Sublime Text 3 SFTP Instantly "Connection timeout" when connecting to remote server via SFTP

Question

I am using the Sublime SFTP Plugin for Sublime Text 3. I am trying to connect to a remote server. However, the connection will instantly fail with the error message Connection timeout.

Connecting to SFTP server "myserveripaddress" as "root" ..... failure (Connection timeout)

This is my configuration for that server. Please note that I hid my real IP Address and Password for security reasons.

{
    // The tab key will cycle through the settings when first created
    // Visit http://wbond.net/sublime_packages/sftp/settings for help

    // sftp, ftp or ftps
    "type": "sftp",

    "sync_down_on_open": false,
    "sync_same_age": false,

    "host": "myserveripaddress",
    "user": "root",
    "password": "password",
    "port": "22",

    "remote_path": "/var/www",
    //"file_permissions": "664",
    //"dir_permissions": "775",

    //"extra_list_connections": 0,

    "connect_timeout": 30,
    //"keepalive": 120,
    //"ftp_passive_mode": true,
    //"ftp_obey_passive_host": false,
    //"ssh_key_file": "~/.ssh/id_rsa",
    //"sftp_flags": ["-F", "/path/to/ssh_config"],

    //"preserve_modification_times": false,
    //"remote_time_offset_in_hours": 0,
    //"remote_encoding": "utf-8",
    //"remote_locale": "C",
    //"allow_config_upload": false,
}

Additionally

• Turning off my Firewall does not resolve this issue.
• Connecting to a Virtual Machine hosted on my own network does work.
• The Connection timeout happens instantly. Raising the connect_timeout setting has no effect.
• I am not using the wrong type of connection. In fact, switching the connection to ftp or ftps actually times out after 30 seconds, as opposed to instantly.
• The remote server is not down. I am able to access the remote server via both putty and FileZilla using the same credentials.

sublime_sftp_debug.txt

I turned debug mode on and here's what I got in the logs.

2015-08-14 22:48:34, SFTP Read:
    Fatal: Server unexpectedly closed network connection

auth.log

This is what I got in /var/log/auth.d. Again, identifying information was removed for security reasons.

Aug 15 16:34:24 localhost sshd[23275]: debug3: fd 5 is not O_NONBLOCK
Aug 15 16:34:24 localhost sshd[23275]: debug1: Forked child 25116.
Aug 15 16:34:24 localhost sshd[23275]: debug3: send_rexec_state: entering fd = 8 config len 982
Aug 15 16:34:24 localhost sshd[23275]: debug3: ssh_msg_send: type 0
Aug 15 16:34:24 localhost sshd[23275]: debug3: send_rexec_state: done
Aug 15 16:34:24 localhost sshd[25116]: debug3: oom_adjust_restore
Aug 15 16:34:24 localhost sshd[25116]: Set /proc/self/oom_score_adj to 0
Aug 15 16:34:24 localhost sshd[25116]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Aug 15 16:34:24 localhost sshd[25116]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Aug 15 16:34:24 localhost sshd[25116]: debug1: inetd sockets after dupping: 3, 3
Aug 15 16:34:24 localhost sshd[25116]: Connection from MYIPADDRESS port 61120 on SERVERIPADDRESS port 22
Aug 15 16:34:24 localhost sshd[25116]: debug1: Client protocol version 2.0; client software version PuTTY_Local:_Aug__1_2012_03:14:17
Aug 15 16:34:24 localhost sshd[25116]: debug1: no match: PuTTY_Local:_Aug__1_2012_03:14:17
Aug 15 16:34:24 localhost sshd[25116]: debug1: Enabling compatibility mode for protocol 2.0
Aug 15 16:34:24 localhost sshd[25116]: debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
Aug 15 16:34:24 localhost sshd[25116]: debug2: fd 3 setting O_NONBLOCK
Aug 15 16:34:24 localhost sshd[25116]: debug2: Network child is on pid 25117
Aug 15 16:34:24 localhost sshd[25116]: debug3: preauth child monitor started
Aug 15 16:34:24 localhost sshd[25116]: debug3: privsep user:group 104:65534 [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: permanently_set_uid: 104/65534 [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: list_hostkey_types: ssh-rsa [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug1: SSH2_MSG_KEXINIT received [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchang$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: ssh-rsa [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],hmac-sha$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],hmac-sha$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,[email protected] [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,[email protected] [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit:  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit:  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: reserved 0  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,zlib [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,zlib [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit:  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit:  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: reserved 0  [preauth]
Aug 15 16:34:25 localhost sshd[25116]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$
Aug 15 16:34:25 localhost sshd[25116]: debug1: do_cleanup [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug1: monitor_read_log: child log fd closed
Aug 15 16:34:25 localhost sshd[25116]: debug3: mm_request_receive entering
Aug 15 16:34:25 localhost sshd[25116]: debug1: do_cleanup
Aug 15 16:34:25 localhost sshd[25116]: debug3: PAM: sshpam_thread_cleanup entering
Aug 15 16:34:25 localhost sshd[25116]: debug1: Killing privsep child 25117

Why am I not able to connect to my remote server via Sublime SFTP? Is there any other settings that I should try?

Answer 1

The key to your problem is this line in the logs :

fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$

These are the authentication algorithms used by the ssh protocol. As the logs tell you, the client and the server don't use the same algorithms, so they can't communicate.

The two solutions:

• Update your client to one that supports the server's mac algorithms. For example, the last version of Putty will work.
• Change the server config to accept a mac algorithm used by your client.

The second solution is what you did in your answer, but you don't need to replace the entire line. Take the line that you had initially and add the strongest algorithm that your client supports. In your case, that would be changing this

MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

to this

MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,hmac-sha1

(I just added hmac-sha1 to the end of the list)

This will have the same effet as what you did, but without disabling the mac algorithms that you had configured.

Answer 2

I found a working server side solution.

In /etc/ssh/sshd_config, I had to change

MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

to

MACs hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

However, this is a server side solution. I am still wondering if there was anything I could've done client side.

Answer 3

In case of using a SSH file key, the path to the key must have no spaces or weird characters. Removing spaces in my path fixed the issue of timeout for me.