Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Advertisement

jsszheng
Guest

Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Hi,
I use this command to connect to server by SCP through tunnel, but the command didn't take the TunnelPasswordPlain settting, it still ask me to put password manually, can you please tell me why? My command is like below:
C:\Program Files (x86)\WinSCP\WinSCP.exe scp://1.1.1.1/config/ssl/ /username=my_usn /password=my_pwd /rawsettings Shell="bash" Tunnel=1 TunnelHostName=8.8.8.8 TunnelPortNumber=22 TunnelUserName=my_tunnel_usn TunnelPasswordPlain=my_tunnel_pwd
Thank you very much,
James

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
38,408
Location:
Prague, Czechia

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Your command line looks god to me. Except that it misses double-quotes around the WinSCP.exe path. When I fix that, the tunnel password is propagated correctly to WinSCP.

Please attach a full session log file showing the problem (using the latest version of WinSCP).

To generate the session log file, use /log=C:\path\to\winscp.log command-line argument. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

jsszheng
Guest

Log

. 2022-11-15 21:46:50.265 --------------------------------------------------------------------------
. 2022-11-15 21:46:50.266 WinSCP Version 5.21.2 (Build 12723 2022-08-08) (OS 10.0.19042 - Windows 10 Enterprise)
. 2022-11-15 21:46:50.268 Configuration: C:\Users\myusername\AppData\Roaming\WinSCP.ini
. 2022-11-15 21:46:50.268 Log level: Normal
. 2022-11-15 21:46:50.268 Local account: ABC\myussername
. 2022-11-15 21:46:50.268 Working directory: C:\Users\myusername\PycharmProjects\ALWSCP
. 2022-11-15 21:46:50.268 Process ID: 11916
. 2022-11-15 21:46:50.268 Ancestor processes: python, pycharm64, explorer, ...
. 2022-11-15 21:46:50.270 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" scp://2.2.2.2/config/ssl/ /username=myusername /password=*** /log=C:\Users\myusername\Desktop\winscp.log /rawsettings Shell=bash Tunnel=1 TunnelHostName=1.1.1.1 TunnelPortNumber=22 TunnelUserName=mytunnelusername TunnelPasswordPlain=***
. 2022-11-15 21:46:50.271 Time zone: Current: GMT-5, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/13/2022, DST End: 11/6/2022
. 2022-11-15 21:46:50.271 Login time: Tuesday, November 15, 2022 9:46:50 PM
. 2022-11-15 21:46:50.271 --------------------------------------------------------------------------
. 2022-11-15 21:46:50.272 Session name: myusername@2.2.2.2 (Ad-Hoc site)
. 2022-11-15 21:46:50.272 Host name: 2.2.2.2 (Port: 22)
. 2022-11-15 21:46:50.272 User name: myusername (Password: Yes, Key file: No, Passphrase: No)
. 2022-11-15 21:46:50.272 Tunnel: Yes
. 2022-11-15 21:46:50.272 Tunnel: Host name: 1.1.1.1 (Port: 22)
. 2022-11-15 21:46:50.272 Tunnel: User name: mytunnelusername (Password: No, Key file: No)
. 2022-11-15 21:46:50.272 Tunnel: Local port number: 0
. 2022-11-15 21:46:50.272 Transfer Protocol: SCP
. 2022-11-15 21:46:50.272 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2022-11-15 21:46:50.272 Disable Nagle: No
. 2022-11-15 21:46:50.272 Proxy: None
. 2022-11-15 21:46:50.272 Send buffer: 262144
. 2022-11-15 21:46:50.272 Compression: No
. 2022-11-15 21:46:50.272 Bypass authentication: No
. 2022-11-15 21:46:50.272 Try agent: Yes; Agent forwarding: No; KI: Yes; GSSAPI: Yes
. 2022-11-15 21:46:50.272 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom: 
. 2022-11-15 21:46:50.272 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2022-11-15 21:46:50.272 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2022-11-15 21:46:50.272 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2022-11-15 21:46:50.272 Simple channel: Yes
. 2022-11-15 21:46:50.272 Return code variable: Autodetect; Lookup user groups: Auto
