While accessing my remote server, from SFTP, I am constantly getting this error
Connection has been unexpectedly closed. Server sent command exit status 0
I have filled same credentials in WinSCP, it is working fine. Where am I lacking?
Also, instead of .ppk file I am using "ssh-rsa 1024 #######################" in my keyfile column in my project's UI.
Thank You,
Pranay
For the problem above, I found that while attempting to "open the session" i.e session.Open(sessionOptions), it will through the exception as the server was not authenticating it.
As my task was to "password less winscp login", i.e i must have to provide:-
1.".ppk" file that is "puTTy private key".
2. Its "ssh key fingerprint".
After all day debugging, finally found that my version of winsscp.dll was old thus was not providing me the [metadata] inbuild properties as
1. SshPrivateKeyPath -> location of our ".ppk" file.
2. SshHostKeyFingerprint
3. passphrase -> only for one time login.
By updating the new version and above now I am able to open session, without any error.
Thank you.
I've also faced the same problem , when i first tried to execute the code mentioned at the below link.
https://winscp.net/eng/docs/library#example
Googled it a lot but i couldn't find any solution regarding the same.
Finally the following i relalized that i'm missing the portnumber in the example
Adding the port number field to my code solved the issue.
SessionOptions sessionOptions = new SessionOptions
{
Protocol = Protocol.Sftp,
HostName = "11.22.33.44",
PortNumber = 2222, /* This is cause of the issue i was facing*/
UserName = "abcdef",
Password = "ghijklmnop",
SshHostKeyFingerprint = "ssh-rsa 2048 aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp"
};
If you can connect with WinSCP GUI, but not with .NET assembly, when running both in the same environment (computer), you have most probably missed some settings (like a port number or a host key fingerprint, as the other answers show).
The easiest solution is to have WinSCP GUI generate a code template for you based on its working settings.
If you are running the code on a different machine, check WinSCP FAQ Why does WinSCP not work in a new environment (operating system, machine, user account, network), when it works for me in a different environment already?
While the article is not explicitly about .NET assembly, but about WinSCP in general, it covers issues that you can face with the assembly too.
Related
Trying to connect to MySQL on my web host, using Connector/Net C#/WinForms in Visual Studio 2012 Update 3, but getting the below error message:
Authentication to host '1.1.1.1' for user 'username#mydomain.com' using method 'mysql_native_password' failed with message: Access denied for user 'username#mydomain.com'#'2.2.2.2' (using password: YES)
string connectionString = "SERVER=1.1.1.1;PORT=3306;DATABASE=databaseName;UID=username#mydomain.com;PASSWORD=mypassword;";
MySqlConnection connection = new MySqlConnection(connectionString);
connection.Open();
I am connecting remotely, have whitelisted my IP (and even temporary whitelisted all (%) to test), triple checked the username and password and IP.
I originally tried the username without the domain ( username rather than username#mydomain.com) but it gave me the below error:
Authentication with old password no longer supported, use 4.1 style passwords.
Any assistance would be much appreciated, thanks!
Its problem of 'Remote Database Access Hosts'.
"You can allow external web servers to access your MySQL databases by adding their domain name to the list of hosts that are able to access databases on your web site."
MySql access is not granted to IP address of the system at which application is running.(in your case its '2.2.2.2' ).
Note:- '2.2.2.2' is your public IP address.
Two possible things:
MySQL is case sensitive make sure that the case of Database= in your connection string matches with the actual database name
You may have to grant privileges to the user.
I hope this help you.
Check your application settings file (or wherever you have stored the connection string).
In my case the application was using the old connection string (which was not valid). I was assuming that the change I made in the code of the settings file is reflected to the designer (of the settings file). But it was not!
After creating a new user in MySQL, in MySQL Workbench "Test Connection" will succeed but the C# MySqlConnection.Open() will throw the same exception and message as the question (tested with localhost and 127.0.0.1 and the local ip address).
The reason is that MySqlConnection.Open() will somehow use SELECT privilege, and you need to at least enable the SELECT privilege for the new user. The error message is misleading.
This might be related to the case of specific Membership SQL Server based instructions on ASP.NET 4.5, workaround is to create new membership in web.config, drop mvc 4 AccountControler and use old from MVC3 more here or in the internet:
http://www.nsilverbullet.net/2012/11/06/using-mysql5-as-membership-backend-for-aspnet45-mvc4-application/
In my case updated password was not used. I just generated the password using Password Generator and copy it but forgot to click Change Password.
Also check the user is added to the database and has Privileges.
For me, using the actual IP address instead of the domain name solved the problem
While Whitelisting my Ip on cpanel i had accidentally put a space in there after my ip address.[Should have been handled by them]
I added the ip again and it worked.
In my case, the problem was misleading as well.
