DSM 7.0 Troubleshoot: Authentication failure with outgoing SFTP connection *from* File Station that worked until today?

Currently reading
DSM 7.0 Troubleshoot: Authentication failure with outgoing SFTP connection *from* File Station that worked until today?

4
0
NAS
DS920+
Operating system
  1. Linux
  2. macOS
Mobile operating system
  1. iOS
I have File Station set up to mount an external location via SFTP (as a "remote connection") to copy files down to my Synology easily. For the last six months, it has worked fine every day. Open the connection in the side bar and then get a tree view of directories and the contents in the main pane.

Today, I started getting permission errors on the already mounted and displaying external connection halfway through the day, saying that I didn't have permission to copy a file when I tried to copy it down. After debugging my local permissions, I realized it was probably the external SFTP server. I deleted the remote connection entirely and attempted to set it up from scratch again as an SFTP connect in the Remote Connection wizard. When the wizard attempts to make the new SFTP connection to the remote site, I get a dialog box that just says "Authentication failed."

If I run a local SFTP client on my desktop (not synology) and connect to the same site with my existing username and password, it works fine. Turning on logs for file station doesn't generate a log when it fails (but I'd expect it to just say SSH failed).

All of this worked for months until today and no changes were made before it started failing. I, in fact, had the remote site logged so initially it just showed up as a permission failure to copy the file that I already had in a directory listing from earlier today. I'm running current DSM7, all packages up to date.

Does anyone have any suggestions on how to debug WTF is going on here?
 
Does anyone have any suggestions on how to debug WTF is going on here?
Check /var/log/messages via ssh as root if there will be any more details on this info. Authentification problem doesnt mean that there is a problem with the account that you have also proved that there isnt.

So check the log and take it from there. Also, your desktop that you tested is on the same LAN as your NAS? If that works, then the problem has to be on the NAS side of things.
 
Yes, my desktop and my NAS are on the same wifi network at home, ethernet plugged into access points.

As I mentioned, the remote connection suddenly failed for the NAS (while still showing a file list from earlier in the day) the other day. It's been working fine for months before that. The desktop SFTP client has no issues, sees no change of hosts' ssh key fingerprint, etc. It just transparently works as always.

I ssh'd in to the NAS as admin, ran the wizard to try to make the SFTP connection to the remote server in File Station, had it give the authentication failed message, and then sudo'd reading /var/log/messages.
Nothing shows up in /var/log/messages. The last thing in it is the SSH connection being made *into* the Synology of me as admin. The File Station connection wizard did not generate any messages and I have "Enable File Station" log already selected and saved in File Station settings before I did any of this.


2022-01-06T15:59:05-08:00 MACHINENAME synologand[9421]: analyzer.cpp:207 Fail to analyze event [{"APP_ID":"auth","ARGS":{"EVENT_ID":"0x0001","IP":"fe80::9c:69ce:64ac:23d7%eth1","ISQUICKCONNECT":"","PROTOCOL":"SSH","TOKEN":"","UID":"1024","USER":"admin","USERAGENT":""},"HOST":"MACHINENAME","MSG":"User [admin] from [fe80::9c:69ce:64ac:23d7%eth1] logged in successfully via [SSH].","SOURCE":"s_syno_synosyslog","STAMP":"2022-01-06T15:59:05-08:00","UNIXTIME":"1641513545"}].
 
I know you mentioned that nothing has been changed, but can you double check your configuration on the nas side? SSH settings, port, FW (if active) settings. Also, try and disable SFTP or change the port to see if this will result i na different error. Regarding logging, it should be visible in the messages file so it is a bit odd that nothing is registering there.
 
I think you're reading what I'm doing backwards. I'm not making an SFTP connection into my NAS. I'm making one from the NAS to a remote SFTP server. So checking my NAS SSH setttings, port, etc. is not going to be useful as I'm not SFTP'ing into my NAS. This is my mounting the external site via File Station. File Station uses a wizard to make SFTP connections and then mounts the external location as a drive.

SFTP and SSH on the NAS is disabled (except when I briefly turn on SSH to use it to connect, as I did to look at the logs).
 
Hi albill - I found this thread because I've been running into the exact same issue for the past 3 days, with an existing, working SFTP connection that stops working due to authentication failure.

I have already done all of the troubleshooting you have mentioned.

Create a new FTP connection using the exact same credentials: this works fine. Remove, recreate sftp connection (auth). SFTP connect on another machine fine.

Have you figured it out in the past couple days?
 
Does DSM use CuteFTP as its client? Think I may have found the issue on a notice from my remote host:

"...security upgrade, CuteFTP users will need to enable "FTP with TLS/SSL (AUTH TLS - Explicit)" mode for SFTP to continue working."
 
Have you figured it out in the past couple days?
I have found no solution to this. I assume it is an issue with an update to synology since my other SFTP clients on the same network with other machines continue to connect with the same credentials without error.
 
I have found no solution to this. I assume it is an issue with an update to synology since my other SFTP clients on the same network with other machines continue to connect with the same credentials without error.
Any updates on this? I have the exact same issue. Trying to access WhatBox SFTP server...
 
Any updates on this? I have the exact same issue. Trying to access WhatBox SFTP server...
I submitted a ticket to Synology, sent logs/screenshots/etc. over the course of a few weeks to finally be told that:

"It appears that Whatbox is using ssh-ed25519 as a key type. That key isn't supported in DSM."
"There hasn't been any indications regarding if or when DSM will start supporting the ssh-ed25519 keys."
 
I submitted a ticket to Synology, sent logs/screenshots/etc. over the course of a few weeks to finally be told that:

"It appears that Whatbox is using ssh-ed25519 as a key type. That key isn't supported in DSM."
"There hasn't been any indications regarding if or when DSM will start supporting the ssh-ed25519 keys."
Thanks yeah, found that out as well. From the looks of it this is low priority and may be put on limbo. I guess we just have to wait
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
Update: I have tested with upgraded RAM to 6GB. Its still happening. Even when I want to upload larger...
Replies
12
Views
3,813

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top