Error "ssh_exchange_identification: Connection closed by remote host" for SFTP from internet

, ,
1

Hi folks,
I am facing issue while connection to MFT/ActiveTransfer server from outside network/internet on SFTP.We have a AT Gateway in DMZ to receive connection from outside.Below you can find SSH logs :

sftp -v -P 22 abc@mft.abc.com
OpenSSH_7.1p2, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to mft.abc.com [XX.XX.XX.XX] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
ssh_exchange_identification: Connection closed by remote host
Connection closed

But If I run only gateway then it atleast reaches till authentication part :
(Gateway is running and MWS is down)
sftp -v -P 22 abc@mft.abc.com
OpenSSH_7.1p2, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to mft.abc.com [XX.XX.XX.XX] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version ActiveTransferSSHD
debug1: no match: ActiveTransferSSHD
debug1: Authenticating to mft.abc.com:22 as ‘abc’
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib
debug1: kex: client->server aes128-ctr hmac-md5 zlib
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:aNdertsfYedmdkfeiacOVoFo1VMN9AvXWdfD6xmRPDeAsdeetemcsnCQB5yeeeeSzGA
debug1: Host ‘mft.abc.com’ is known and matches the RSA host key.
debug1: Found key in /home/mobaxterm/.ssh/known_hosts:2
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
Welcome to SoftwareAG!
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/mobaxterm/.ssh/id_rsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_dsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ecdsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ed25221
debug1: Next authentication method: password
abc@mft.abac.com’s password:

Any help appreciated !
Thank You
-Hitesh

2

Have you checked with your IS Admin and network admin experts to resolve this AT (Gateway,ATS) for your Inbound sFTP port connection issue and see if there is any thing else stopping i?

Also do check with MWS in the MFT–>Server Management and test the sFTP port that is opened for the external use.

HTH,
RMG

3

Hitesh, for us it was a straight forward SFTP setup. That is, on the “User” tab for the partner, then under restrictions, do you have the partners SFTP certificate loaded and the address to the certificate in the “Paths to Trusted Public SSH Key Files”? That was all we did to have a SFTP partner connect.

4

Dear All,

Am new to MFT.

I would like to know how to implement MFT in webMethods.

Any pointers/documentation would really be helpful.

TIA.

Kind Regards,
Raj