Package: curl Version: 7.52.1-5+deb9u2 curl doesn't support key authentication when using scp/sftp, it complains about "SSH public key authentication failed: Unable to extract public key from private key file: Method unimplemented in libgcrypt backend". In the same time version 7.54.0 works just fine on CentOS (although it's from my personal repository, it contains no tricky hacks, just an upstream tarball), 7.56.1 also is proven to work on Solaris being built from sources.
Here's the output from the Debian curl version: ===Cut=== spitsynas@groot:~$ curl -vvvv -k --key ~/.ssh/id_rsa 'sftp://freshst...@ksssftp.kaspersky-labs.com/ertelecom/SLU/Subscription License Usage_ertelecom_August2017.zip' -o zzz.zip -v % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 212.5.110.121... * TCP_NODELAY set * Connected to ksssftp.kaspersky-labs.com (212.5.110.121) port 22 (#0) 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* SSH MD5 fingerprint: 03d19d7ec7e07f0f419180d59db1de1b * SSH authentication methods available: publickey,password * Using SSH private key file '/home/spitsynas/.ssh/id_rsa' * SSH public key authentication failed: Unable to extract public key from private key file: Method unimplemented in libgcrypt backend * Failure connecting to agent * Authentication failure 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 * Closing connection 0 curl: (67) Authentication failure spitsynas@groot:~$ ===Cut=== Here's the reference output from stock 7.56.1 version on Solaris: ===Cut=== [aspitsyn@hyperion ~]$ curl -k -vvvv --key ~/.ssh/id_rsa 'sftp://freshst...@ksssftp.kaspersky-labs.com/ertelecom/SLU/Subscription License Usage_ertelecom_August2017.zip' -o zzz.zip % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 212.5.110.121... * TCP_NODELAY set * Failed to set TCP_KEEPALIVE on fd 3 * Connected to ksssftp.kaspersky-labs.com (212.5.110.121) port 22 (#0) * SSH MD5 fingerprint: 03d19d7ec7e07f0f419180d59db1de1b * SSH authentication methods available: publickey,password * Using SSH private key file '/home/aspitsyn/.ssh/id_rsa' * Initialized SSH public key authentication * Authentication complete { [2000 bytes data] 100 13.6M 100 13.6M 0 0 1996k 0 0:00:07 0:00:07 --:--:-- 1970k 100 13.6M 100 13.6M 0 0 1996k 0 0:00:07 0:00:07 --:--:-- 1996k * Connection #0 to host ksssftp.kaspersky-labs.com left intact ===Cut=== Not that the keys are the same on both hosts (checked and doublechecked, furthermore - this doesn't look like a different key problem, this looks like a key extraction problem). Debian version info: ===Cut=== spitsynas@groot:~$ curl -V curl 7.52.1 (x86_64-pc-linux-gnu) libcurl/7.52.1 OpenSSL/1.0.2l zlib/1.2.8 libidn2/0.16 libpsl/0.17.0 (+libidn2/0.16) libssh2/1.7.0 nghttp2/1.18.1 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL ===Cut=== Solaris version info: ===Cut=== [aspitsyn@hyperion ~]$ curl -V curl 7.56.1 (i386-pc-solaris2.11) libcurl/7.56.1 OpenSSL/1.0.2g zlib/1.2.3-T4mods libssh2/1.4.3 Release-Date: 2017-10-23 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy ===Cut=== Environment: Debian 4.9.30-2+deb9u2
