WinSCP with Putty-CAC

I am trying to use WinSCP 5.1.1 with Putty-CAC for authentication. However, anytime I try to connect to our server Pageant seems to fail to communicate. Here is the log below:

. 2012-12-07 07:27:04.652 Pageant is running. Requesting keys.
. 2012-12-07 07:27:04.655 Failed to get reply from Pageant
! 2012-12-07 07:27:04.655 Using username "USERNAME".
. 2012-12-07 07:27:06.560 Prompt (7, SSH password, , &Password: )
. 2012-12-07 07:27:07.855 Attempt to close connection due to fatal exception:
. 2012-12-07 07:27:07.855 Closing connection.
. 2012-12-07 07:27:07.855 Sending special code: 12
* 2012-12-07 07:27:07.964 (ESshFatal)

The last version of WinSCP that will work with Putty-CAC without any problems is 4.2.9. I really would like to be able to upgrade our WinSCP but I can not do so because we have to use Putty-CAC. So my question is can support be added in these newer version to support Putty-CAC once again? What changed from 4.2.9 to newer versions for it to stop working?

Putty-CAC can be found here: https://github.com/NoMoreFood/putty-cac/releases

Is the PuTTY-CAC Pageant different from the one that is in standard PuTTY package? Does it have some CAC-specific functionality?

Putty-CAC is suppose to be in sync with the latest putty (0.62). However, when you view the version information it says, "unidentified build". Putty-CAC adds support for MS-CAPI for CAC's. Like I said before Putty-CAC works fine with older versions up to 4.2.9 but nothing after that for some reason. Thanks.

jdantzler wrote:

Putty-CAC is suppose to be in sync with the latest putty (0.62). However, when you view the version information it says, "unidentified build". Putty-CAC adds support for MS-CAPI for CAC's. Like I said before Putty-CAC works fine with older versions up to 4.2.9 but nothing after that for some reason. Thanks.

Ok, I'm asking, if the CAC Pageant is the same as in standard PuTTY or if there's something special in the CAC Pageant. I.e. does the CAC Pageant allow WinSCP to use CAC? Or do you use CAC Pageant with WinSCP only because you use the CAC package in general? What if you replace the CAC pageant with standard one? Would WinSCP work? (I suppose it would). Would it break anything in your workflow? Also, can you auntheticate using the latest standard PuTTY via the CAC Pageant?

Yes, the CAC Pageant uses our CAC to authenticate with winSCP. If I was to replace the CAC Pageant with the regular one there would be no way for us to use our CAC's to access the server. CAC Pageant has a built in extra button, "Add CAPI Cert". We use this button to add our CAPI Cert from our CAC for authentication. The only thing I can thing of is something is not quite right with Putty-CAC. Although, it says it is updated to be in sync with the regular putty (0.62) something must be messed up. We have to use Putty-CAC as there is no other way that I know of around this. I have already contacted the developer of Putty-CAC and I am waiting on a response. Its been over three weeks so far. I just was unsure if there was something that could be fixed on this end or not.

Thanks for explanation.
So, can you authenticate using the latest standard PuTTY via the CAC Pageant?

Note that there has been a change in how PuTTY (or WinSCP) and Pageant communicate in PuTTY 0.61. So PuTTY 0.61 does not talk to Pageant 0.60. Though PuTTY 0.62 fixed that. It now talks to both old and new Pageants. The same for the latest WinSCP.

The way we authenticate I don't think we even need to use Putty at all. We do not use Putty Private Keys in Pageant. I am almost certain Pageant CAC doesn't use Putty for authentication. I can just have Pageant CAC on computer without any Putty and it will work on WinSCP 4.2.9 I believe. Correct me if I am wrong. How would I test this for sure?

Ok, I just modified the source code for it and I got it working finally. It appears that the developer accidentally deleted some necessary code from the original putty. Thanks for all your help.

jdantzler wrote:

Ok, I just modified the source code for it and I got it working finally. It appears that the developer accidentally deleted some necessary code from the original putty. Thanks for all your help.

Appreciate the information in this thread. Was able to get the latest Putty-CAC working with winSCP 4.2.9. Any chance you still have the file with the code change for the later version of winSCP?

pivinoperable wrote:

jdantzler wrote:

Ok, I just modified the source code for it and I got it working finally. It appears that the developer accidentally deleted some necessary code from the original putty. Thanks for all your help.

Appreciate the information in this thread. Was able to get the latest Putty-CAC working with winSCP 4.2.9. Any chance you still have the file with the code change for the later version of winSCP?

See attached. This is PuTTY-CAC updated/modified to 0.63 by me. This should work with newer versions of WinSCP for you. All the executable's are in the executable folder if you don't want to compile and build the code yourself. Hope this helps.