0

Facing issue while connecting to SFTP client via Paramiko to upload the file to the destination SFTP server. SFTP creds are correctly passed, when i print the SSH client of paramiko without opening the SFTP client, it shows the connection value correctly and shows connected. But when i open the SFTP client from the transport, it shows below error. Using 2.7.2 version of Paramiko

Error stack trace :

Oops, unhandled type 3 ('unimplemented')
Traceback (most recent call last):
sftp_client = paramiko.SFTPClient.from_transport(transport, window_size=window_size, max_packet_size=max_packet_size)
File "/usr/local/lib/python3.6/site-packages/paramiko/sftp_client.py", line 165, in from_transport
window_size=window_size, max_packet_size=max_packet_size
File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 879, in open_session
timeout=timeout,
File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 1006, in open_channel
paramiko.ssh_exception.SSHException: Unable to open channel.

Implemented Paramiko library code:

window_size = pow(4, 12)
max_packet_size = pow(4, 12)
transport = paramiko.Transport((sftp_host, int(sftp_port)))
transport.start_client(event=None, timeout=4800)
transport.get_remote_server_key()
transport.auth_publickey(sftp_user, pkey, event=None)
transport.auth_password(sftp_user, sftp_password, event=None)
sftp_client = paramiko.SFTPClient.from_transport(transport, window_size=window_size, max_packet_size=max_packet_size)

Paramiko Log

2021-09-07T23:24:19.954+05:30   DEBUG:paramiko.transport:starting thread (client mode): 0x9d721c88
2021-09-07T23:24:19.954+05:30   DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.7.2
2021-09-07T23:24:19.961+05:30   DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-Maverick_SSHD
2021-09-07T23:24:19.961+05:30   INFO:paramiko.transport:Connected (version 2.0, client Maverick_SSHD)
2021-09-07T23:24:19.961+05:30   DEBUG:paramiko.transport:kex algos:['diffie-hellman-group1-sha1', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1'] server key:['ssh-rsa'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes192-cbc', 'aes256-cbc', 'aes128-cbc'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes192-cbc', 'aes256-cbc', 'aes128-cbc'] client mac:['hmac-sha2-256', 'hmac-sha2-256-96', 'hmac-sha2-512', 'hmac-sha2-512-96', 'hmac-sha256', 'hmac-sha1'] server mac:['hmac-sha256', 'hmac-sha2-256', 'hmac-sha2-256-96', 'hmac-sha2-512', 'hmac-sha2-512-96', 'hmac-sha1'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
2021-09-07T23:24:19.962+05:30   DEBUG:paramiko.transport:Kex agreed: diffie-hellman-group-exchange-sha256
2021-09-07T23:24:19.962+05:30   DEBUG:paramiko.transport:HostKey agreed: ssh-rsa
2021-09-07T23:24:19.962+05:30   DEBUG:paramiko.transport:Cipher agreed: aes128-ctr
2021-09-07T23:24:19.962+05:30   DEBUG:paramiko.transport:MAC agreed: hmac-sha2-256
2021-09-07T23:24:19.962+05:30   DEBUG:paramiko.transport:Compression agreed: none
2021-09-07T23:24:20.018+05:30   DEBUG:paramiko.transport:Got server p (2048 bits)
2021-09-07T23:24:20.094+05:30   DEBUG:paramiko.transport:kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
2021-09-07T23:24:20.095+05:30   DEBUG:paramiko.transport:Switch to new keys ...
2021-09-07T23:24:20.095+05:30   DEBUG:paramiko.transport:Adding ssh-rsa host key for [<**host**>]:20022: b'6317eb3030ed18d73a380a6af8a7d6d6'
2021-09-07T23:24:20.096+05:30   DEBUG:paramiko.transport:Trying SSH key b'9f03f033201956d45130a869f584f0fe'
2021-09-07T23:24:20.147+05:30   DEBUG:paramiko.transport:userauth is OK
2021-09-07T23:24:20.149+05:30   INFO:paramiko.transport:Auth banner: b'You have connected to a private computer.\n'
2021-09-07T23:24:20.311+05:30   INFO:paramiko.transport:Authentication continues...
2021-09-07T23:24:20.312+05:30   DEBUG:paramiko.transport:Methods: ['password']
2021-09-07T23:24:20.319+05:30   DEBUG:paramiko.transport:userauth is OK
2021-09-07T23:24:20.319+05:30   INFO:paramiko.transport:Auth banner: b'You have connected to a private computer.\n'
2021-09-07T23:24:20.490+05:30   INFO:paramiko.transport:Authentication continues...
2021-09-07T23:24:20.490+05:30   DEBUG:paramiko.transport:Methods: ['publickey']
2021-09-07T23:24:20.491+05:30   DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
2021-09-07T23:24:20.498+05:30   WARNING:paramiko.transport:Oops, unhandled type 3 ('unimplemented')
2021-09-07T23:24:51.506+05:30   INFO:paramiko.transport:Disconnect (code 11): Idle connection
2021-09-07T23:24:51.507+05:30   Traceback (most recent call last):
2021-09-07T23:24:51.507+05:30   File "./process_file.py", line 85, in process
2021-09-07T23:24:51.507+05:30   sftp_client = ssh_client.open_sftp()
2021-09-07T23:24:51.507+05:30   File "/usr/local/lib/python3.6/site-packages/paramiko/client.py", line 556, in open_sftp
2021-09-07T23:24:51.507+05:30   return self._transport.open_sftp_client()
2021-09-07T23:24:51.507+05:30   File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 1097, in open_sftp_client
2021-09-07T23:24:51.507+05:30   return SFTPClient.from_transport(self)
2021-09-07T23:24:51.507+05:30   File "/usr/local/lib/python3.6/site-packages/paramiko/sftp_client.py", line 165, in from_transport
2021-09-07T23:24:51.507+05:30   window_size=window_size, max_packet_size=max_packet_size
2021-09-07T23:24:51.507+05:30   File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 879, in open_session
2021-09-07T23:24:51.507+05:30   timeout=timeout,
2021-09-07T23:24:51.507+05:30   File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 1006, in open_channel

