EOFError with keyboard interactive authentication using pysftp

↘锁芯ラ 提交于 2021-02-19 07:36:29

问题


I am trying to download some files from an SFTP server. I use this code for it:

keydata = b"""AAAAB3Nza.............CNpvoUP7p"""
key = paramiko.RSAKey(data=decodebytes(keydata))
cnopts = pysftp.CnOpts()
cnopts.hostkeys.add(host, 'ssh-rsa', key)
host = 'sftp.foo.com'
username = 'test'
password = 'test'

with pysftp.Connection(host=host, username=username, password=password, cnopts=cnopts) as sftp:
    sftp.listdir()
    .....

But I am getting the following error:

Exception raised:
    Traceback (most recent call last):
      File "/home/myuser/src/ftp-data/ftp_data/downloader_v2.py", line 25, in main
        sftp.listdir()
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/pysftp/__init__.py", line 591, in listdir
        self._sftp_connect()
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/pysftp/__init__.py", line 205, in _sftp_connect
        self._sftp = paramiko.SFTPClient.from_transport(self._transport)
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/sftp_client.py", line 165, in from_transport
        window_size=window_size, max_packet_size=max_packet_size
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/transport.py", line 879, in open_session
        timeout=timeout,
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/transport.py", line 1006, in open_channel
        raise e
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/transport.py", line 2055, in run
        ptype, m = self.packetizer.read_message()
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/packet.py", line 459, in read_message
        header = self.read_all(self.__block_size_in, check_rekey=True)
      File "/home/myuser/environments/python3.5.2_ubuntu16.04/lib/python3.5/site-packages/paramiko/packet.py", line 303, in read_all
        raise EOFError()
    EOFError

The same code works correctly with other SFTP hosts I tried. And I can also download the files using sftp command line (Ubuntu) correctly.

Here my Paramiko log:

DEB [20201029-09:30:00.939] thr=1   paramiko.transport: starting thread (client mode): 0xd5ac908
DEB [20201029-09:30:00.940] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.7.2
DEB [20201029-09:30:01.029] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-Server
INF [20201029-09:30:01.030] thr=1   paramiko.transport: Connected (version 2.0, client Server)
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: kex algos:['ecdh-sha2-nistp521', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp256', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group18-sha512', 'diffie-hellman-group17-sha512', 'diffie-hellman-group16-sha512', 'diffie-hellman-group15-sha512', 'diffie-hellman-group14-sha256', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ecdsa-sha2-nistp256', 'ssh-rsa'] client encrypt:['blowfish-cbc', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] server encrypt:['blowfish-cbc', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] client mac:['hmac-md5', 'hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: Kex agreed: ecdh-sha2-nistp256
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: HostKey agreed: ecdsa-sha2-nistp256
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: Cipher agreed: aes128-ctr
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: MAC agreed: hmac-sha2-256
DEB [20201029-09:30:01.121] thr=1   paramiko.transport: Compression agreed: none
DEB [20201029-09:30:01.217] thr=1   paramiko.transport: kex engine KexNistp256 specified hash_algo <built-in function openssl_sha256>
DEB [20201029-09:30:01.307] thr=1   paramiko.transport: Switch to new keys ...
DEB [20201029-09:30:01.309] thr=2   paramiko.transport: Host key verified (ecdsa-sha2-nistp256)
DEB [20201029-09:30:01.309] thr=2   paramiko.transport: Attempting password auth...
DEB [20201029-09:30:01.400] thr=1   paramiko.transport: userauth is OK
INF [20201029-09:30:01.771] thr=1   paramiko.transport: Authentication continues...
DEB [20201029-09:30:01.772] thr=1   paramiko.transport: Methods: ['keyboard-interactive']
DEB [20201029-09:30:01.772] thr=2   paramiko.transport: [chan 0] Max packet in: 32768 bytes
DEB [20201029-09:30:01.864] thr=1   paramiko.transport: EOF in transport thread

Here the output of my sftp -vv:

OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "sftp.foo.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to sftp.foo.com [52.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/myuser/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug1: Remote protocol version 2.0, remote software version Server
debug1: no match: Server
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to sftp.foo.com:22 as 'test'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ecdsa-sha2-nistp256,ssh-rsa
debug2: ciphers ctos: blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:1ZH9bMfa6PSeIJBAvO4wg3SIiTizufzlB/z7b4qeQfA
debug1: Host 'sftp.foo.com' is known and matches the ECDSA host key.
debug1: Found key in /home/myuser/.ssh/known_hosts:10
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /home/myuser/.ssh/id_rsa (0x555d5ff10410)
debug2: key: /home/myuser/.ssh/id_dsa ((nil))
debug2: key: /home/myuser/.ssh/id_ecdsa ((nil))
debug2: key: /home/myuser/.ssh/id_ed25519 ((nil))
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
Password authentication
debug2: input_userauth_info_req: num_prompts 1
Password: 
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to sftp.foo.com ([52.xx.xx.xx]:22).
debug2: fd 4 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug1: pledge: network
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending env LC_PAPER = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_ADDRESS = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_MONETARY = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_NUMERIC = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_ALL = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_TELEPHONE = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_IDENTIFICATION = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_MEASUREMENT = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_TIME = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending env LC_NAME = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 2097152 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug2: Remote version: 3
debug2: Unrecognised server extension "versions"
debug2: Unrecognised server extension "newline"
debug2: Unrecognised server extension "vendor-id"
debug2: Server supports extension "fsync@openssh.com" revision 1
debug2: Server supports extension "hardlink@openssh.com" revision 1
debug2: Unrecognised server extension "acl-supported"
debug2: Unrecognised server extension "supported"
debug2: Unrecognised server extension "supported2"
Connected to sftp.foo.com.
Fetching /myfile.txt.gz to /tmp/myfile.txt.gz
/myfile.txt.gz                                                                                                                             100%  119     0.1KB/s   00:00    
debug2: channel 0: read<=0 rfd 4 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Transferred: sent 3160, received 2816 bytes, in 2.3 seconds
Bytes per second: sent 1357.4, received 1209.7
debug1: Exit status 0

I get the same error if I replace listdir() with pwd() or cd()....

I am using the following versions: paramiko==2.7.2 and pysftp==0.2.9

What am I missing here?


回答1:


You have this problem: Paramiko/Python: Keyboard interactive authentication.

But as you are using pysftp, I do not think you can workaround it, as I do not think pysftp API allows it. You might have to use Paramiko directly.

See also pysftp vs. Paramiko.



来源:https://stackoverflow.com/questions/64590689/eoferror-with-keyboard-interactive-authentication-using-pysftp

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!