Scripting cert passphrases with special characters

Advertisement

stryfe
Joined:
Posts:
1
Location:
United States

Scripting cert passphrases with special characters

Hi Martin,
I'm having trouble using special characters in the cert passphrase.. the Plus sign being the culprit in this case. seems like the initial ftp password is successful with the %2B, but the cert passphrase is not. Is the variable necessary for the cert passphrase? Maybe quotes?

Ive poured over the documentation but i still cant seem to get it working.
Working through the GUI no problem.

Any ideas?
Thanks,
Dave

. 2018-04-30 14:20:27.694 --------------------------------------------------------------------------
. 2018-04-30 14:20:27.694 WinSCP Version 5.11.2 (Build 7781) (OS 6.3.9600 - Windows Server 2012 R2 Standard)
. 2018-04-30 14:20:27.694 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2018-04-30 14:20:27.694 Log level: Normal, Logging passwords
. 2018-04-30 14:20:27.694 Local account: SMH\HISD
. 2018-04-30 14:20:27.694 Working directory: C:\CIP
. 2018-04-30 14:20:27.694 Process ID: 5080
. 2018-04-30 14:20:27.694 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" /console=5.11.2 /consoleinstance=_3816_378 "/script=C:\CIP\cip.txt"
. 2018-04-30 14:20:27.694 Time zone: Current: GMT-4, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/11/2018, DST End: 11/4/2018
. 2018-04-30 14:20:27.694 Login time: Monday, April 30, 2018 2:20:27 PM
. 2018-04-30 14:20:27.694 --------------------------------------------------------------------------
. 2018-04-30 14:20:27.694 Script: Retrospectively logging previous script records:
> 2018-04-30 14:20:27.694 Script: option batch continue
< 2018-04-30 14:20:27.694 Script: batch continue
> 2018-04-30 14:20:27.694 Script: option confirm off
< 2018-04-30 14:20:27.694 Script: confirm off
> 2018-04-30 14:20:27.694 Script: open sftp://yadayadayada.com:Study123%2B@feed.yadayadayada.com/ -hostkey="ssh-rsa 2048 85:21:52:0c:20:e7:ae:61:fd:de:47:68:1f:ea:14:ff" -privatekey="C:\CIP\study3.ppk" -passphrase=Study123+ -rawsettings TryAgent=0 AgentFwd
. 2018-04-30 14:20:27.694 --------------------------------------------------------------------------
. 2018-04-30 14:20:27.694 Session name: sol@feed.yadayadayada.com (Ad-Hoc site)
. 2018-04-30 14:20:27.694 Host name: feed.yadayadayada.com (Port: 22)
. 2018-04-30 14:20:27.694 User name: sol (Password: Study123+, Key file: C:\CIP\study3.ppk, Passphrase: Study123+)
. 2018-04-30 14:20:27.694 Tunnel: No
. 2018-04-30 14:20:27.694 Transfer Protocol: SFTP
. 2018-04-30 14:20:27.694 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2018-04-30 14:20:27.694 Disable Nagle: No
. 2018-04-30 14:20:27.694 Proxy: None
. 2018-04-30 14:20:27.694 Send buffer: 262144
. 2018-04-30 14:20:27.694 SSH protocol version: 2; Compression: No
. 2018-04-30 14:20:27.694 Bypass authentication: No
. 2018-04-30 14:20:27.694 Try agent: No; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2018-04-30 14:20:27.694 GSSAPI: Forwarding: No
. 2018-04-30 14:20:27.694 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2018-04-30 14:20:27.694 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2018-04-30 14:20:27.694 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2018-04-30 14:20:27.694 Simple channel: Yes
. 2018-04-30 14:20:27.694 Return code variable: Autodetect; Lookup user groups: Auto
. 2018-04-30 14:20:27.694 Shell: default
. 2018-04-30 14:20:27.694 EOL: LF, UTF: Auto
. 2018-04-30 14:20:27.694 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2018-04-30 14:20:27.694 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2018-04-30 14:20:27.694 SFTP Bugs: Auto,Auto
. 2018-04-30 14:20:27.694 SFTP Server: default