. 2022-11-15 21:46:50.272 Shell: bash
. 2022-11-15 21:46:50.272 EOL: LF, UTF: Auto
. 2022-11-15 21:46:50.272 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2022-11-15 21:46:50.273 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2022-11-15 21:46:50.273 Local directory: default, Remote directory: /config/ssl/, Update: Yes, Cache: Yes
. 2022-11-15 21:46:50.273 Cache directory changes: Yes, Permanent: Yes
. 2022-11-15 21:46:50.273 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2022-11-15 21:46:50.273 DST mode: Unix;Timezone offset: 0h 0m
. 2022-11-15 21:46:50.273 --------------------------------------------------------------------------
. 2022-11-15 21:46:50.802 Opening tunnel.
. 2022-11-15 21:46:50.805 Autoselected tunnel local port number 50019
. 2022-11-15 21:46:50.828 [Tunnel] Looking up host "1.1.1.1" for SSH connection
. 2022-11-15 21:46:50.828 [Tunnel] Connecting to 1.1.1.1 port 22
. 2022-11-15 21:46:50.847 [Tunnel] Connected to 1.1.1.1
. 2022-11-15 21:46:50.874 [Tunnel] We claim version: SSH-2.0-WinSCP_release_5.21.2
. 2022-11-15 21:46:50.874 [Tunnel] Connected to 1.1.1.1
. 2022-11-15 21:46:50.880 [Tunnel] Remote version: SSH-2.0-OpenSSH_7.4
. 2022-11-15 21:46:50.880 [Tunnel] Using SSH protocol version 2
. 2022-11-15 21:46:50.883 [Tunnel] Have a known host key of type ssh-ed25519
. 2022-11-15 21:46:50.915 [Tunnel] Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2022-11-15 21:46:51.004 [Tunnel] Server also has ecdsa-sha2-nistp256/rsa-sha2-512/rsa-sha2-256/ssh-rsa host keys, but we don't know any of them
. 2022-11-15 21:46:51.005 [Tunnel] Host key fingerprint is:
. 2022-11-15 21:46:51.005 [Tunnel] ssh-ed25519 255 SHA256:1pzORLAq4va5if55iIs2NVD4fXVNkRzP0uUFS38FJds
. 2022-11-15 21:46:51.066 [Tunnel] Host key matches cached key
. 2022-11-15 21:46:51.068 [Tunnel] Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2022-11-15 21:46:51.068 [Tunnel] Initialised HMAC-SHA-256 outbound MAC algorithm
. 2022-11-15 21:46:51.068 [Tunnel] Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2022-11-15 21:46:51.068 [Tunnel] Initialised HMAC-SHA-256 inbound MAC algorithm
! 2022-11-15 21:46:51.091 [Tunnel] Using username "mytunnelUsername".
. 2022-11-15 21:46:51.169 [Tunnel] Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2022-11-15 21:46:51.169 [Tunnel] Using SSPI from SECUR32.DLL
. 2022-11-15 21:46:51.169 [Tunnel] Trying gssapi-with-mic...
. 2022-11-15 21:46:51.169 [Tunnel] Attempting GSSAPI authentication
. 2022-11-15 21:46:51.188 [Tunnel] GSSAPI authentication request refused
. 2022-11-15 21:46:51.188 [Tunnel] Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2022-11-15 21:46:51.188 [Tunnel] Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2022-11-15 21:46:51.188 [Tunnel] Prompting user for the credentials.
. 2022-11-15 21:48:51.107 Error opening tunnel.
. 2022-11-15 21:48:51.107 [Tunnel] Closing connection.
* 2022-11-15 21:48:51.138 (ESshFatal)

TunnelPwdPrompt.PNG

Reply with quote

jsszheng
Guest

I still got Tunnel password prompt

Thanks Martin, I can start the WinSCP without issue, so quote should not be an issue, it just didn't take the TunnelPasswordPlain="mytunnelpwd". I pasted the log and attached Tunnel Password Prompt screenshot above for your reference. What version did you test and tunnel password was taken?

Thanks,
James

Reply with quote

jsszheng
Guest

If I put tunnel password manually the session will be connected

More information, if I type tunnel password manually on the prompt then the session will be connected automatically.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
38,408
Location:
Prague, Czechia

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

If I run your command using the latest version of WinSCP form a batch file (with quotes added), it just works.

