Thank you! I very much thank you!
- SPEC1AL1ST
Post a reply
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
Topic review
- martin
- Uwe
@martin: That might well be so, but as of 2021-12-16 the main download at https://winscp.net/eng/download.php is still 5.19, so presumably that's what most folks run.
- martin
@Uwe: Note that WinSCP 5.20 beta was released already.
- Uwe
Per https://winscp.net/tracker/1952:
You might also need to add:
See also: https://winscp.net/forum/viewtopic.php?t=31767
OpenSSH 8.8 disabledssh-rsaby default. Until WinSCP 5.20 is released, add this to server'ssshd_configto re-enable it:PubkeyAcceptedAlgorithms +ssh-rsa
You might also need to add:
PubkeyAuthentication yes
See also: https://winscp.net/forum/viewtopic.php?t=31767
- martin
Can you authenticate using
server1.key (or its .ppk equivalent) using any SSH/SFTP client on that Windows machine?
- WhiteTiger-IT
Simply by using
I created a config file with the indications of the various servers and where the private key is located on my PC, then I type
For example (in this Host-Name=server1):
In this way, with
Obviously without any error.
Instead, if I connect to the same server from PuTTY (using the ppk key), it first gives me an error Server refused our key, then immediately asks me for the password of user1.
ssh.
I created a config file with the indications of the various servers and where the private key is located on my PC, then I type
ssh Host-Name
For example (in this Host-Name=server1):
Host server1
HostName 192.168.100.100
User user1
IdentityFile ~/.ssh/server1.key
In this way, with
ssh server1 first I have to type the key password; then I have to type the password of user1; then, if I need it, I type su - and I have to type the password for the root.
Obviously without any error.
Instead, if I connect to the same server from PuTTY (using the ppk key), it first gives me an error Server refused our key, then immediately asks me for the password of user1.
- martin
Re: Key is correct, but refused
How do you authenticate "from the linux terminal"?
- WhiteTiger-IT
Key is correct, but refused
I generated an SSH key with PuTTYGen.
I copied authorized_keys to the debian server and the private .ppk key to the PC.
If from the linux terminal I launch an SSH session I can connect without errors.
If instead I try to connect from PuTTY (both from Win10 and Linux) I get the error
I have tried several times, even generating different keys, with length 2048 and 4096.
I don't understand where I'm wrong.
Until I am sure that the key is always accepted, I obviously cannot block access with passwords.
This is the log of the last session.
PuTTY didn't accept the key, but he accepted the user's login.
This is the sshd-config
I copied authorized_keys to the debian server and the private .ppk key to the PC.
If from the linux terminal I launch an SSH session I can connect without errors.
If instead I try to connect from PuTTY (both from Win10 and Linux) I get the error
Server refused our key
I have tried several times, even generating different keys, with length 2048 and 4096.
I don't understand where I'm wrong.
Until I am sure that the key is always accepted, I obviously cannot block access with passwords.
This is the log of the last session.
PuTTY didn't accept the key, but he accepted the user's login.
2020-06-18 10:51:53 Looking up host "192.168.201.11" for SSH connection
2020-06-18 10:51:53 Connecting to 192.168.201.11 port 1022
2020-06-18 10:51:53 We claim version: SSH-2.0-PuTTY_Release_0.73
2020-06-18 10:51:53 Remote version: SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
2020-06-18 10:51:53 Using SSH protocol version 2
2020-06-18 10:51:53 No GSSAPI security context available
2020-06-18 10:51:53 Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
2020-06-18 10:51:53 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
2020-06-18 10:51:53 Host key fingerprint is:
2020-06-18 10:51:53 ssh-ed25519 255 d8:8f:87:27:ca:87:01:86:20:6e:9e:a0:14:b7:d4:21
2020-06-18 10:51:53 Initialised AES-256 SDCTR (unaccelerated) outbound encryption
2020-06-18 10:51:53 Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
2020-06-18 10:51:53 Initialised AES-256 SDCTR (unaccelerated) inbound encryption
2020-06-18 10:51:53 Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
2020-06-18 10:51:53 Reading key file "L:\Chiavi-SSH\LS-ULHQ-1-PuTTY-Private-Key.ppk"
2020-06-18 10:51:53 Writing new session log (raw mode) to file: putty.log
2020-06-18 10:52:04 Offered public key
2020-06-18 10:52:04 Server refused our key
2020-06-18 10:52:04 Attempting keyboard-interactive authentication
2020-06-18 10:52:18 Access granted
2020-06-18 10:52:18 Opening main session channel
2020-06-18 10:52:18 Opened main channel
2020-06-18 10:52:18 Allocated pty
2020-06-18 10:52:18 Started a shell/command
This is the sshd-config
Port 1022
ListenAddress 0.0.0.0
PermitRootLogin no
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server