.\WinSCP.exe command without password fails

Advertisement

francesco84mantovani@gmail.com
Joined:
Posts:
9
Location:
Lausanne

.\WinSCP.exe command without password fails

Hello, I think I found a bug.
Steps to reproduce:

1) If I open PowerShell and pass the values user:password@server like this
.\WinSCP.exe sftp://user:password@10.230.123.30/ /hostkey="ssh-ed25519 255 eesecret2BUNg="
everything is good and I can connect to the remote server

2) If I open PowerShell and pass the values user@server like this
.\WinSCP.exe sftp://user@10.230.123.30/ /hostkey="ssh-ed25519 255 eesecret2BUNg="
a window pops up asking for password. I enter the password manually and the window says "Access denied".

I'm on version 5.17.10

Cannot tell if it's related to the hostkey ssh-ed25519 255 or if affects all key type as I only have this environment.

Thank you

Access denied.png

Reply with quote

Advertisement

francesco84mantovani@gmail.com
Joined:
Posts:
9
Location:
Lausanne

More logs

I forgot to mention that I discovered this bug while using the PowerShell code that you put in this page https://winscp.net/eng/docs/library_from_script

fails with error:

Error: Exception calling "Open" with "1" argument(s): "Connection has been unexpectedly closed. Server sent command exit status 0.
Authentication log (see session log for details):
Using username "user".
Access denied.

Authentication failed."

Reply with quote

francesco84mantovani@gmail.com
Joined:
Posts:
9
Location:
Lausanne

I made a video

Hello,
I hope this might help you see the big picture. I took a video in which you can see as the same line of code works with password but fails without password.

Even if I copy/paste the same password from the previous line the login fails.

I believe there must be a problem in the concatenation because
user:password@server
works while
user@server
and adding the password later when prompted it doesn't.

The same problem also affect not only the
WinSCP.exe
but also the
WinSCPnet.dll
when used with the PowerShell script you mention in your guides.

Cannot tell if it's related to
/hostkey="ssh-ed25519 255
as I cannot test it with other environments.

Let me know if you need any information.

Testing.gif

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
36,052
Location:
Prague, Czechia

Re: .\WinSCP.exe command without password fails

Add /loglevel=* to WinSCP commandline to enable password logging and compare the logs, to check if the same password is really used in both cases. Is there any special character in the password?

Reply with quote

Advertisement

francesco84mantovani@gmail.com
Joined:
Posts:
9
Location:
Lausanne

"%" in password makes login fail

I found the bug!
yes, we have a "%" in the password.
In the logs I noticed that the password in plain text switched the "%24" to a "$".

But there is definelty a bug.
  • Passing the password in line.log (20.95 KB, Private file)
  • Entering the passwod manually.log (5.25 KB, Private file)

Reply with quote

francesco84mantovani@gmail.com
Joined:
Posts:
9
Location:
Lausanne

All good

All good, you can close this topic as it works as expected.
However I find strange that you wan to keep the software behave in that way.
I still have a problem with PowerShell.
I will open another topic.

Thank you

Reply with quote

Advertisement

You can post new topics in this forum