After we Upgrade our QNAP-NAS to the newest Firmware for compatibility for the newest Chipers,
but we still can’t use Duplicacy to Backup Data via SFTP (SSL) because of the following error:

Failed to create the sftp client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password keyboard-interactive], no supported methods remain

Putty is working fine, only Duplicacy brings only errors any time

On QNAP-Console we edit the SSLd-Config to activate passwort, but is also not working (Putty was good before)

To disable tunneled clear text passwords, change to no here!

PasswordAuthentication yes
#PermitEmptyPasswords no

can anyone help?

We have a commercial lizenz and can’t use this software

Are you trying to use key based authentication or password based authentication?

In the former case, is the key encrypted?

It’s possible the sftp server does not support modern cyphers. Try using sftpc endpoint to enable old insecure ciphers.

If you use web-ui, you would need this workaround. Sftpc with duplicacy-web GUI - #4 by saspus

Did you restart the service after making this change? TBH I’d recommend the opposite, and use keys instead of password (if the QNAP supports that which it should if it’s based on OpenSSH). Either:

ssh-keygen -t ed25519

Or PuTTYgen can make ed25519 (under EdDSA), then Conversions menu > Export OpenSSH key.

You can password-protect the key and put that in the Password field for SFTP storage method in Duplicacy GUI, along with the path of the id_ed25519 Key File (which I’d recommend store in .duplicacy-web on the client).

Then install the public key (pasted from PuTTY or from the generated id_ed25519.pub) on the QNAP:

mkdir ~/.ssh
nano ~/.ssh/authorized_keys #paste pub key then save
chmod -R =og ~/.ssh/ #lock down perms

Dunno if this will help your issue but I can’t imagine updating firmware would make Duplicacy’s ciphers obsolete. Just make sure you’re using the latest 1.8.3 GUI and 3.2.3 CLI of Duplicacy.

yes, i restarted the sshd service on the qnap.
But, why is Putty working without this option in sshd, and Duplicacy working not with or without?

I use the normal formular to create a connection and i dont want to use a certificate, only password and username:

grafik1208×1081 39.5 KB

Why is ist not possible that the maintainer of Duplicacy fix this boring bug and bring it to work?
We paid for it…
and was working fine in a older version, but not in the new one? why?

What is the bug here?

It was working in old version of duplicacy? Which version? And which version does it not work anymore?

If you are using built in Qnap ssh server — you cannot expect anything to work for any amount of time. I would install standard OpenSSH and not use whatever Qnap ships.

In order to fix a bug, first you need to establish if it’s actually a bug with Duplicacy and not a problem with the server. i.e. replicate the problem and produce some kinda logs to go off…

PuTTY has various legacy fallback algos which may get used whereas the Go sftp library in Duplicacy is being more strict about. I would start by seeing what algorithms / ciphers are being used by PuTTY and report back. @gchen may know about a workaround to get some more diagnostics(?).

Edit:

Oh, that’s a bit of a revelation.

It is work on free Putty, not on paid Duplicacy,

what a shame.
Plz fix it…

The Bug is:

Failed to create the sftp client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password keyboard-interactive], no supported methods remain

But only Username and Passwort is working fine on my NAS. Its only a Duplicacy Problem!

OK. Sorry, the problem is now clear and is the extremely poor design of the WebUI.

• Error messages are simply wrong
• Directory paths should be pre-filled with /, otherwise you can’t select anything because there is no going back (directory up).
• apart from the possible options for backup jobs and scheduled tasks that are not described

The whole thing is therefore probably not user-friendly and only for profile people who actually already know all the command lines.

But what does the above error message have to do with incorrect login data?
Nothing really and just confuses, as you can see.

Before all the dismissive comments come here again.
None of you knew that either… that the error message can’t be trusted and is simply wrong.

greetings

If this is what fixed the issue for you — then the problem is with the broken sftp server QNAP is running, as I have pointed out above.

In fact, we have seen similar issues with Synology sftp as well — these Chinese companies like to mess with things they have no business messing with — and it’s even described in the documentation

Note for Synology users If the SFTP server is a Synology NAS, it is highly recommended to use the absolute path (the one with double slashes) in the storage url. Otherwise, Synology’s customized SFTP server may terminate the connections arbitrarily leading to frequent EOF errors.

The advice is the same — switch to different sftp server.

This is irrelevant. Of course broken sftp sever will work with some clients. “Even the broken clock show correct time twice a day”.

If the glitch occurs during authentication — the handshake will fail, and its correct message. Because that’s exactly what failed.

To be fair, I did tell you to avoid the sftp server QNAP ships immediately.

If you followed my advice — it would have just worked. You are not the first one who has issues with broken SFTP implementation and it is not specific to duplicacy in any way.