Error: "Server refused public-key signature despite accepting key!
Hi .
I must first say i already validate that i'm using the correct private key and the public key is in OpenSSH format but still getting this error.
i'm using openSSH as server.
Version of winscp:5.7.6
file protocol : SFTP
normal authentication works fine.
log file in debug mode:
5160 16:03:26 866 debug1: allocating new sfd, sfd [3] fd [4] handle [608] type [2]
5160 16:03:26 866 Connection from 192.168.0.96 port 63488 on 192.168.0.10 port 22
5160 16:03:26 866 debug1: Client protocol version 2.0; client software version WinSCP_release_5.7.6
5160 16:03:26 866 debug1: no match: WinSCP_release_5.7.6
5160 16:03:26 866 debug1: Enabling compatibility mode for protocol 2.0
5160 16:03:26 866 debug1: Local version string SSH-2.0-OpenSSH_7.1p1 Microsoft_Win32_port_with_VS
5160 16:03:26 866 debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
5160 16:03:26 866 debug1: SSH2_MSG_KEXINIT sent
5160 16:03:26 866 debug2: starting thread [0] for sfd [3] with test type[1]
5160 16:03:26 881 debug1: SSH2_MSG_KEXINIT received
5160 16:03:26 881 debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
5160 16:03:26 881 debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
5160 16:03:26 881 debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
5160 16:03:26 881 debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib@openssh.com
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib@openssh.com
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit: first_kex_follows 0
5160 16:03:26 881 debug2: kex_parse_kexinit: reserved 0
5160 16:03:26 881 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
5160 16:03:26 881 debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
5160 16:03:26 881 debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
5160 16:03:26 881 debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
5160 16:03:26 881 debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit: first_kex_follows 0
5160 16:03:26 881 debug2: kex_parse_kexinit: reserved 0
5160 16:03:26 881 debug1: kex: client->server aes256-ctr hmac-sha2-256 none
5160 16:03:26 881 debug1: kex: server->client aes256-ctr hmac-sha2-256 none
5160 16:03:26 881 debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST
5160 16:03:26 944 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
5160 16:03:26 944 WARNING: /moduli does not exist, using fixed modulus
5160 16:03:26 944 debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
5160 16:03:26 960 debug2: bits set: 2032/4096
5160 16:03:26 960 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
5160 16:03:27 444 debug2: bits set: 2092/4096
5160 16:03:27 460 debug2: set_newkeys: mode 1
5160 16:03:27 460 debug1: SSH2_MSG_NEWKEYS sent
5160 16:03:27 460 debug1: expecting SSH2_MSG_NEWKEYS
5160 16:03:27 991 debug2: set_newkeys: mode 0
5160 16:03:27 991 debug1: SSH2_MSG_NEWKEYS received
5160 16:03:27 991 debug1: KEX done
5160 16:03:28 085 debug1: userauth-request for user moked-4 service ssh-connection method none
5160 16:03:28 085 debug1: attempt 0 failures 0
5160 16:03:28 085 debug2: parse_server_config: config reprocess config len 324
5160 16:03:28 085 debug2: input_userauth_request: setting up authctxt for moked-4
5160 16:03:28 085 debug2: input_userauth_request: try method none
5160 16:03:28 085 Failed none for moked-4 from 192.168.0.96 port 63488 ssh2
5160 16:03:28 085 debug1: userauth-request for user moked-4 service ssh-connection method publickey
5160 16:03:28 085 debug1: attempt 1 failures 0
5160 16:03:28 085 debug2: input_userauth_request: try method publickey
5160 16:03:28 085 debug1: test whether pkalg/pkblob are acceptable
5160 16:03:28 085 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
5160 16:03:28 085 Postponed publickey for moked-4 from 192.168.0.96 port 63488 ssh2
5160 16:03:34 803 debug1: userauth-request for user moked-4 service ssh-connection method publickey
5160 16:03:34 803 debug1: attempt 2 failures 0
5160 16:03:34 803 debug2: input_userauth_request: try method publickey
5160 16:03:34 803 debug1: -> LsaLogon()...
5160 16:03:34 803 debug1: Checking args...
5160 16:03:34 803 debug1: Setting up LSA Strings...
5160 16:03:34 803 debug1: LsaRegisterLogonProcess()...
5160 16:03:34 803 debug1: Retrieving Authentification Package ID...
5160 16:03:34 803 debug1: Allocating LsaAuth struct...
5160 16:03:34 803 debug1: Setting up TOKEN_SOURCE...
5160 16:03:34 803 debug1: Login attemp...
5160 16:03:34 803 debug1: SSH-LSA authorization failed. (err = 0, ntStat = c000006d).
5160 16:03:34 803 debug1: <- LsaLogon()...
5160 16:03:34 803 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
5160 16:03:34 803 Failed publickey for moked-4 from 192.168.0.96 port 63488 ssh2: RSA SHA256:QfKeD3bie1fGEMM3WwbLc8JN4py84WWYZ7cQk/qhBxc
5160 16:03:34 866 debug1: userauth-request for user moked-4 service ssh-connection method keyboard-interactive
5160 16:03:34 866 debug1: attempt 3 failures 1
5160 16:03:34 866 debug2: input_userauth_request: try method keyboard-interactive
5160 16:03:34 866 debug1: keyboard-interactive devs
5160 16:03:34 866 debug1: auth2_challenge: user=moked-4 devs=
5160 16:03:34 866 debug1: kbdint_alloc: devices ''
5160 16:03:34 866 debug2: auth2_challenge_start: devices
5160 16:03:34 866 Failed keyboard-interactive for moked-4 from 192.168.0.96 port 63488 ssh2
PLEASE help!
