SFTP Connection Error


#1

I receive the below error when I attempt to test my FTP connection through SSH. ssh www-data@xxx.xxx.xxx.xxx

The authenticity of host ‘xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)’ can’t be established. ECDSA key fingerprint is SHA256:****************************************************************. Are you sure you want to continue connecting (yes/no)?

And I get this error message when testing with FileZilla.

Error: Disconnected: No supported authentication methods available (server sent: publickey) Error: Could not connect to server

If I use my root user and my private key I am able to connect via Filezilla but not the www-data account. I followed the steps on https://easyengine.io/tutorials/linux/setup-sftp/ as I have done many, many times without issue. Yet now I see this error no matter what I do.

I have destroyed and rebuilt my droplet, installed EasyEngine, and ran the “ee stack install” command to get a base install, changed the account settings for www-data and tested but I still get the same error. This has never happened in the 40+ times I have setup a server for Wordpress and can’t figure out why.

Anyone have any idea how I might fix this error and/or see a more detailed error of why this might be happening? Could this be some kind of error in the EasyEngine install script?


#2

Well, I figured out the issue and was able to resolve it. The issue has to do with the basic setup of a Ubuntu droplet on DigitalOcean. Up until recently, if you used an SSH key, the server would authenticate your account with an RSA Key but if you needed to access the server via SFTP or something and needed to use password authentication you were able to.

Well, without notice they altered their setup script which sets the PasswordAuthentication option in the sshd_config to no. This blocks all password authentication so that you can only use key authentication. If like me you need access to your server via password authentication you can use the below command to edit the sshd_config file and restart the SSH service.

Open the sshd_config file: sudo nano /etc/ssh/sshd_config

Comment out the PasswordAuthentication option: #PasswordAuthentication no

Restart the SSH service: sudo service ssh restart


#3