keyboard-interactive authentication and console command line in WinSCP

Advertisement

shurikin
Joined:
Posts:
1

keyboard-interactive authentication and console command line in WinSCP

Hello,

I use WinScp and use console. I copy files with command like this:
"C:\Program Files\WinSCP\WinSCP.exe" /console /command "option batch on" "option confirm off" "open test@test.ru" "cd /in" "option transfer binary" "put  -delete z:\test\out\export\*.*" 
exit.
It works correctly.
Recently the ssh server began to require keyboard-interactive authentication, as shown in the picture. Through the GUI I insert code and everything will connect successfully.
Is it possible to enter this verification code through the console? Сan you give examples?

Thank you in advance!

example.jpg

Reply with quote

Advertisement

diev
Joined:
Posts:
1
Location:
St.Petersburg, Russia

I have same dialog prompt now after an OpenSSH server has started to ask the 2FA code based on TOTP. I can enter this code in GUI, but I cannot pass it to my script. Now my script logs the following (please see last two lines):

. 2019-06-21 17:07:17.574 Looking up host "217.*.*.*" for SSH connection
. 2019-06-21 17:07:17.574 Connecting to 217.*.*.* port 22
. 2019-06-21 17:07:17.590 We claim version: SSH-2.0-WinSCP_release_5.15.2
. 2019-06-21 17:07:17.652 Server version: SSH-2.0-OpenSSH_7.4
. 2019-06-21 17:07:17.652 Using SSH protocol version 2
. 2019-06-21 17:07:17.652 Have a known host key of type rsa2
. 2019-06-21 17:07:17.652 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2019-06-21 17:07:17.777 Host key fingerprint is:
. 2019-06-21 17:07:17.777 ssh-rsa 2048 2a:d8:* cKWR*7E=
. 2019-06-21 17:07:17.777 Host key matches configured key
. 2019-06-21 17:07:17.777 Initialised AES-256 SDCTR client->server encryption
. 2019-06-21 17:07:17.777 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2019-06-21 17:07:17.777 Initialised AES-256 SDCTR server->client encryption
. 2019-06-21 17:07:17.777 Initialised HMAC-SHA-256 server->client MAC algorithm
! 2019-06-21 17:07:17.855 Using username "c***".
. 2019-06-21 17:07:17.886 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
. 2019-06-21 17:07:17.886 Using SSPI from SECUR32.DLL
. 2019-06-21 17:07:17.886 Attempting GSSAPI authentication
. 2019-06-21 17:07:17.918 GSSAPI authentication request refused
. 2019-06-21 17:07:17.918 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
. 2019-06-21 17:07:17.918 Attempting keyboard-interactive authentication
. 2019-06-21 17:07:17.949 Prompt (keyboard interactive, "SSH server authentication", "Using keyboard-interactive authentication.", "Password: ")
. 2019-06-21 17:07:17.949 Using stored password.
. 2019-06-21 17:07:18.011 Prompt (keyboard interactive, "SSH server authentication", "Using keyboard-interactive authentication.", "Verification code: ")
. 2019-06-21 17:07:18.011 Disconnected: Unable to authenticate

I have my verification code calculated properly based on http://blog.tinisles.com/2011/10/google-authenticator-one-time-password-algorithm-in-javascript/ but I have no idea how to reply to this server's second prompt from the script.

That post on Stack Overflow has no answers on it.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
31,433
Location:
Prague, Czechia

It's not possible to automatically provide an input to multi factor authentication atm.

Reply with quote

Advertisement

You can post new topics in this forum