Manual SFTP command with oPort and oIdentityFile to user@host:

Connecting to <sftp_host>...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to <sftp_host> [<ip>] port 20022.
debug1: Connection established.
debug1: identity file sftp.key type -1
debug1: identity file sftp.key-cert type -1
debug1: Remote protocol version 2.0, remote software version Maverick_SSHD
debug1: no match: Maverick_SSHD
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[<sftp_host>]:20022' is known and matches the RSA host key.
debug1: Found key in /home/es/.ssh/known_hosts:25
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: imported-openssh-key
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: rsa-key-20180123
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: rsa-key-20210125
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: sftp.key
debug1: read PEM private key done: type RSA
Authenticated with partial success.
debug1: Authentications that can continue: password
debug1: Next authentication method: password
Amit Singh
  • 43
  • 9
  • Show us output of `sftp -vvv sftp_user@sftp_host` + Paramiko log file. – Martin Prikryl Sep 02 '21 at 09:09
  • @MartinPrikryl Added the Paraimo logs above. Attempting sftp -vvv -oPort= -oIdentityFile= user@host and then putting password looks perfect while connecting manually. – Amit Singh Sep 02 '21 at 10:30
  • *Show us output* of `sftp ...` + *Complete* Paramiko log. – Martin Prikryl Sep 02 '21 at 11:09
  • @MartinPrikryl Added the sftp command output. For Paramiko, that's all coming up in the logs with log level set to INFO. Just connecting to SFTP client from Paramiko transport. – Amit Singh Sep 02 '21 at 12:13
  • So post `DEBUG` log. + Your `sftp` output does not seem complete. It does not show end of the authentication. + Why are you even using such low level methods? Why don't you simply call `Transport.connect`? + Did you see this? https://stackoverflow.com/q/57691213/850848 – Martin Prikryl Sep 02 '21 at 16:52
  • @MartinPrikryl In my case it is multi factored authentication, both SSH and password. Hence, i am first calling auth_publickey and then auth_password. Got to know from Paramiko doc and this thread : https://stackoverflow.com/questions/10922134/paramiko-sftp-with-key-and-username-password-oops-unhandled-type-3 Did i misunderstand something? – Amit Singh Sep 07 '21 at 10:40
  • @MartinPrikryl Additional thing i am see here is SSH client connect method is working with SSH key and password authentications. But the moment i open up the SFTP client from the SSH client, it fails with the same error mentioned above. – Amit Singh Sep 07 '21 at 10:58
  • So can you post complete verbose Paramiko and `sftp` logs? – Martin Prikryl Sep 07 '21 at 11:05
  • @MartinPrikryl i updated the complete Paramiko logs for you. – Amit Singh Sep 07 '21 at 18:06
  • Your `sftp` log still ends before the password authentication. – Martin Prikryl Sep 08 '21 at 08:15

0 Answers0