But I see in the log that you execute the command from Python.
I guess that's the missing piece, you didn't tell us about. Python probably passes something else to WinSCP than what you believe. Show us your Python code. You can also try enabling password logging (/loglevel=*) to see the real WinSCP command-line in the log. But ultimately, this is likely Python rather than WinSCP question.

Reply with quote

jsszheng
Guest

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Thanks Martin, it is not python issue, python the run WinSCP.exe within externally. I run the command from cmd and also popup tunnel password prompt, after I put tunnel password manually, the rest of connect can be completed automatically, please see the screenshot. It just didn't take the tunnel password as rawsetting.

run_from_cmd.PNG

Reply with quote

jsszheng
Guest

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Can you please paste the batch file that you ran here?

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
38,408
Location:
Prague, Czechia

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

If I run your exact command (just with enabled password logging):
WinSCP.exe /log=winscp.log /loglevel=* scp://example.com/config/ssl/ /username=username /password=password /rawsettings Shell="bash" Tunnel=1 TunnelHostName=tunnel.example.com TunnelPortNumber=22 TunnelUserName=tunnelusername TunnelPasswordPlain=tunnelpassword
I see in the log that the tunnel password is taken correctly:
. 2022-11-21 12:59:31.073 Tunnel: User name: tunnelusername (Password: tunnelpassword, Key file: No)
What do you get in the log if you do the same? Using the latest version of WinSCP (though I seem to be getting the same results even with 5.21.2).

