Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

sftp fails to connect with pysftp 0.2.9

See original GitHub issue

Expected behaviour:

successful sftp connection with latest version of pysftp, 0.2.9.

Actual behaviour:

fails to connect. works on pysftp 0.2.8.

Steps to reproduce:

  • Step 1: create ssh key: ssh-keygen -t rsa -b 2048
  • Step 2: flexget --loglevel debug execute sync

Config:

sync:
  sftp_list:
    host: '{? sftp.host ?}'
    port: '{? sftp.port ?}'
    username: '{? sftp.username ?}'
    private_key: '{? sftp.private_key ?}'
    dirs:
      - '{? remote.downloads ?}/'
    recursive: true
  regexp:
    accept:
      -  '.*\.mkv$'
  free_space:
    <<: *free_space
    space: 1500
  sftp_download:
    to: '{? local.downloads ?}/'

Log:

(click to expand) 
2020-05-26 08:28:04 DEBUG    sftp_client   sync         Caught exception: No hostkey for host $IP_ADDRESS found.
2020-05-26 08:28:04 WARNING  sftp_client   sync         Failed to connect to $IP_ADDRESS; waiting 15 seconds before retrying.

Additional information:

  • FlexGet version: 3.1.57
  • Python version: 3.6.9
  • Installation method: virtualenv
  • Using daemon (yes/no): yes
  • OS and version: Ubuntu 18.04.4
  • Other info: hostkey can be ignored or set to a custom file with CnOpts attributes in pysftp connection object according to the docs. it defaults to ~/.ssh/known_hosts. I’ve manually ssh’d from the flexget server to my target server before so it should have already cached the host key in known_hosts

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:17 (17 by maintainers)

github_iconTop GitHub Comments

1reaction
ksurlcommented, Nov 11, 2020

I had some time so I dove back into this issue for pysftp 0.2.9 compatibility.

Here is the gist of it: 0.2.9 requires more strict hostkey checking when connecting. If you run as a regular user with a ~/.ssh/known_hosts file it will work fine out of the box (if the hostkey is already added, which you can manually add with ssh-keyscan -H -p PORT HOSTNAME >> ~/.ssh/known_hosts). If you run as a user without a home folder (such as in docker or service account that does not have .ssh folder such as in /var/lib/flexget), you can specify a path for the known_hosts file such as

cnopts = pysftp.CnOpts(knownhosts='/path/known_hosts')

and include cnopts in the arguments for pysftp.Connection such as

sftp = pysftp.Connnection(host='host', port='port', user='username', password='password', cnopts=cnopts)

you can also keep the behavior the same as 0.2.8 (no host key checking) by setting it explicitly:

cnopts = pysftp.CnOpts() cnopts.hostkeys = None

This works fine except you will get a warning on each phase that calls a sftp connection (sftp_list, sftp_download, sftp_upload) if it can’t find ~/.ssh/known_hosts. I can’t find a way to set it to None while creating the object to suppress the warning.

I tried to take a stab at updating sftp_client.py but it is a bit over my head.

Here is what I was thinking in terms of priority:

  • Handle the various locations those known_hosts could be on Windows, macOS, and Linux paths (c:\users\username, /Users/username, and /home/username (need to check if it doesn’t exist to go to 2nd and 3rd options)
  • Fall back on the config directory as a secondary path to look
  • Or disable by setting hostkeys to None

pseudocode:

if not exist ~/.ssh/known_hosts
  if not exist $configpath/known_hosts
    cnopts = pysftp.CnOpts=()
    cnopts.hostkeys = None
  else
    cnopts = pysftp.CnOpts(knownhosts=$configpath/known_hosts)
else
  cnopts = pysftp.CnOpts()

sftp = pysftp.Connection(blah blah, cnopts=cnopts)
1reaction
4oo4commented, May 29, 2020

@ksurl I could never get pysftp to work with a password protected private key, if I remember correctly I just had to give it the decrypted key. I think it relates to the paramiko library that pysftp uses behind the scenes, in my experience it’s always been supper buggy.

Read more comments on GitHub >

github_iconTop Results From Across the Web

API — pysftp 0.2.9 documentation
A friendly Python SFTP interface. ... (obj) CnOpts - A connection options object, used for passing extended ... Raises: IOError, if path does...
Read more >
Python Pysftp Error - Stack Overflow
I'm getting an error trying to connect to a SFTP server using pysftp. This should be straight forward enough but I get the...
Read more >
pysftp - PyPI
A friendly face on SFTP. ... pysftp 0.2.9. pip install pysftp ... added pysftp.Connection.remote_server_key - used to retrieve the remote hosts server key....
Read more >
Error downloading remote file from SFTP server #1980 - GitHub
I am running a pretty simple script: import pysftp cnopts = pysftp. ... This is a connection to a remote SFTP server.
Read more >
How to connect to SFTP with Python
Learn how to use and connect to SFTP servers in Python one step at a time: Connect, traverse file lists, upload and download...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Log full of "Daemon running." messages

Next page

Plugin `flexget.components.imdb.api` failed to import dependencies