Kopia and SFTP repos

wazabees · October 17, 2020, 9:33pm

Hello!

I wanted to use a remote SFTP server for my kopia repo and ran in to some issues setting it up.
First I read the user manual here Repositories | Kopia and then went to set up keys like the linked instructions suggests. After following the instructions I could successfully connect using ssh user@host.

When trying to create the SFTP repo however…

user@desktop:~# kopia repo create sftp --host 192.x.x.x --username user --keyfile ~/.ssh/id_rsa.pub --known-hosts ~/.ssh/known_hosts --path /mnt/user/backups/kopia-minty
kopia: error: can't connect to storage: unable to getHostKey: 192.x.x.x: no hostkey found for 192.x.x.x, try --help

No success! I did see that the topic of hashed host names have been brought up before, and there is also a mention of it in issue #500 on Github.
But what is the actual solution? Following the instructions in the docs doesn’t work. I have to add un-hashed hosts specifically for it to work. Not using ssh-keyscan option -H.

From ssh-keygen manpage:

-H’ Hash all hostnames and addresses in the output. Hashed names may be used normally by ssh and sshd, but they do not reveal identifying information should the file’s contents be disclosed.

So I used the below command:

user@desktop:~# ssh-keyscan 192.x.x.x >> ~/.ssh/known_hosts
# 192.x.x.x:22 SSH-2.0-OpenSSH_8.1
# 192.x.x.x:22 SSH-2.0-OpenSSH_8.1
# 192.x.x.x:22 SSH-2.0-OpenSSH_8.1
# 192.x.x.x:22 SSH-2.0-OpenSSH_8.1
# 192.x.x.x:22 SSH-2.0-OpenSSH_8.1

And then it works.

user@desktop:~# kopia repo create sftp --host 192.x.x.x --username user --keyfile ~/.ssh/id_rsa.pub --known-hosts ~/.ssh/known_hosts --path /mnt/user/backups/kopia-minty
Enter password to create new repository: 
Re-enter password for verification: 
Initializing repository with:
  block hash:          BLAKE2B-256-128
  encryption:          AES256-GCM-HMAC-SHA256
  splitter:            DYNAMIC-4M-BUZHASH
Connected to repository.

Also from the documentation

If the connection to SFTP server does not work, try adding --external which will launch external ssh process, which supports more connectivity options which may be needed for some hosts.

What does this mean?

Will there be support for hashed host names in known_hosts?

Thanks for creating kopia! It really is a great backup tool.

jkowalski · October 24, 2020, 3:27am

SFTP has been contributed to the codebase by an external developer, I don’t personally use it and maintaining it and without knowing all the use cases (or ability to test more complex cases) is challenging for me. I would love if somebody could take ownership of improvements like this going forward. I’ll be happy to review and merge PRs.

Topic		Replies	Views
Connect Kopia UI to SFTP General Topics	2	1201	October 26, 2022
KopiaUI + SFTP is not Windows friendly Feature Requests	6	2281	February 2, 2023
SFTP Repository password visible (Windows+openssh) General Topics	4	253	April 14, 2023
SSH_FX_OP_UNSUPPORTED when creating sftp repository Support	7	503	January 31, 2023
SFTP, KopiaUI, error creating sftp client pipe Support	2	125	January 30, 2024

Kopia and SFTP repos

Related Topics