file transfer with SFTP with curl is not working

[sankarcapge]

I did this

when we transfer file using SFTP we are getting error permission denied in remote resources(9). we have used SETOPT for FILE and DIR access for SFTP. but its not success.

I expected the following

file transfer should be happen when we transfer the file using SFTP

curl/libcurl version

CURL 8.7.1

operating system

RHEL 9

[bagder]

Thanks a lot for your report!

I've failed to reproduce this problem myself, so can I ask you to provide us with more details on how to go ahead and repeat this. Preferably with a command line or a stand-alone program we can run from our ends against a public URL to trigger the problem?

Also: please tell us the full curl -V output, as the SSH library and version you use is is probably relevant here.

[sankarcapge]

when we transfer file using SFTP cmd: "sftp://10.68.196.198:22/OMSFTPVerify.testfile -> /tmp/OMSFTPVerify.testfile", its showing error in curl : "Access denied to remote resource(9)".

This the curl -v output
[root@CLA-0(OMS-857) /root]

curl -V

curl 8.7.1 (x86_64-pc-linux-gnu) libcurl/8.7.1 OpenSSL/3.0.7 zlib/1.2.11 brotli/1.0.9 zstd/1.5.1 libidn2/2.3.0 libssh2/1.11.0
Release-Date: 2024-03-27
Protocols: dict file ftp ftps gopher gophers http https ipfs ipns mqtt rtsp scp sftp smb smbs telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTPS-proxy IDN IPv6 Largefile libz NTLM SSL threadsafe TLS-SRP UnixSockets zstd

let us know if you required any information and aslo how could it be fixed.

Thanks,

[bagder]

"Access denied to remote resource(9)".

So there's a SSH authentication problem. What method are you using?

[sankarcapge]

we are using password authentication method for SSH authentication.

[bagder]

We need more in order to help. curl returns an error because your are denied access. That's not a curl bug.

[sankarcapge]

Hello, Any inputs or query required, let us know how to check further

[sankarcapge]

Hi we have try sftp alone in our machine its working, see the logs

sftp -v root@10.68.196.252 <<EOF

put /root/prabhat/test /root/sankar
exit
EOF
OpenSSH_8.7p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Connecting to 10.68.196.252 [10.68.196.252] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.7
debug1: compat_banner: match: OpenSSH_8.7 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.68.196.252:22 as 'root'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-rsa SHA256:TfxUZ9NKhWLf0+duRkKs7uibahM/eZ2qbUQ61ghebck
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '10.68.196.252' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /root/.ssh/id_rsa
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
Authenticated to 10.68.196.252 ([10.68.196.252]:22) using "publickey".
debug1: pkcs11_del_provider: called, provider_id = (null)
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem full
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts for 10.68.196.252 / (none)
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts2 for 10.68.196.252 / (none)
debug1: client_input_hostkeys: hostkeys file /root/.ssh/known_hosts2 does not exist
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Remote: /root/.ssh/authorized_keys2:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending subsystem: sftp
debug1: Using server download size 261120
debug1: Using server upload size 261120
debug1: Server handle limit 1019; using 64
Connected to 10.68.196.252.
sftp> put /root/prabhat/test /root/sankar
Uploading /root/prabhat/test to /root/sankar/test
test 100% 4 9.9KB/s 00:00
sftp> exit
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2864, received 3572 bytes, in 0.1 seconds
Bytes per second: sent 55740.9, received 69520.4
debug1: Exit status 0

And same way we tried with sftp curl its not working. see the logs below

curl -v -T /root/prabhat/test sftp://root@10.68.196.252/root/sankar
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 10.68.196.252:22...

• Connected to 10.68.196.252 (10.68.196.252) port 22
• Found host 10.68.196.252 in /root/.ssh/known_hosts
• Set "rsa-sha2-256,rsa-sha2-512,ssh-rsa" as SSH hostkey type
• SSH MD5 public key: NULL
• SSH SHA256 public key: NULL
• SSH host check: 0, key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCeDnda33/11d2fOH6GWolL/UhcJaPU+NJIiAw4LrJZNOPRfS+6eV9sJvVE7rFnPLR+pjHxGZ/53Ky0DSIEONinVIfMKd26RHt4/mFzcozum8tv5hCE+ag+b/KqrgDHwmx6xxM4+t3AzRecgrNM/9SXDLwBAQanpdHuNrcfsissXnNBWNFvLxYCznFYQySVA1Wl9e+A3b5ROoqfvuDWt0acMJIzD87gkEmFQ2U2pptqel2ehrV8ZnyqF1XVacG6FJYU4dwYN7pinPKteZVfE3XcO+mK28VVZB1i0e299JR7QRsMttKZ1D0Jy2wmjt/nKcyuSPIcqe5XWzSdYgsGT0/l
• SSH authentication methods available: publickey,password,keyboard-interactive
• Using SSH private key file '/root/.ssh/id_rsa'
• Initialized SSH public key authentication
• Authentication complete
• Upload failed: Operation failed (4/-31)
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
• Connection #0 to host 10.68.196.252 left intact
  curl: (79) Upload failed: Operation failed (4/-31)

so with curl sftp only its not working in our machine.
let us know how we can configure curl to work sftp

[dfandrich]

The original issue was about an authentication problem, but this last log shows authentication working, but the upload failing. I'm not able to reproduce this using curl and libssh2 from head writing a 261120 byte file to a OpenSSH 9.3 server.