Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Password authentication fails when running .NET Assembly script

Don't you have some special characters in your password that may get misinterpreted by PowerShell?

Please go through this first:
https://winscp.net/eng/docs/faq_script_vs_gui
tbowar

Password authentication fails when running .NET Assembly script

I am using WinSCP version 5.17.7.

When I connect with the GUI using credentials set up in Site Manager, it connects correctly. When I use a script with .NET assembly with the same credentials, it fails.

Here is the log when using GUI Site Manager:
. 2020-09-24 10:08:09.075 Looking up host “xxx.xxx.xxx.xxx for SSH connection

. 2020-09-24 10:08:09.075 Connecting to xxx.xxx.xxx.xxx port xxxx
. 2020-09-24 10:08:09.122 We claim version: SSH-2.0-WinSCP_release_5.17.7
. 2020-09-24 10:08:09.137 Remote version: SSH-2.0-CrushFTPSSHD
. 2020-09-24 10:08:09.137 Using SSH protocol version 2
. 2020-09-24 10:08:09.153 Have a known host key of type rsa2
. 2020-09-24 10:08:09.231 Doing ECDH key exchange with curve nistp256 and hash SHA-256
. 2020-09-24 10:08:09.700 Server also has ssh-dss host key, but we don't know it
. 2020-09-24 10:08:09.700 Host key fingerprint is:
. 2020-09-24 10:08:09.700 ssh-rsa 4096 xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx 5L2H7G+Af0j430j34c0rjm3WXZ/5yaep2b+WTniKAr/s=
. 2020-09-24 10:08:09.747 Host key matches cached key
. 2020-09-24 10:08:09.747 Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
. 2020-09-24 10:08:09.747 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2020-09-24 10:08:09.747 Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
. 2020-09-24 10:08:09.747 Initialised HMAC-SHA-256 inbound MAC algorithm
! 2020-09-24 10:08:09.872 Using username “<username>“.
. 2020-09-24 10:08:09.965 Server offered these authentication methods: password,publickey,keyboard-interactive
. 2020-09-24 10:08:09.965 Attempting keyboard-interactive authentication
. 2020-09-24 10:08:09.997 Prompt (keyboard interactive, "SSH server: password", "Enter password for <username>”, "Password:")
. 2020-09-24 10:08:09.997 Using stored password.
. 2020-09-24 10:08:10.059 Access granted
. 2020-09-24 10:08:10.059 Opening main session channel
. 2020-09-24 10:08:10.090 Opened main channel


Here is the log when using .NET Assembly script, with
$sessionOptions.AddRawSettings("AuthKIPassword", “0):


. 2020-09-24 10:03:34.788 Looking up host "sftp.healthpay24.net" for SSH connection

. 2020-09-24 10:03:34.788 Connecting to 162.209.118.99 port 2422
. 2020-09-24 10:03:34.835 We claim version: SSH-2.0-WinSCP_release_5.17.7
. 2020-09-24 10:03:34.867 Remote version: SSH-2.0-CrushFTPSSHD
. 2020-09-24 10:03:34.867 Using SSH protocol version 2
. 2020-09-24 10:03:34.867 Have a known host key of type rsa2
. 2020-09-24 10:03:34.945 Doing ECDH key exchange with curve nistp256 and hash SHA-256
. 2020-09-24 10:03:35.413 Server also has ssh-dss host key, but we don't know it
. 2020-09-24 10:03:35.413 Host key fingerprint is:
. 2020-09-24 10:03:35.413 ssh-rsa 4096 xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx.xx 5L2H7G+Af0j430j34c0rjm3WXZ/5yaep2b+WTniKAr/s=
. 2020-09-24 10:03:35.413 Host key matches configured key fingerprint
. 2020-09-24 10:03:35.413 Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
. 2020-09-24 10:03:35.413 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2020-09-24 10:03:35.413 Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
. 2020-09-24 10:03:35.413 Initialised HMAC-SHA-256 inbound MAC algorithm
! 2020-09-24 10:03:35.538 Using username "<username>”.
. 2020-09-24 10:03:35.570 Server offered these authentication methods: password,publickey,keyboard-interactive
. 2020-09-24 10:03:35.570 Attempting keyboard-interactive authentication
. 2020-09-24 10:03:35.601 Prompt (keyboard interactive, "SSH server: password", "Enter password for <username>”, "Password:")
. 2020-09-24 10:03:35.601 Using stored password.
. 2020-09-24 10:03:35.648 Keyboard-interactive authentication failed
! 2020-09-24 10:03:35.648 Access denied
. 2020-09-24 10:03:35.648 Server offered these authentication methods: password,publickey,keyboard-interactive
. 2020-09-24 10:03:35.648 Attempting keyboard-interactive authentication
. 2020-09-24 10:03:35.679 Prompt (keyboard interactive, "SSH server: password", "Enter password for <username>", "Password:")
. 2020-09-24 10:03:35.679 User aborted during keyboard-interactive authentication
. 2020-09-24 10:03:35.695 Attempt to close connection due to fatal exception:
* 2020-09-24 10:03:35.695 **Connection has been unexpectedly closed.** Server sent command exit status 0.
. 2020-09-24 10:03:35.695 Closing connection.


I used the default authentication configuration in the Site Manager.
I set $sessionOptions.AddRawSettings("AuthKIPassword", "0") in the script.

Three questions:
1. Why does the GUI succeed using keyboard-interactive authentication, but the script fails?
2. Why does the script attempt keyboard-interactive authentication when I have the AddRawSetting for AuthKIPassword set to 0?
3. Is there some other way to force the server to use password authentication instead of keyboard-interactive?