I'm trying to setup a backup system with Duplicity. I have a server that I want to backup to another SFTP server.
If I try to connect via sftp it works fine:
root@SERVER:~# sftp user@SFTP_IP
user@SFTP_IP's password:
Connected to SFTP_IP.
sftp>
But when I try using Duplicity:
root@SERVER:~# duplicity /etc sftp://user@SFTP_IP//
BackendException: ssh connection to SFTP_IP:22 failed: Unknown server SFTP_IP
I've tried following the only instructions regarding this problem I found on the net:
http://tom.meinlschmidt.org/2014/04/24/duplicity-backendexception-ssh-connection-to-server22-failed-unknown-server/
However it didn't work and since the author gives almost no details about what causes the issue, only that's it's probably paramiko, I cannot figure out what to do.
My configuration is as follows:
root@SERVER:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.7 (wheezy)
Release: 7
Codename: wheezy
root@SERVER:~# ssh -V
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013
root@SERVER:~# duplicity -V
duplicity 0.6.18
root@SERVER:~# python -c "import paramiko; print paramiko.__version__"
1.7.7.1 (George)
EDIT1: Ok the problem doesn't seem to come strictly from paramiko since a simple paramiko sftp demo program from 2013 (github-link) manages to connect just fine.
EDIT2: I had this problem on a server with an almost brand-new install of Wheezy, I installed an Ubuntu 14.04 (with OpenSSH_6.6.1p1 and paramiko 1.10.1) on it and Duplicity (0.6.23) works fine.
Best Answer
Ok, I have fooled around some more with the python code. @lxio you are right, this is not really a bug from Paramiko or Duplicity but it seems the known_hosts system seems to be a bit inconsistent (and unclear), but I finally got it working.
I used
ssh myhost -p 2323
to accept the signature, but this method does not seem to store the specific port value in theknown_hosts
list (thus is Paramiko refusing to connect, because it thinks the fingerprint is ofmyhost:21
. I have still no correct to add the key via bash, but I know how to add the fingerprint to theknown_hosts
file via Paramiko to ensure it will connect to the correct host in the future.We are going to add the key via Paramiko to the known_hosts file:
/usr/share/pyshared/duplicity/backends/sshbackend.py
:Add before
keyfilename=None
:(/root/ is the userdir here, this might be different for you).
Execute a sync commando with Duplicity (where you use the host). Now Paramiko will add the ssh fingerprint to your known_hosts.
Remove all edits you made to your
sshbackend.py
and save the file.You can verify it by using
cat /root/.ssh/known_hosts
. You will see[myhost]:2323 ssh-rsa ....