I must first say i already validate that i'm using the correct private key and the public key is in OpenSSH format but still getting this error.
i'm using openSSH as server.
Version of winscp:5.7.6
file protocol : SFTP
normal authentication works fine.
log file in debug mode:
5160 16:03:26 866 debug1: allocating new sfd, sfd [3] fd [4] handle [608] type [2]
5160 16:03:26 866 Connection from 192.168.0.96 port 63488 on 192.168.0.10 port 22
5160 16:03:26 866 debug1: Client protocol version 2.0; client software version WinSCP_release_5.7.6
5160 16:03:26 866 debug1: no match: WinSCP_release_5.7.6
5160 16:03:26 866 debug1: Enabling compatibility mode for protocol 2.0
5160 16:03:26 866 debug1: Local version string SSH-2.0-OpenSSH_7.1p1 Microsoft_Win32_port_with_VS
5160 16:03:26 866 debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
5160 16:03:26 866 debug1: SSH2_MSG_KEXINIT sent
5160 16:03:26 866 debug2: starting thread [0] for sfd [3] with test type[1]
5160 16:03:26 881 debug1: SSH2_MSG_KEXINIT received
5160 16:03:26 881 debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
5160 16:03:26 881 debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
5160 16:03:26 881 debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
5160 16:03:26 881 debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib@openssh.com
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib@openssh.com
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit: first_kex_follows 0
5160 16:03:26 881 debug2: kex_parse_kexinit: reserved 0
5160 16:03:26 881 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1
5160 16:03:26 881 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
5160 16:03:26 881 debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
5160 16:03:26 881 debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
5160 16:03:26 881 debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
5160 16:03:26 881 debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib
5160 16:03:26 881 debug2: kex_parse_kexinit: none,zlib
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit:
5160 16:03:26 881 debug2: kex_parse_kexinit: first_kex_follows 0
5160 16:03:26 881 debug2: kex_parse_kexinit: reserved 0
5160 16:03:26 881 debug1: kex: client->server aes256-ctr hmac-sha2-256 none
5160 16:03:26 881 debug1: kex: server->client aes256-ctr hmac-sha2-256 none
5160 16:03:26 881 debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST
5160 16:03:26 944 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
5160 16:03:26 944 WARNING: /moduli does not exist, using fixed modulus
5160 16:03:26 944 debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
5160 16:03:26 960 debug2: bits set: 2032/4096
5160 16:03:26 960 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
5160 16:03:27 444 debug2: bits set: 2092/4096
5160 16:03:27 460 debug2: set_newkeys: mode 1
5160 16:03:27 460 debug1: SSH2_MSG_NEWKEYS sent
5160 16:03:27 460 debug1: expecting SSH2_MSG_NEWKEYS
5160 16:03:27 991 debug2: set_newkeys: mode 0
5160 16:03:27 991 debug1: SSH2_MSG_NEWKEYS received
5160 16:03:27 991 debug1: KEX done
5160 16:03:28 085 debug1: userauth-request for user moked-4 service ssh-connection method none
5160 16:03:28 085 debug1: attempt 0 failures 0
5160 16:03:28 085 debug2: parse_server_config: config reprocess config len 324
5160 16:03:28 085 debug2: input_userauth_request: setting up authctxt for moked-4
5160 16:03:28 085 debug2: input_userauth_request: try method none
5160 16:03:28 085 Failed none for moked-4 from 192.168.0.96 port 63488 ssh2
5160 16:03:28 085 debug1: userauth-request for user moked-4 service ssh-connection method publickey
5160 16:03:28 085 debug1: attempt 1 failures 0
5160 16:03:28 085 debug2: input_userauth_request: try method publickey
5160 16:03:28 085 debug1: test whether pkalg/pkblob are acceptable
5160 16:03:28 085 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
5160 16:03:28 085 Postponed publickey for moked-4 from 192.168.0.96 port 63488 ssh2
5160 16:03:34 803 debug1: userauth-request for user moked-4 service ssh-connection method publickey
5160 16:03:34 803 debug1: attempt 2 failures 0
5160 16:03:34 803 debug2: input_userauth_request: try method publickey
5160 16:03:34 803 debug1: -> LsaLogon()...
5160 16:03:34 803 debug1: Checking args...
5160 16:03:34 803 debug1: Setting up LSA Strings...
5160 16:03:34 803 debug1: LsaRegisterLogonProcess()...
5160 16:03:34 803 debug1: Retrieving Authentification Package ID...
5160 16:03:34 803 debug1: Allocating LsaAuth struct...
5160 16:03:34 803 debug1: Setting up TOKEN_SOURCE...
5160 16:03:34 803 debug1: Login attemp...
5160 16:03:34 803 debug1: SSH-LSA authorization failed. (err = 0, ntStat = c000006d).
5160 16:03:34 803 debug1: <- LsaLogon()...
5160 16:03:34 803 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
5160 16:03:34 803 Failed publickey for moked-4 from 192.168.0.96 port 63488 ssh2: RSA SHA256:QfKeD3bie1fGEMM3WwbLc8JN4py84WWYZ7cQk/qhBxc
5160 16:03:34 866 debug1: userauth-request for user moked-4 service ssh-connection method keyboard-interactive
5160 16:03:34 866 debug1: attempt 3 failures 1
5160 16:03:34 866 debug2: input_userauth_request: try method keyboard-interactive
5160 16:03:34 866 debug1: keyboard-interactive devs
5160 16:03:34 866 debug1: auth2_challenge: user=moked-4 devs=
5160 16:03:34 866 debug1: kbdint_alloc: devices ''
5160 16:03:34 866 debug2: auth2_challenge_start: devices
5160 16:03:34 866 Failed keyboard-interactive for moked-4 from 192.168.0.96 port 63488 ssh2
PLEASE help!