Had quite a few windows terminals running "the same" .net app all connecting to a remote MySQL server (installed in a windows server machine). However, only one always popping the specific error when anyone clicked to run the .net application. ODBC test connection passed successfully, and no matter if the error popped, when presing OK the application continued loading successfully finally and then worked fine.But again afterwards , when anyone tried to run in for the first time the message appeared. and I repeat only in this specific terminal! The fix finally came when I noticed, that it was only in this specific terminal with the problem that we had forgotten DHCP enabled! and "although it was given always the same IP" from our IT policies, however it only worked when we disabled DHCP and set this IP, SUBNET and GW, as fixed !
Check with a program like Navicat that the mysql server user has a native password. Everything is correct but if you are getting this error check the version of the link DLL
This error; Mysql.Data.dll and Mysql Server version mismatch error. Download and install an older version
https://downloads.mysql.com/archives/c-net/
Mysql Version < 4.5
Mysql.Data.Dll version= 6.0.3
I'm using the following code to export a copy of MySql database on a remove server using SSH.NET:
using (SshClient client = new SshClient(sshConnectionInfo))
{
client.Connect();
//strCmd is:
// mysqldump -h "<server>.dreamhosters.com" -u "<dbuser>" -p"<actual_password>" "<dbid>" > "/home/<user_name>/<temp_file_name>.sql"
//
// with <...> parts are obviously filled in with correct credentials
SshCommand resCmd = client.RunCommand(strCmd);
//Check result
string strExpDesc = resCmd.Error;
if (string.IsNullOrWhiteSpace(strExpDesc))
{
Console.WriteLine("Exported OK");
}
else
{
Console.WriteLine("Error: " + strExpDesc);
}
}
This worked really well until this month when the shared hosting company (that my database is hosted with) had upgraded their version of Ubuntu server, so the mysqldump command above started returning the following warning:
[Warning] Using a password on the command line interface can be
insecure.
Which my script interprets as an error and fails.
I contacted the hosting company, but their tech support was less than useful. They told me to type in the password instead of specifying it in the command line. Thus my questions:
How to use SSH.NET to interact with the remote server via SSH and send it the password after its prompt?
Otherwise, can I mute that warning from my script w/o having access to the server configuration?
The normal approach to suppressing that warning from MySQL is to put the username and password in an options file, and include the options file in in place of the -u and -p , using the --defaults-extra-file option, e.g.
mysqldump --defaults-extra-file=/path/config.cnf -h "myhost" "<dbid>"
(NOTE: if it's provided, the --defaults-extra-file option must be first option.)
The file would have the user and password options under the [mysqldump] section, something like:
[mysqldump]
user=jonsnow
password=kn0wsn0thing
The credentials could be provided in the [client] section of the optionas file. Since mysqldump is a "standard client" it reads the [client] section.
[client]
user=alannister
password=alwayspayshisdebts
The options file should be properly protected, since it contains credentials. Read permission should be restricted, only the unix user that is connecting via ssh.
chown sshuser /path/config.cnf
chmod 600 /path/config.cnf
(where sshuser is the username used in the ssh connection)
I think there may also be some specific paths and filenames that are automatically included as options files, if they are found, when mysqldump starts. Similar to how MySQL server finds the my.cnf file when it starts. It might be possible to leverage that, in place of explicit --defaults-extra-file option.
MySQL Reference Manual explains usage of options files here:
https://dev.mysql.com/doc/refman/8.0/en/option-files.html
You can write the credentials to input of the remote mysqldump process. But SSH.NET unfortunately does not support providing an input with the CreateCommand interface.
You have to open a shell session (what is otherwise a not recommended approach for automating a command execution).
Use SshClient.CreateShellStream or SshClient.CreateShell and send the mysqldump command and credentials to its input:
"mysqldump ...\nusername\npassword"
For a sample code see C# send Ctrl+Y over SSH.NET.
See also Providing input/subcommands to a command (cli) executed with SSH.NET SshClient.RunCommand.
I have been struggling to implement secrets manager on .NET Core. It always returning me with Socket Exception and HTTPRequestException on GetSecretValueAsync method call, while it is working on my colleagues PC.
SocketException: A socket operation was attempted to an unreachable network
HttpRequestException: A socket operation was attempted to an unreachable network
I have already setup the credentials file needed in AWS default profile located at C:\Users\USERNAME.aws\credentials on Windows and also on each IIS App Pool .aws folder. All credentials stored in UTF-8 format previously ANSI.
Here is sample of the credentials that i got with MFA authentication:
Here is my aws credentials configuration and folder location:
Mostly my setting with my colleague are the same. Now I'm almost at a dead end. If anybody have experience or AWS Web Services Team willing to help me with the solution for this, please let me know. Thank you. Cheers.
var data = secretManager.GetSecretValueAsync(
new GetSecretValueRequest
{
SecretId = configName
}
).Result;
UPDATE:
I found out the real issue here but still got no solution yet. Because I can't really see where does the secrets manager get the credentials from. And for your information, this method works on .NET Framework in my PC.
Need more info to help .
