SSH Key Support

scattea · Post by **scattea** » Wed Aug 27, 2003 5:19 pm

Just found Coreftp, its great

, however having a little problem with SSH.

I'm using Pageant(putty) & Coreftp. I get the following
---------
Connecting to 10.0.0.250, port 22
Looking up host "10.0.0.250"
Connecting to 10.0.0.250 port 22
Server version: SSH-1.99-OpenSSH_3.4p1 FreeBSD-20020702
version: SSH-2.0-SSH-Local: Jul 17 2003 15:27:57
Using SSH protocol version 2
processing group exchange
processing key exchange
Host key fingerprint is:
--- Key Fingerprint removed ------
Initialized AES-256 client->server encryption
Initialized AES-256 server->client encryption
Pageant is running. Requesting keys.

And then it stops for about 60 seconds.

and eventually I get :

Can't establish connection --> 10.0.0.250:22 @ Wed Aug 27 16:58:06 2003 (0-1)

------------

Now I know the same key, user & password work using putty, so any idea what I am doing wrong?

What agent did you use for your keys?

Thanks

doh - help if I put some versions down.

coreftp 1.2
putty 0.53b

sabin1001 · Post by **sabin1001** » Mon Nov 10, 2003 6:18 pm

I'm using CoreFTP 1.2e (build 1200) on WinXP with pageant version 0.53b running and I get the same problem when connecting to any server. Unfortunately I cannot give you access to these servers. Just wanted to let you know that the problem still seems to exist.

sabin1001 · Post by **sabin1001** » Mon Nov 10, 2003 6:49 pm

That's fine, but should coreftp be hanging just because I have paegeant running? Cause that's what it's doing. It doesn't even time out after 60 seconds like the previous poster had.

The other part of this that I didnt' go into is that I can't get ssh to work at all using private keys. Here's my typical output with paegeant:

Connecting to nell, port 22
Looking up host "{HOSTNAME}"
Connecting to {IP ADDRESS} port 22
Server version: SSH-1.99-OpenSSH_2.9.9p2
Remote version may have SSH2 RSA padding bug
version: SSH-2.0-SSH-Local: Oct 3 2003 13:50:24
Using SSH protocol version 2
processing group exchange
processing key exchange
Host key fingerprint is:
ssh-rsa 1024 ce:39:be:90:aa:64:62:5f:86:f6:79:cb:1f:93:51:ce
Initialized AES-256 client->server encryption
Initialized AES-256 server->client encryption
Reading private key file "C:\Documents and Settings\cprivite\rpgamer.PPK"
Pageant is running. Requesting keys.

There it hangs.

If I exit pageant and try again I get this:

Looking up host "{HOSTNAME}"
Connecting to {IP ADDRESS} port 22
Server version: SSH-1.99-OpenSSH_2.9.9p2
Remote version may have SSH2 RSA padding bug
version: SSH-2.0-SSH-Local: Oct 3 2003 13:50:24
Using SSH protocol version 2
processing group exchange
processing key exchange
Host key fingerprint is:
ssh-rsa 1024 ce:39:be:90:aa:64:62:5f:86:f6:79:cb:1f:93:51:ce
Initialized AES-256 client->server encryption
Initialized AES-256 server->client encryption
Reading private key file "C:\Documents and Settings\cprivite\private1.PPK"
Offered public key
Offer of public key accepted
Keyboard-interactive authentication refused
Sent password
Access denied
Reading private key file "C:\Documents and Settings\cprivite\private1.PPK"
Offered public key
Offer of public key accepted
Keyboard-interactive authentication refused
Sent password
Received disconnect message (SSH_DISCONNECT_PROTOCOL_ERROR)
Disconnection message text: Too many authentication failures for cprivite
Server sent disconnect message type 2 (SSH_DISCONNECT_PROTOCOL_ERROR): "Too many authentication failures for cprivite"
Unable to initialize SFTP: could not connect (sftp not enabled?)
Can't establish connection --> {HOSTNAME}:22 @ Mon Nov 10 12:47:38 2003 (10038-1)

That happens with any server I try to connect to using a key with. If I just use my password, it works fine, but I'd like to use my private keys.

sabin1001 · Post by **sabin1001** » Mon Nov 10, 2003 7:30 pm

Well this key isn't protected by a password actually, will that not work for coreftp? It works for putty and sftp. And the server shouldn't need my normal password since I'm using my key, so I don't understand why it's complaining about needing a password.

sabin1001 · Post by **sabin1001** » Wed Nov 12, 2003 2:57 pm

I have no password entered in either the Password box on the Site Manager, or the password box in the SSH part of Advanced Site Settings. Doesn't make a difference.

sabin1001 · Post by **sabin1001** » Thu Nov 13, 2003 12:06 am

The log is still the same, since I didn't have the passwords entered during the other log either. Also remember I posted logs of what happens when pageant is running and when it isn't. So you have all the current information in my previous post.

sabin1001 · Post by **sabin1001** » Thu Nov 13, 2003 5:13 am

I've actually tried AIX 4.3.3, some version of SunOS, and a RedHat 9 server, all with the same effect. The key info is actually already in the output I posted, but it's ssh2-rsa 1024 just to clarify again.

I just tried it at home with an OpenBSD server and a Debian server, again getting similar effects (the OpenBSD server repeats Offerered Public Key Offer of public key accepted a few times). I have my private key file specified in the SSH settings in the advanced menu ( no password defined for the Debian server, a password defined for the openBSD server in the SSH menu ).

I also get the same pageant error at home and had to turn it off.

sabin1001 · Post by **sabin1001** » Fri Nov 14, 2003 11:15 pm

Still, if I have pageant running, it stops and says that it's requesting keys from pageant. I have to exit pageant to get anything working.

After I do that and try again, it grants me access and acts as though I've logged in, but nothing displays in the right window pane. Not my home directory or anything. If I try to put /net_home/cprivite in the address bar there, the program just locks up. If I try to use the up a directory button, the program again locks up.

elcome to Core FTP, release ver 1.2f beta, build 1202 -- © 2003
WinSock 2.0
Mem -- 515,568 KB, Virt -- 2,097,024 KB
Started on Friday November 14, 2003 at 17:14:PM
Looking up host "servername"
Connecting to 172.1.1.1 port 22
Server version: SSH-1.99-OpenSSH_2.9.9p2
Remote version may have SSH2 RSA padding bug
version: SSH-2.0-SSH-Local: Nov 14 2003 12:02:44
Using SSH protocol version 2
processing group exchange
processing key exchange
Host key fingerprint is:
ssh-rsa 1024 ce:39:be:90:aa:64:62:5f:86:f6:79:cb:1f:93:51:ce
Initialized AES-256 client->server encryption
Initialized AES-256 server->client encryption
Reading private key file "C:\Documents and Settings\cprivite\private1.PPK"
Offered public key
Offer of public key accepted
Access granted
Opened channel for session
Started shell session
Keep alive off...
CWD /net_home/cprivite/

sabin1001 · Post by **sabin1001** » Sat Nov 15, 2003 1:44 am

Actually I think it might have something to do with the old SSH version on the server. I just tried my personal webserver which runs Debian and a new SSH package and had no problems. I also tried a FreeBSD server as well which is also running a newer SSH package and again had no problems. I'll try to get that SSH package updated.

But yeah, I look forward to you fixing the pageant problem.

Thanks for your quick turnaround in fixing one of these bugs.

SSH Key Support

SSH Key Support

Better, but still not working