SFTP with FileBrowserGO iOS Fail

Trying to log into SFTP on iPad using FileBrowserGO and I keep getting "Authenticaion failed. Key Rejected".

As per instructions I copied the Key to a text file and placed it in "private files". Google searches for log errors got me down a rabbit hole where I think i finally found something:

ssh -v hostname

I made it to password before the issue:

debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Trying private key: /home/user/.ssh/id_ed25519
debug1: Next authentication method: password
user@ip's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
user@ip's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
user@ip's password:
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
user@ip: Permission denied (publickey,password).

The same user@ip logs in fine in the terminal and filezilla. What am I doing wrong here?

2 Replies

And for sshd_config file Im using the recommended security settings:

Package generated configuration file

See the sshd_config(5) manpage for details

What ports, IPs and protocols we listen for

Port 22

Use these options to restrict which interfaces/protocols sshd will bind to

ListenAddress ::

ListenAddress 0.0.0.0

Protocol 2

HostKeys for protocol version 2

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

Privilege Separation is turned on for security

UsePrivilegeSeparation yes

Lifetime and size of ephemeral version 1 server key

KeyRegenerationInterval 3600
ServerKeyBits 1024

Logging

SyslogFacility AUTH
LogLevel INFO

Authentication:

LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes

AuthorizedKeysFile %h/.ssh/authorized_keys

Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

For this to work you will also need host keys in /etc/ssh_known_hosts

RhostsRSAAuthentication no

similar for protocol version 2

HostbasedAuthentication no

Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication

IgnoreUserKnownHosts yes

To enable empty passwords, change to yes (NOT RECOMMENDED)

PermitEmptyPasswords no

Change to yes to enable challenge-response passwords (beware issues with

some PAM modules and threads)

ChallengeResponseAuthentication no

Change to no to disable tunnelled clear text passwords

PasswordAuthentication yes

Kerberos options

KerberosAuthentication no

KerberosGetAFSToken no

KerberosOrLocalPasswd yes

KerberosTicketCleanup yes

GSSAPI options

GSSAPIAuthentication no

GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes

UseLogin no

MaxStartups 10:30:60

Banner /etc/issue.net

Allow client to pass locale environment variables

AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server

Set this to 'yes' to enable PAM authentication, account processing,

and session processing. If this is enabled, PAM authentication will

be allowed through the ChallengeResponseAuthentication and

PasswordAuthentication. Depending on your PAM configuration,

PAM authentication via ChallengeResponseAuthentication may bypass

the setting of "PermitRootLogin without-password".

If you just want the PAM account and session checks to run without

PAM authentication, then enable this but set PasswordAuthentication

and ChallengeResponseAuthentication to 'no'.

UsePAM yes

From auth.log:

pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.184.247.2 user=root
Nov 20 13:40:19: Failed password for root from 61.184.247.2 port 43251 ssh2

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct