SFTP processing from mainframe to server with Crush FTP software failing key authentication

2

We are in the process of converting all FTP mainframe jobs to SFTP. I used the ssh-keygen -f id_dsa_userid command to create the key pairs. Sent the public key to client to be copied into their authorized_keys file. When job is executed, I get the following error.

EZYXW11E XtlibError: invalidDisplay xtInitialize XtToolkitError
Can't open display: MVSDMC1
FOTS1370 Host key verification failed.
lost connection.

Client is using CrushFTP software which I know nothing about. What are we missing?

Stephanie Reed

Posted 2018-04-04T15:20:52.037

Reputation: 21

If you're the one providing the service, why is your client copying your public key to their authorized_keys file, not vice versa?

It appears that the server is not listed in the known_hosts file. Additionally, the error looks a bit like they're trying to start an X window session. – Patrick R. – 2018-04-04T15:46:44.017

XtToolkit is a library for the X Server (graphical display), which should have nothing to do with SFTP. On the other hand, ssh can forward X connections. Guess: Something is setup wrongly wrt. to X forwarding, and tries to establish it, at least on one end. BTW, you can enable verbose debug messages on normal sftp/ssh clients/servers (e.g. -v for the standard ssh, sftp). – dirkt – 2018-04-04T17:19:10.580

Don't know if this is the issue, but I've seen SSH fail if server and client time is not in sync -- 15 min. max difference, I believe. https://community.centrify.com/t5/Centrify-Express/Clock-skew-too-great-between-this-machine-and-the-domain-server/td-p/20832

– DrMoishe Pippik – 2018-04-04T18:25:53.800

Answers

0

The problem at its root is in ssh and the key setup. The X Windows Xauth problem is a Red Herring. After found some additional research I found a thread that appears to match your problem. The thread in question is for a product from Dovetail technologies but manifest the same problem in ssh key exchanges.

EZYXW11E XtlibError: invalidDisplay xtInitialize XtToolkitError Can't open display: 172.24.30.28:0.0
FOTS1346 Permission denied, please try again.
EZYXW11E XtlibError: invalidDisplay xtInitialize XtToolkitError Can't open display: 172.24.30.28:0.0 Connection closed by UNKNOWN
FOTS2707 zsshSmfWritePipe: write(): EDC5113I Bad file descriptor. (errno2=0x05710034).

If the key is in place, the likely issue is incorrect permissions on the .ssh directory and files on the target system. The following commands in the home directory of the sftp user will correct the permissions:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

The permissions on my USS system look like this:

IBMUSER> ls -la
drwx------   2 IBMUSER  OMVS        8192 May 11 09:15 .ssh

IBMUSER> ls -la .ssh
-rw-------   1 IBMUSER  OMVS         399 May 11 09:15 authorized_keys

Hogstrom

Posted 2018-04-04T15:20:52.037

Reputation: 1 312

Asked: 2018-04-04T15:20:52.037

Viewed: 441 times

Active: 2018-10-30T19:30:13.667