Public/Private Key Authentication Error on Windows XP

Advertisement

javacavaj2
Guest

Public/Private Key Authentication Error on Windows XP

Attempts to login to a SFTP server from my Windows XP machine fail. The log file indicates:

. Offered public key
! Server refused our key
. Server refused public key

Using the same private key I am able to login from Windows 2000 box. Are they any special settings for Windows XP? My session configuration as listed in the log file is below. Anyone encountered the same issue?


. ----------------------------------------------------
. WinSCP Version 3.5.6 (Build 213)
. Login time: Wednesday, March 24, 2004 9:22:40 PM
. ----------------------------------------------------
. Session name: SFTP
. Host name: xxx.xxxx.com(Port: 22)
. User name: xxxxx(Password: No, Key file: Yes)
. Transfer Protocol: SFTP
. SSH protocol version: 2; Compression: No
. Agent forwarding: No; TIS/CryptoCard: No; KI: No
. Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: No
. Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. SSH Bugs:
. Proxy: none
. Return code variable: Autodetect; Lookup user groups: Yes
. Shell: default, EOL: 0
. Local directory: default, Remote directory: home, Update: No, Cache: Yes
. Cache directory changes: Yes, Permanent: Yes
. Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
40,476
Location:
Prague, Czechia

Re: Public/Private Key Authentication Error on Windows XP

There are no special settings for WinXP. Can you try to login using Putty SSH client using the key?

Reply with quote

javacavaj2
Guest

Re: Public/Private Key Authentication Error on Windows XP

Martin,

I was successful at logging in with the Putty SSH client. Any thoughts on how to go about debugging my issue in the GUI version? As an aside I also encounter routing errors when trying to establish a SSL-VPN connection. Both issues are probably related to something in XP since I never had this problem on my W2K machine.

Thanks for the asst.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
40,476
Location:
Prague, Czechia

Re: Public/Private Key Authentication Error on Windows XP

javacavaj2 wrote:

I was successful at logging in with the Putty SSH client. Any thoughts on how to go about debugging my issue in the GUI version? As an aside I also encounter routing errors when trying to establish a SSL-VPN connection. Both issues are probably related to something in XP since I never had this problem on my W2K machine.
I do not think that it has something to do with XP. It is rather some bug that reveal only under some circumstances. Too often, there is bug in Putty code (with WinSCP uses) that reveals only when compiled with Borland compiler (that I use), but does to reveal with Microsoft compiler (that Putty uses). It is hard to track down. Anyway thanks for report, at least I know that there is maybe something wrong.

Reply with quote

Arghhhh
Guest

Re: Public/Private Key Authentication Error on Windows XP

Hi,
I'm pulling back from is grave this topic ;)
I have exctaly the same problem using the 4.0.4(Build 436)
I can connect with my key using putty but not using WinSCP.
When trying to connect with WinSCP using login and password no problem.
Here is the WinSCP log :
. 2007-09-18 01:46:35.671 --------------------------------------------------------------------------
. 2007-09-18 01:46:35.687 Looking up host "XXX.XXX.XXX.XXX"
. 2007-09-18 01:46:35.687 Connecting to XXX.XXX.XXX.XXX port 443
. 2007-09-18 01:46:37.640 Server version: SSH-2.0-OpenSSH_4.3
. 2007-09-18 01:46:37.640 We claim version: SSH-2.0-WinSCP_release_4.0.4
. 2007-09-18 01:46:37.640 Using SSH protocol version 2
. 2007-09-18 01:46:38.046 Doing Diffie-Hellman group exchange
. 2007-09-18 01:46:38.281 Doing Diffie-Hellman key exchange
. 2007-09-18 01:46:38.687 Host key fingerprint is:
. 2007-09-18 01:46:38.687 ssh-rsa 2048 XX:e9:54:60:82:f3:26:XX:f2:de:XX:af:e2:XX:8e:96
. 2007-09-18 01:46:38.687 Initialised AES-256 client->server encryption
. 2007-09-18 01:46:38.687 Initialised HMAC-SHA1 client->server MAC algorithm
. 2007-09-18 01:46:38.687 Initialised AES-256 server->client encryption
. 2007-09-18 01:46:38.687 Initialised HMAC-SHA1 server->client MAC algorithm
! 2007-09-18 01:46:38.984 Using username "putty".
. 2007-09-18 01:46:38.984 Reading private key file "D:\Putty\home.ppk"
. 2007-09-18 01:46:43.687 Offered public key
! 2007-09-18 01:46:43.781 Server refused our key
. 2007-09-18 01:46:43.781 Server refused public key
. 2007-09-18 01:46:43.796 Keyboard-interactive authentication refused
. 2007-09-18 01:46:43.796 Session password prompt (putty@XXX.XXX.XXX.XXX's password: )
. 2007-09-18 01:48:06.406 Unable to authenticate
. 2007-09-18 01:48:06.406 Attempt to close connection due to fatal exception:
* 2007-09-18 01:48:06.406 Unable to authenticate
. 2007-09-18 01:48:06.406 Closing connection.
* 2007-09-18 01:48:06.406 (ESshFatal) Unable to authenticate
* 2007-09-18 01:48:06.406 Log d'authentification (voir le log de session pour les détails) :
* 2007-09-18 01:48:06.406 Utilisation du nom d'utilisateur "putty".
* 2007-09-18 01:48:06.406 Le serveur a refusé la clé.
* 2007-09-18 01:48:06.406 
* 2007-09-18 01:48:06.406 Erreur d'authentification
And here is the Cygwin OPENSSH sshd_config file :
Port 443
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh_host_rsa_key
#HostKey /etc/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
StrictModes no
#MaxAuthTries 6

#RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile   .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication mechanism. 
# Depending on your PAM configuration, this may bypass the setting of 
# PasswordAuthentication, PermitEmptyPasswords, and 
# "PermitRootLogin without-password". If you just want the PAM account and 
# session checks to run without PAM authentication, then enable this but set 
# ChallengeResponseAuthentication=no
#UsePAM no

AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
ClientAliveInterval 30
ClientAliveCountMax 3
UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#subsystem-sftp sftp-server
# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem   sftp   /usr/sbin/sftp-server
AllowUsers putty
So is that an ongoing bug or is there something that I missed ?
Thanks.

Reply with quote

Advertisement

Advertisement

You can post new topics in this forum