1. the path for aws credentials is usually
C:\Users\USERNAME.aws\ not
C:\Users\USERNAME.aws\
2. in this folder should be a file named config where the region is defined. Put the region where the AWS Secrets Manager is configured. Here an example
[default]
region = us-east-1
If this is not helping describe the configuration please
I have finally found out the real issue here. It is actually because I need to allow IIS_IUSRS group user to access IIS system profile folder. Thank you everyone!
I have a small C# solution used to check users credentials. It works fine for two of my teammates, but on my PC I get an exception.
The relevant code:
PrincipalContext context = new PrincipalContext(ContextType.Domain);
if (context.ValidateCredentials(System.Environment.UserDomainName + "\\" + usr, pwd))
return true;
else
return false;
And the exception is:
DirectoryOperationException, "The server cannot handle directory requests.".
I tried creating context with the explicit server name and the 636 port number, but this didn't help as well.
Any ideas?
I had this problem too using IIS Express and VS 2010. What fixed it for me was a comment on another thread.
Validate a username and password against Active Directory?
but i'll save you the click and search... :) Just add ContextOpations.Negotiate to you Validate Credentials call like below.
bool valid = context.ValidateCredentials(user, pass, ***ContextOptions.Negotiate***);
I had this issue: things were working on my dev machine but didn't work on the server. Turned out that IIS on the server was set up to run as LocalMachine. I changed it to NetworkService (the default) and things started working.
So basically check the user of the app pool if this is running on IIS.
I had to just create a new app pool and assign it .NET 2.0, then assign the new app pool to our web app, and it started working. We had .NET 3.5 SP2, so the hotfix wasn't ideal for us. Since the WWW service is usually Local System, I questioned that too. But since it was .NET and security related, I gave a shot at the app pool first and it worked.
Perhaps you need the hotfix?
FIX: DirectoryOperationException exception
And you are an Admin or the id that your service is running under is an Admin on your PC right?
I take it you already looked into this:
System.DirectoryServices.Protocols
"You may receive a less than helpful DirectoryOperationException(“The server cannot handle directory requests.”) what isn’t quite so amusing about this is that it didn’t even try to communicate with the server. The solution was to add the port number to the server. So instead of passing “Server” to open the LdapConnection, I passed “server:636”. By the way, LDAPS is port 636 – rather than the 389 port used by LDAP."
Good point, I wouldn't expect that Win7/.NET 3.5 would need that patch. How about the info provided in this question:
Setting user's password via System.DirectoryServices.Protocols in AD 2008 R2
Apologies in advance as I haven't had much experience with directories before.
I have an ASP.net application, and I have to validate its users against an Active Directory Application Mode instance running on Server 2k3. I was previously attempting a connection with DirectoryEntry and catching the COMException if the user's credentials (userPrincipalName & password) were wrong, but I had a number of problems when trying to bind as users who weren't a member of any ADAM groups (which is a requirement).
I recently found the System.DirectoryServices.AccountManagement library, which seems a lot more promising, but although it works on my local machine, I'm having some troubles when testing this in our testbed environment. Chances are I'm simply misunderstanding how to use these objects correctly, as I wasn't able to find any great documentation on the matter. Currently I am creating a PrincipalContext with a Windows username and password, then calling the AuthenticateCredentials with the user's userPrincipalName and password. Here's a very short exert of what I'm doing:
using (var serviceContext = new PrincipalContext(
ContextType.ApplicationDirectory,
serverAddress,
rootContainer,
ContextOptions.Negotiate | ContextOptions.SecureSocketLayer,
serviceAccountUsername,
serviceAccountPassword)) {
bool credentialsValid = serviceContext.ValidateCredentials(userID, password, ContextOptions.SecureSocketLayer | ContextOptions.SimpleBind)
}
If the user's credentials are valid, I then go on to perform other operations with that principal context. As I said, this works for both users with and without roles in my own environment, but not in our testbed environment. My old DirectoryEntry way of checking the user's credentials still works with the same configuration.
After a very long morning, I was able to figure out the problem!
The exception message I was receiving when calling ValidateCredentials was extremely vague. After installing Visual Studio 2008 in the test environment (which is on the other side of the country, mind you!), I was able to debug and retrieve the HRESULT of the error. After some very deep searching in to Google, I found some very vague comments about "SSL Warnings" being picked up as other exceptions, and that enabling "SCHANNEL logging" (which I'm very unfamiliar with!) might reveal some more insight. So, after switching that on in the registry and retrying the connection, I was presented with this:
The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is ADAMServer. The SSL connection request has failed. The attached data contains the server certificate.
I found this rather strange, as the old method of connecting via SSL worked fine. In any case, my co-worker was able to spot the problem - the name on the SSL certificate that had been issued on the server was that of the DNS name ("adam2.net") and not the host name ("adamserver"). Although I'm told that's the norm, it just wasn't resolving the correct name when using PrincipalContext.
Long story short; re-issuing a certificate with the computer name and not the DNS name fixed the problem!