Ssh: handshake failed: Can't verify SSH host since the preference path is not set

Support
#1

My apologies in advance but documentation is sorely missing in regards to Duplicacy CLI,

I’ve used Borg, restic, rclone, attic, etc and have never had an issue figuring things out with those.

Unfortunately Duplicacy CLI is so confusing and I am finding it impossible to configure correctly.

I am simply trying to initialize an SFTP repository but after a week of trying it’s still not working correctly.

I can sftp to the remote site PERFECTLY outside of Duplicacy. I use an SSH key to connect to this remote server via sftp with NO issues outside of Duplicacy. I don’t understand how to set up Duplicacy with an SFTP remote server. The documentation is horrible, lacking, or confusing.

How can I sftp using just an ssh key WITHOUT a passphrase with NO issues outside of Duplicacy but trying to use Duplicacy it fails.

I limped along and somehow got it to work for running the backup command but when I run the following it fails:

$ duplicacy info sftp://user@remote.com/Backup

Failed to load the SFTP storage at sftp://user@remote.comBackup: ssh: handshake failed: Can’t verify SSH host since the preference path is not set

Can someone PLEASE, respond or write an article that explains how to do this for someone like myself that for whatever reason, is too dumb to figure this out!

I am running Linux as the clilent

#2

env DUPLICACY_SSH_KEY_FILE=/path/to/ssh/key duplicacy info -repository . sftp://user@remote.com/Backup

#3

Thanks for taking time out.

I tried running the command you suggested but I get an error about running it.

Where do you run the “env” command from?

My apologies again for being so dumb but like I said I am so stupid in regards to getting this to work

#4

This is a regular shell command, which shell are you using? If env is not available for some reason (which is a bit weird), you can split this into 2 commands:

export DUPLICACY_SSH_KEY_FILE=/path/to/ssh/key
duplicacy info -repository . sftp://user@remote.com/Backup

#5

Thanks sevimo.

It ended up working without the export command.

The documentation wasn’t clear that you have to specify " -repository ."

Do you know why you have to supply the ssh password if you already have a ssh key that works OUTSIDE of duplicacy?

From my command line I can type the following:

$ sftp user@remote.com

When I run the above command, I connect to the remote.com server without supplying my password.
But when you run duplicacy init, you still have to supply a ssh password.

That makes no sense to me

#6

Hi upssnowman,

@gchen posted a while back that the “info” command was intended for use by the Duplicacy web GUI so that’s why it’s undocumented.

The -repository parameter is optional since you’re using an externally stored SSH key. It’s only required if you need Duplicacy to look up keys stored in a respository’s preferences file.

It’s because Duplicacy doesn’t use the standalone ssh/sftp command from OpenSSH so it ignores the contents of your ~/.ssh/ directory.

Try the following little exercise…

If you accepted the default options when you generated your SSH keys with the ssh-keygen command, you should probably have at least 2 or more files including ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub (the latter of which was added to the ~/.ssh/authorized_keys file on the remote server.

Temporarily rename ~/.ssh/id_rsa to ~/.ssh/id_rsa-save, then try to ssh/sftp to your remote server account. It fails because OpenSSH has preset pathnames that it expects to find your key(s), and they must be one of several known names.

There are many instances where there’s a need to have several different keys and they cannot all be named ~/.ssh/id_rsa so OpenSSH offers a ‘-i’ parameter:

sftp -i /path/to/my/ssh/private/key user@remote.com

Duplicacy doesn’t know if you’re using OpenSSH (you could be using PuTTY), so it requires that you tell it where to find your keys. While it’s possible that Duplicacy could check the same places that OpenSSH and PuTTY often put their files, things move around/change over time that would then suddenly break Duplicacy (e.g., OpenSSH added support for elliptic curve based keys that default to the pathnames ~/.ssh/id_ed25519 and ~/.ssh/id_ed25519_sk).

Duplicacy’s wiki has a reference table with the various environment variables used for SSH, S3 and other authentication methods that might be of interest: Managing Passwords

#7

Not really, info command will fail on SFTP storages without -repository argument explicitly provided.

#8

Thanks for the reminder. I’d forgotten about the known_hosts file for SFTP connections.