Forum » Support and Bug Reports »

Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Set up WinSCP with OpenSSH for SSH public key authentication does not work

Please follow these instructions:
https://winscp.net/eng/docs/guide_windows_openssh_server#key_authentication

The WinSCP's Install Public Key into Server feature assumes Linux server and (tries to) sets Linux permissions. What has no effect on Windows server. Even if WinSCP was able to detect that it's a Windows server, OpenSSH's SFTP protocol implementation does not allow setting Windows ACLs. You have to do it manually. Moreover as mentioned there, for Administrator accounts, the path to [m]authorized_keys[m] is non-standard.
timg11

Set up WinSCP with OpenSSH for SSH public key authentication does not work

I'm setting up OpenSSH server on Windows following this guide, and using public key following this guide.

I'm testing using WinSCP 6.3.6, with the eventual goal to support a Linux Client.
I can connect to the server using username and password.
Public key does not work – it gives "Server refused our key".

I generated a key pair using PuTTYgen. Default settings – RSA type, 2048 bits. I saved the public key as mypublickey.pub, and the private key as myprivatekey.ppk.

I created a WinSCP connection profile and under Advanced > SSH > Authentication, I entered the path the the private key file. Under that path, the Tools drop-down has an option to "Install Public Key into Server". I selected that option, and it brings up a dialog filtered for .PPK files (Private keys). I changed the filter to "All Files", and was able to see the mypublickey.pub file and select it.

I stopped and restarted the OpenSSH Authentication Agent and the OpenSSH Server services on the server in case they needed to re-load the public key. Still "Server refused our key".

I confirmed that the .ssh folder on the server machine contains the authorized-keys file, which contains the same string as in the PuTTYgen public key for pasting field.

I thought the dialog filtered for the private key when loading the public key to the server was odd, but otherwise everything has followed the guides. What did I miss? Are there any more logs I can enable? I see the folder C:\ProgramData\ssh\logs, but it is empty. I have uncommented the line LogLevel INFO in C:\ProgramData\ssh\sshd_config.
Nothing in the Windows system log other than "The OpenSSH SSH Server service entered the running state." when I restarted the service.

Documentation

Support

Associations

Follow Us