When users/admins run the STF SSH [TARGET SERVER], they get the following error:

error: ssh: Handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
 

• Okta Advanced Server Access (ASA)
• Okta Privileged Access (OPA)
• ScaleFT Client (sft)

The error indicates that the target server is rejecting SSH connections on port 22 (or to the configured SSH port). Some of the common causes for this issue are:

• Any specific SSH configuration on the target server (like if Allow* directives were set in sshd_config) will interfere with the ASA/OPA authentication flow for listed users.
• The "Server User Management" is disabled (via API) under the project, preventing users' access to manage the servers of the Project.

Refer to the solution section on how to check and fix the same.

SSHD configuration:

1. Log in to the Linux server in question outside of SFT, then navigate to /etc/ssh/.
2. Open the sshd_config using a file editor.
3. Check for possible "Allow" flags that might be limiting certain users or groups from accessing this specific server. For example, "AllowUsers" flag will have only the specified users as allowed users or groups if it is "AllowGroups".
4. In some cases, if the above did not fix the issue, it required moving the "TrustedUserCAKeys" line above the "Match group" line in /etc/ssh/sshd_config file and restarting the sshd service.

Server User Management:

1. Ensure that the Server User Management option is checked under the Projects. 

2. If this option is disabled (x), enable this option via create_server_users ASA Project API call.

Reach out to Okta support if the issue persists.