Re: SSL support
Sent.
Can you please send me the 5.8 dev version too for the same reason FTPS with certs.
Hi Can I have the dev version also as I have a need for this via c#. Thanks
If possible, I'd like to test the 5.8 version for our particular case : cert and its key are located either on a smart-card, or a USB dongle.
The client certificates are for TLS/SSL (FTPS, WebDAVS), not for SSH/SFTP.
That's a proprietary extension of OpenSSH server.
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD
WinSCP does not support this.
There are no client certificates in proper SSH.
SSL means “Secure Sockets Layer”. Many protocols — like HTTP, SMTP, FTP, and SSH ‘“ were adjusted to include the support of SSL. Basically, it works as a tier in a certain protocol to provide cryptographic and security functions.
The client certificates are for TLS/SSL (FTPS, WebDAVS), not for SSH/SFTP.
I'm trying to make an SFTP connection with a server signed client certificate.
I've already tested it, and it works on Linux with:
sftp -i <client_key> marty@10.0.0.2
The Linux sftp client expects the following naming convention in order for the client to pick up the certificate and its complementary private key:
<client_key> (private key)
<client_key>.pub (public key)
<client_key>-cert.pub (CA signed public key)
How does it work with WinSCP (version 20150710r)?
I expect it will be needing access to the certificate and its private key.
How do I have to supply those?
(BTW The SFTP server only allows authentication with client certificates.)
The client certificates are for TLS/SSL (FTPS, WebDAVS), not for SSH/SFTP.
What kind of certificate and private key format is WinSCP (version 20150710r) expecting?
-privatekey
).
.ppk
format.
winscp> open sftp://marty@10.0.0.2 -clientcert=G:\Keystore\client_key-cert.pub -privatekey=G:\Keystore\client_key
Searching for host...
Connecting to host...
Authenticating...
Unable to use key file "G:\Keystore\client_key" (OpenSSH SSH-2 private key)
Using username "marty".
Disconnected: No supported authentication methods available (server sent: publickey)
Authentication log (see session log for details):
Unable to use key file "G:\Keystore\client_key" (OpenSSH SSH-2 private key)
Using username "marty".
Authentication failed.
I'd like to test it out too if possible? Thanks.
Sent.
Do you mean removing the passphrase from the certificate? Im afraid that this is not an option for me..
Thanks! Enjoying it so far :)! Nice work.
Just one question.. Every time I set up a connection it asks me for the client certificate password. Is there a way to make WinSCP remember it?
Did you consider saving the certificate without passphrase?
Thanks! Enjoying it so far :)! Nice work.
Just one question.. Every time I set up a connection it asks me for the client certificate password. Is there a way to make WinSCP remember it?
Can you please send me this version, too? I will need the correct console commands in future. Thanks!
Could you also give me a link to the development version? I would also very much like to try this feature.
Sent.
Seehelp open
.
It's-clientcert
and-passphrase
.
Though in your build it was-clientcertificate
.
I'm sending you the latest build that will match a future production version.
A vendor of ours is requiring certificate authentication. Would it be possible to send me a link to the development version to test out? Thanks so much if you can!
Could you also give me a link to the development version? I would also very much like to try this feature.
Sent.
Could you also give me a link to the development version? I would also very much like to try this feature.
help open
.
-clientcert
and -passphrase
.
-clientcertificate
.
can you send it to me, too? Would be great!
By the way, when is release date für 5.8?
Can I get a this too? I need to connect to an FTP that requires certificate authentication.
Need a Client with Certificate Authentication (and User/Password) on a FTPS connection.
Could I get a version with these options available please?
Sent. I appreciate any feedback.
Need a Client with Certificate Authentication (and User/Password) on a FTPS connection.
Could I get a version with these options available please?
I have sent you an email with a development version for testing.