Topic "WinScp 5.7.6 can't use saved passwords"

Author Message
slawomir.pryczek
[View user's profile]

Joined: 2016-01-14
Posts: 1
Hi, i have an issue with winscp, after version 5.5.2 i can no longer use stored passwords.

The password is stored in UI, but it does request the password to be entered on login anyway, sending you both log files so you can compare new version 5.7.6 vs 5.5.2. I attached log from version 5.8 but 5.7.6 works the same. Thanks.

==== 5.5.2 ====

Code:
--------------------------------------------------------------------------
WinSCP Version 5.5.2 (Build 4130) (OS 6.1.7601 Service Pack 1 - Windows 7 Professional)
Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\
Local account: slawek\slawo
Working directory: E:\Menu
Process ID: 34776
Command-line: "E:\Menu\WinSCP000.exe"
Time zone: Current: GMT+1, Standard: GMT+1 (Środkowoeuropejski czas stand.), DST: GMT+2 (Środkowoeuropejski czas letni), DST Start: 2016-03-27, DST End: 2016-10-30
Login time: 14 styczeń 2016 16:24:57
--------------------------------------------------------------------------
Session name: XXXX (Site)
Host name: XXXX (Port: XXXX)
User name: XXXX (Password: Yes, Key file: Yes)
Tunnel: No
Transfer Protocol: SFTP
Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
Proxy: none
Send buffer: 262144
SSH protocol version: 2 only; Compression: Yes
Bypass authentication: No
Try agent: No; Agent forwarding: Yes; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
SSH Bugs: A,A,A,A,A,A,A,A,A,A
Simple channel: Yes
Return code variable: Autodetect; Lookup user groups: A
Shell: default
EOL: 0, UTF: 2
Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
Local directory: Y:\, Remote directory: XXXXXXXXXXX, Update: Yes, Cache: Yes
Cache directory changes: Yes, Permanent: Yes
DST mode: 0; Timezone offset: 0h 0m
--------------------------------------------------------------------------
Looking up host XXXX
Connecting to XXXX port XXX
We claim version: SSH-2.0-WinSCP_release_5.5.2
Server version: SSH-2.0-OpenSSH_7.1
Using SSH protocol version 2
Server supports delayed compression; will try this later
Using Diffie-Hellman with standard group "group14"
Doing Diffie-Hellman key exchange with hash SHA-1
Verifying host key rsa2 XXXXXXXXXXXXXXXXXXXXXXXX
Host key matches cached key
Host key fingerprint is:
ssh-rsa 2048 62:fc:c8:24:6f:9b:93:3b:ca:81:d9:62:cb:7e:77:d4
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "XXXXXprivate.ppk"
Using username "XXXXXX".
Offered public key
Offer of public key accepted
Authenticating with public key "XXXX@o2.pl"
Prompt (3, SSH key passphrase, , Passphrase for key "XXXX@o2.pl": )
Using remembered password.    <-------- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Sent public key signature
Access granted
Initiating key re-exchange (enabling delayed compression)
Opening session as main channel
Using Diffie-Hellman with standard group "group14"
Doing Diffie-Hellman key exchange with hash SHA-1
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised zlib (RFC1950) compression
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Initialised zlib (RFC1950) decompression
Opened main channel
Started a shell/command


==== 5.8 ====
Code:
--------------------------------------------------------------------------
WinSCP Version 5.8 beta (Build 6030) (OS 6.1.7601 Service Pack 1 - Windows 7 Professional)
Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
Log level: Normal, Logging passwords
Local account: slawek\slawo
Working directory: E:\Menu
Process ID: 21724
Command-line: "E:\Menu\WinSCP-8b.exe"
Time zone: Current: GMT+1, Standard: GMT+1 (Środkowoeuropejski czas stand.), DST: GMT+2 (Środkowoeuropejski czas letni), DST Start: 2016-03-27, DST End: 2016-10-30
Login time: 14 styczeń 2016 16:22:39
--------------------------------------------------------------------------
Session name: XXXX (Modified site)
Host name: XXXX (Port: XXXX)
User name: ads (Password: XXXX, Key file: C:\Beano\new-key\private.ppk)
Tunnel: No
Transfer Protocol: SFTP
Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
Disable Nagle: No
Proxy: None
Send buffer: 262144
SSH protocol version: 2 only; Compression: Yes
Bypass authentication: No
Try agent: No; Agent forwarding: Yes; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
KEX: dh-group1-sha1,dh-group14-sha1,dh-gex-sha1,rsa,WARN
SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
Simple channel: Yes
Return code variable: Autodetect; Lookup user groups: Auto
Shell: default
EOL: LF, UTF: Auto
Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
SFTP Bugs: Auto,Auto
SFTP Server: default
Local directory: Y:\, Remote directory: /home/ads/adserver.adsbackend.com/htdocs, Update: Yes, Cache: Yes
Cache directory changes: Yes, Permanent: Yes
Recycle bin: Delete to: No, Overwritten to: No, Bin path:
DST mode: Win
--------------------------------------------------------------------------
Looking up host XXXX
Connecting to XXXX port XXXX
We claim version: SSH-2.0-WinSCP_release_5.8
Server version: SSH-2.0-OpenSSH_7.1
We believe remote version has SSH-2 channel request bug
Using SSH protocol version 2
Server supports delayed compression; will try this later
Using Diffie-Hellman with standard group "group14"
Doing Diffie-Hellman key exchange with hash SHA-1
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXX
Verifying host key rsa2 XXXXXXXXXXXXX
Host key matches cached key
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file XXXX\private.ppk"
Using username "XXXX".
Offered public key
Offer of public key accepted
Authenticating with public key "xxxx@o2.pl"
Prompt (passphrase, "SSH key passphrase", <no instructions>, "Passphrase for key "xxxx@o2.pl": ")  <------ PROMPT IS DISPLAYED
Response: "XXXX"                                 <------ PASSWORD XXXX ENTERED MANUALLY
Sent public key signature
Access granted
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
It was a bug between 5.5 and 5.5.4 that stored password was incorrectly used as a passphrase for a private key file:
http://winscp.net/tracker/show_bug.cgi?id=1176

To provide a passphrase, use -passphrase switch of open command or save the private key unencrypted.
See http://winscp.net/eng/docs/faq_passphrase
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License