Forum » Support and Bug Reports »

Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

TheUntouchable

Okay, I finally had time to test this, just for someone who has the same problem as me :) 

PS C:\Windows\System32\config\systemprofile\.ssh> &"C:\temp\Winscp\winscp.exe" /keygen $env:windir\sysnative\config\systemprofile\.ssh\id_ed25519 /output=$env:windir\sysnative\config\systemprofile\.ssh\id_ed25519.ppk

Some more information regarding this mapping thing:
https://learn.microsoft.com/en-us/windows/win32/winprog64/file-system-redirector

And the important part here:
32-bit applications can access the native system directory by substituting %windir%\Sysnative for %windir%\System32. WOW64 recognizes Sysnative as a special alias used to indicate that the file system should not redirect the access. This mechanism is flexible and easy to use, therefore, it is the recommended mechanism to bypass file system redirection. Note that 64-bit applications cannot use the Sysnative alias as it is a virtual directory not a real one.
TheUntouchable

Re: No access to SYSTEMS's .ssh store (Windows)

Ah yes, you're right, I had forgotten about that.... I'll try the other paths when I'm back in the office, thanks for the tip!
martin

Re: No access to SYSTEMS's .ssh store (Windows)

The C:\WINDOWS\System32 is a magical folder that is mapped to different folders for 32-bit and 64-bit processes. WinSCP is 32-bit process, so it sees C:\Windows\SysWOW64. While your PowerShell is most likely 64-bit, so it sees C:\Windows\sysnative.
TheUntouchable

No access to SYSTEMS's .ssh store (Windows)

Hi guys,
I am in the process of switching from Windows built-in ssh/scp to WinSCP in my PowerShell script to make the transfer more reliable, but I have a little problem here.

Since the script will later run under the NT AUTHORITY\SYSTEM, I create an SSH key in its .ssh folder (C:\WINDOWS\system32\config\systemprofile\.ssh\) to make the key a bit more secure.

The first problem with this is that WinSCP cannot use this key because it only supports ppk.
The second problem is that when I try to convert this key via a PowerShell running as SYSTEM, it seems that WinSCP itself is not running as SYSTEM and cannot access this folder: 
PS C:\WINDOWS\system32\config\systemprofile\.ssh> whoami

nt authority\system

PS C:\WINDOWS\system32\config\systemprofile\.ssh> ls

    Directory: C:\WINDOWS\system32\config\systemprofile\.ssh

Mode                 LastWriteTime         Length Name

----                 -------------         ------ ----

-a----         6/28/2023   4:13 PM            444 id_ed25519

-a----         6/28/2023   4:13 PM            124 id_ed25519.pub

-a----         6/28/2023   4:14 PM            203 known_hosts

PS C:\WINDOWS\system32\config\systemprofile\.ssh> &"C:\temp\winscp.exe" /keygen .\id_ed25519 /output=.\id_ed25519.ppk

Private key file '.\id_ed25519' does not exist or cannot be opened.

System Error.  Code: 2.

The system cannot find the file specified

The same does work without any problems if I don't use that folder: 
PS C:\temp\test> &"C:\temp\winscp.exe" /keygen .\id_ed25519 /output=.\id_ed25519.ppk

Key saved to ".\id_ed25519.ppk".

What I am doing wrong here?

Documentation

Support

Associations

Follow Us