SFTP Connection fails with "permission denied" but I can connect using the sftp cli

[maxfurman]

I am trying to connect to a client's SFTP server using a username and password that they provided. When connecting using SSH.NET I get the error Renci.SshNet.Common.SftpPermissionDeniedException: permission denied thrown, but I can connect using the same username and password using the sftp cli binary and other sftp tools.

Any idea what to change on my end, or how to debug what is different between the two methods of access?

Thanks

[devdotatb]

I also have same error ( key already changed to OpenSSH )

[darkoperator]

If connecting to a linux host you can modify its confirmation you can enable debugging to get more info https://support.cpanel.net/hc/en-us/articles/4402832130967-How-to-enable-debug-logging-for-SSHD-SSH-by-editing-the-etc-ssh-sshd-config

[maxfurman]

I don't have access to the target server to enable debugging. Are the requests made by SSH.NET affected by configuration in ~/.ssh/config or /etc/ssh/sshd_config?

[darkoperator]

SSH.Net does not use any part of the OpenSSH subsystem or package installed on the host. It is own implementation of the SSH RFC

[maxfurman]

That makes sense. Is there a way to run SSH.NET in -vvv mode or equivalent to get some output to see what the problem is? Something changed on the target server end (maybe they disabled the cipher or KEX algo that was being used?) and since I don't have access to that, and the errors are local to SSH.NET, I need to look under the hood and see exactly what's happening.

[maxfurman]

I cloned the repo locally, built in debug mode, and dumped out the logs. Here's what I see:

Initiating connection to 'XXXXXX'.
Server version '2.0' on 'XXXXX'.
[] Received message 'KeyExchangeInitMessage' from server: 'SSH_MSG_KEXINIT'.
[] Sending message 'KeyExchangeInitMessage' to server: 'SSH_MSG_KEXINIT'.
[] Sending message 'KeyExchangeEcdhInitMessage' to server: 'SSH_MSG_KEX_ECDH_INIT'.
[] Received message 'KeyExchangeEcdhReplyMessage' from server: 'SSH_MSG_KEX_ECDH_REPLY'.
[] Sending message 'NewKeysMessage' to server: 'SSH_MSG_NEWKEYS'.
[] Received message 'NewKeysMessage' from server: 'SSH_MSG_NEWKEYS'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Creating server cipher (Name:aes256-ctr,Key:<long key removed>,IV:<long IV removed>)
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ServiceRequestMessage' to server: 'SSH_MSG_SERVICE_REQUEST'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ServiceAcceptMessage' from server: 'SSH_MSG_SERVICE_ACCEPT'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'BannerMessage' from server: 'SSH_MSG_USERAUTH_BANNER'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'RequestMessageNone' to server: 'SSH_MSG_USERAUTH_REQUEST'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'FailureMessage' from server: 'SSH_MSG_USERAUTH_FAILURE'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'RequestMessagePassword' to server: 'SSH_MSG_USERAUTH_REQUEST'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'SuccessMessage' from server: 'SSH_MSG_USERAUTH_SUCCESS'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelOpenMessage' to server: 'SSH_MSG_CHANNEL_OPEN'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelOpenConfirmationMessage' from server: 'SSH_MSG_CHANNEL_OPEN_CONFIRMATION : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelRequestMessage' to server: 'SSH_MSG_CHANNEL_REQUEST : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelWindowAdjustMessage' from server: 'SSH_MSG_CHANNEL_WINDOW_ADJUST : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelSuccessMessage' from server: 'SSH_MSG_CHANNEL_SUCCESS : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelDataMessage' to server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelDataMessage' from server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelDataMessage' to server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelDataMessage' from server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelDataMessage' to server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelDataMessage' from server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Sending message 'ChannelDataMessage' to server: 'SSH_MSG_CHANNEL_DATA : #0'.
[C106C1B8B8183B845214200E48F41B8E43976AC3B486AE84E71B6AD1348FE878] Received message 'ChannelDataMessage' from server: 'SSH_MSG_CHANNEL_DATA : #0'.
10:58:34 Program FATAL Error: Renci.SshNet.Common.SftpPermissionDeniedException: permission denied

It appears to successfully create the session and exchange data. I can't figure out why these requests are denied and requests with the same username and password from the same server using the sftp builtin are permitted.

[WojciechNagorski]

Fixed by #1177 and #1180

[WojciechNagorski]

Version 2023.0.0 has been published https://www.nuget.org/packages/SSH.NET/2023.0.0