 2 years ago #

  • Jim Matthews Administrator

    I'm sorry, I forgot about the custom port. Here's the correct Terminal command:

    sftp -v -oPort=21000 username@cndmusic.net

    It could be a blocked port, or perhaps the server is down.

    Posted 2 years ago #

  • Zephyrmusic Member

    Here's the result:

    OpenSSH_5.2p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /etc/ssh_config
    ssh: Could not resolve hostname oPort=21000: nodename nor servname provided, or not known
    Connection closed

    It's definitely not a case of the server being down, as I've had people at other locations test it, and they have no problem. If it's a blocked port, I have no idea how to unblock it. I've been looking online all morning about this, but haven't coughed up any good answers. Tried a port rerouting, but it's beyond my know-how, and I probably didn't set it up correctly.

    Posted 2 years ago #

  • Jim Matthews Administrator

    It looks like you typed the command incorrectly, perhaps missing the - before oPort?

    Posted 2 years ago #

  • Zephyrmusic Member

    You are correct.

    Interesting. It looks like a connection was established:

    OpenSSH_5.2p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /etc/ssh_config
    debug1: Connecting to cndmusic.net [184.72.45.141] port 21000.
    debug1: Connection established.
    debug1: identity file /Users/omnimacbook/.ssh/id_rsa type -1
    debug1: identity file /Users/omnimacbook/.ssh/id_dsa type -1
    ssh_exchange_identification: Connection closed by remote host
    Connection closed

    Posted 2 years ago #

  • Jim Matthews Administrator

    It looks like the server is running, and the port is not blocked, but the server is rejecting the connection. I googled "ssh_exchange_identification: Connection closed by remote host" and got a number of hits that suggested possible solutions; I'd recommend investigating some of them.

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

Reply

  • Or nickname, if you prefer.
  • This will be kept confidential.
  • This is to ensure that you’re a person, not a spambot.