. 2018-04-30 14:20:27.694 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2018-04-30 14:20:27.694 Cache directory changes: Yes, Permanent: Yes
. 2018-04-30 14:20:27.694 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2018-04-30 14:20:27.694 DST mode: Unix
. 2018-04-30 14:20:27.694 --------------------------------------------------------------------------
. 2018-04-30 14:20:27.694 Looking up host "yadayadayada.com" for SSH connection
. 2018-04-30 14:20:27.694 Connecting to 123.123.123.123 port 22
. 2018-04-30 14:20:27.757 We claim version: SSH-2.0-WinSCP_release_5.11.2
. 2018-04-30 14:20:27.835 Server version: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
. 2018-04-30 14:20:27.835 Using SSH protocol version 2
. 2018-04-30 14:20:27.835 Have a known host key of type rsa2
. 2018-04-30 14:20:27.898 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2018-04-30 14:20:28.022 Host key fingerprint is:
. 2018-04-30 14:20:28.022 ssh-rsa 2048 85:21:52:0c:20:e7:ae:61:fd:de:47:68:1f:ea:14:ff
. 2018-04-30 14:20:28.022 Verifying host key rsa2 0x10001,0xed80b6d34bd4775c 8b4f4309e13c336f 203765cc6920e5be c9c8d2f8b9b52daa 89c4e18488a0500f c7b225e8623fb1ea 6977958ac4ccdb32 e15c2716b93a262e 86e9ee4b323e28b8 fcd78927cca51d99 99bc9bcf73f5dd31 0633dc605ee5877a 4dfa78f02caaa8e5 b7270f9f7a0fc62c d3d95151fc591051 b5439c3504ee937a fa832edcf1db2389 4f99ed4a58762277 3bb65abdef11d8c4 968acc74c09e0be6 d125d9f59531fc1d aefd107ce0d662da fc56909149ab8d42 dc5c2dd31ea17c30 bc4cbe9e9ce5bb65 f66c38655755003b d5d2ba1cd21ed22d 3be1a1450208a62b 96c88bf83c27ae22 c3bf5d4f3b060da9 781158eea9b5dc35 fdc319079929378d with fingerprint ssh-rsa 2048 85:21:52:0c:20:e7:ae:61:fd:de:47:68:1f:ea:14:ff
. 2018-04-30 14:20:28.022 Host key matches cached key
. 2018-04-30 14:20:28.022 Initialised AES-256 SDCTR client->server encryption
. 2018-04-30 14:20:28.022 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2018-04-30 14:20:28.022 Initialised AES-256 SDCTR server->client encryption
. 2018-04-30 14:20:28.022 Initialised HMAC-SHA-256 server->client MAC algorithm
. 2018-04-30 14:20:28.194 Reading key file "C:\CIP\study3.ppk"
! 2018-04-30 14:20:28.210 Using username "sol".
. 2018-04-30 14:20:28.280 Server offered these authentication methods: publickey,password
. 2018-04-30 14:20:28.280 Offered public key
. 2018-04-30 14:20:28.343 Offer of public key accepted
! 2018-04-30 14:20:28.343 Authenticating with public key "rsa-key-20160812"
. 2018-04-30 14:20:28.343 Prompt (passphrase, "SSH key passphrase", <no instructions>, "Passphrase for key "rsa-key-20160812": ")
. 2018-04-30 14:20:28.358 Using configured passphrase.
! 2018-04-30 14:20:28.358 Wrong passphrase
. 2018-04-30 14:20:28.358 Prompt (passphrase, "SSH key passphrase", <no instructions>, "Passphrase for key "rsa-key-20160812": ")
. 2018-04-30 14:20:28.358 Disconnected: Unable to authenticate

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
28,658
Location:
Prague, Czechia

Re: Scripting cert passphrases with special characters

I have no problem with your exact script with a private key with the same passphrase (Study123+) with the same version of WinSCP.

Maybe sure you use a correct passphrase. Can you load your private key to PuTTYgen using this passphrase?

One just change it to a different one.

Reply with quote

boingoboingo
Guest

cert passphrase

Thanks for the reply Martin!

There was a different password associated with the cert than the session and I realized that when uploading to PuttyGen. Good to know that the cert password does not need to have the %2B, but the session password does.

You da man.

Thanks again!!!

Reply with quote

Advertisement

You can post new topics in this forum