Getting Error when setup SFTP server in IS Admin

Product/components used and version/fix level:

Product=webMethods Integration Server
Trading Networks Server 10.3 Fix 2
Trading Networks Server 10.3 Fix 1

Detailed explanation of the problem:

Hi Experts,

Good day and I hope you are doing well.

We got an error when trying to set up a new SFTP server in webMethods IS Admin.
During the SFTP setup in Settings > SFTP > > Edit (SFTP Server Alias Properties), we managed to get the host key, however, when trying to save it, the error came out.

Error messages / full error message screenshot / log file:

“[ISS.0147.9003] Cannot retrieve the host key from location /XXX/IntegrationServer/instances/default/config/sftp/temp/xxx_sftp_xxx_22. Details: Corrupt or unknown public key file format.”

When we checked the host key detail, it showed:
cat xxx_sftp_xxx_22
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBFB89QTrTxFRKPRoBSMBnc8txhKqJrHH4CQLAa3AojnZJQhWXaxRXz6LJ7fEsO54FjAK1ltqoTI3eGpbcnUbRY=

The other partner SFTP has ssh-rsa format for their public key which is working fine in our IS Admin server.

Does it mean our IS Admin server can’t support this algorithm?

Has anyone encountered the same error like this before?
If yes, appreciate sharing the solution.

Thank you and Best Regards,
Fanny T

Hello Fanny,

Is the SFTP location by any chance hosted in Azure?
Try the following: save the key file (again) and edit it by replacing ecdsa-sha2-nistp256 with ssh-rsa. Now try to load it into the Host Key Location field.

As an alternative, use the ssh-keyscan to retrieve the public key. Typically, the server will offer multiple formats so select the ssh-rsa format, save to a file and then use it to configure your SFTP alias.

Hi Andrej,

Thanks for the reply.
We are unsure if the SFTP server is hosted in Azure since it belongs to our Customer/Partner.
We received the SFTP host plus username and password.

Your solution is working and we have done it slightly differently.
*) During the “Create Server Alias” under “Settings>SFTP”, we used another SFTP host key file which was created using ssh-rsa and finally, we can save the SFTP Server Alias successfully.
*) And under “Settings > SFTP > User Alias Settings”, we set the “Strict Host Key Checking” to NO as the default is “YES”.
*) And “Voila”, when we tested “SFTP User Alias” worked successfully.

I have been told that this “ECDSA” algorithm is not supported by our webMethods version 10.3, but it will be supported in
10.13 onwards. Does anyone have a comment on this?

Anyway, hope this solution will work for others who have the same issue.

Thank you.

Best Regards,
Fanny T