Reply with quote

Advertisement

jsszheng
Guest

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Thanks Martin, it still didn't take the password, still prompted for tunnel password, please see the log below:
. 2022-11-21 23:03:31.261 --------------------------------------------------------------------------
. 2022-11-21 23:03:31.262 WinSCP Version 5.21.5 (Build 12858 2022-10-06) (OS 10.0.19042 - Windows 10 Enterprise)
. 2022-11-21 23:03:31.264 Configuration: C:\Users\323333765\AppData\Roaming\WinSCP.ini
. 2022-11-21 23:03:31.264 Log level: Normal, Logging passwords
. 2022-11-21 23:03:31.264 Local account: MAPLE\323333765
. 2022-11-21 23:03:31.264 Working directory: C:\Program Files (x86)\WinSCP
. 2022-11-21 23:03:31.264 Process ID: 10100
. 2022-11-21 23:03:31.288 Ancestor processes: cmd, explorer, ...
. 2022-11-21 23:03:31.289 Command-line: WinSCP.exe  /log=C:\Users\username\winscp.log /loglevel=* scp://1.1.1.1/config/ssl/ /username=username /password=mypassword /rawsettings Shell="bash" Tunnel=1 TunnelHostName=2.2.2.2 TunnelPortNumber=22 TunnelUserName=mytunnelusername TunnelPasswordPlain=mytunnelpassword
. 2022-11-21 23:03:31.300 Time zone: Current: GMT-5, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/13/2022, DST End: 11/6/2022
. 2022-11-21 23:03:31.300 Login time: Monday, November 21, 2022 11:03:31 PM
. 2022-11-21 23:03:31.301 --------------------------------------------------------------------------
. 2022-11-21 23:03:31.301 Session name: username@1.1.1.1 (Ad-Hoc site)
. 2022-11-21 23:03:31.301 Host name: 1.1.1.1 (Port: 22)
. 2022-11-21 23:03:31.301 User name: username (Password: mypassword, Key file: No, Passphrase: No)
. 2022-11-21 23:03:31.301 Tunnel: Yes
. 2022-11-21 23:03:31.301 Tunnel: Host name: 2.2.2.2 (Port: 22)
. 2022-11-21 23:03:31.301 Tunnel: User name: mytunnelusername (Password: No, Key file: No)
. 2022-11-21 23:03:31.301 Tunnel: Local port number: 0
. 2022-11-21 23:03:31.301 Transfer Protocol: SCP
. 2022-11-21 23:03:31.301 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2022-11-21 23:03:31.301 Disable Nagle: No
. 2022-11-21 23:03:31.301 Proxy: None
. 2022-11-21 23:03:31.301 Send buffer: 262144
. 2022-11-21 23:03:31.301 Compression: No
. 2022-11-21 23:03:31.301 Bypass authentication: No
. 2022-11-21 23:03:31.301 Try agent: Yes; Agent forwarding: No; KI: Yes; GSSAPI: Yes
. 2022-11-21 23:03:31.301 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom: 
. 2022-11-21 23:03:31.301 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2022-11-21 23:03:31.301 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2022-11-21 23:03:31.301 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2022-11-21 23:03:31.301 Simple channel: Yes
. 2022-11-21 23:03:31.302 Return code variable: Autodetect; Lookup user groups: Auto
. 2022-11-21 23:03:31.302 Shell: bash
. 2022-11-21 23:03:31.302 EOL: LF, UTF: Auto
. 2022-11-21 23:03:31.302 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2022-11-21 23:03:31.302 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2022-11-21 23:03:31.302 Local directory: default, Remote directory: /config/ssl/, Update: Yes, Cache: Yes
. 2022-11-21 23:03:31.302 Cache directory changes: Yes, Permanent: Yes
. 2022-11-21 23:03:31.302 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2022-11-21 23:03:31.302 DST mode: Unix;Timezone offset: 0h 0m
. 2022-11-21 23:03:31.302 --------------------------------------------------------------------------
. 2022-11-21 23:03:31.771 Opening tunnel.
. 2022-11-21 23:03:31.772 Autoselected tunnel local port number 50069
. 2022-11-21 23:03:31.804 [Tunnel] Looking up host "2.2.2.2" for SSH connection
. 2022-11-21 23:03:31.804 [Tunnel] Connecting to 2.2.2.2 port 22
. 2022-11-21 23:03:31.828 [Tunnel] Connected to 2.2.2.2
. 2022-11-21 23:03:31.850 [Tunnel] We claim version: SSH-2.0-WinSCP_release_5.21.5
. 2022-11-21 23:03:31.850 [Tunnel] Connected to 2.2.2.2
. 2022-11-21 23:03:31.864 [Tunnel] Remote version: SSH-2.0-OpenSSH_7.4
. 2022-11-21 23:03:31.864 [Tunnel] Using SSH protocol version 2
. 2022-11-21 23:03:31.867 [Tunnel] Have a known host key of type ssh-ed25519
. 2022-11-21 23:03:31.913 [Tunnel] Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2022-11-21 23:03:32.013 [Tunnel] Server also has ecdsa-sha2-nistp256/rsa-sha2-512/rsa-sha2-256/ssh-rsa host keys, but we don't know any of them
. 2022-11-21 23:03:32.013 [Tunnel] Host key fingerprint is:
. 2022-11-21 23:03:32.013 [Tunnel] ssh-ed25519 255 SHA256:1pzORLAq4va5if55iIs2NVD4fXVNkRzP0uUFS38FJds
. 2022-11-21 23:03:32.038 [Tunnel] Host key matches cached key
. 2022-11-21 23:03:32.040 [Tunnel] Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2022-11-21 23:03:32.040 [Tunnel] Initialised HMAC-SHA-256 outbound MAC algorithm
. 2022-11-21 23:03:32.040 [Tunnel] Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2022-11-21 23:03:32.040 [Tunnel] Initialised HMAC-SHA-256 inbound MAC algorithm
! 2022-11-21 23:03:32.066 [Tunnel] Using username "mytunnelusername".
. 2022-11-21 23:03:32.121 [Tunnel] Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2022-11-21 23:03:32.121 [Tunnel] Using SSPI from SECUR32.DLL
. 2022-11-21 23:03:32.121 [Tunnel] Trying gssapi-with-mic...
. 2022-11-21 23:03:32.121 [Tunnel] Attempting GSSAPI authentication
. 2022-11-21 23:03:32.146 [Tunnel] GSSAPI authentication request refused
. 2022-11-21 23:03:32.146 [Tunnel] Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic,password
. 2022-11-21 23:03:32.146 [Tunnel] Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2022-11-21 23:03:32.146 [Tunnel] Prompting user for the credentials.

Description: run from cmd

Winscp_exe_cli.PNG

Winscp_exe_cli.PNG

Reply with quote

jsszheng
Guest

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Thanks Martin, yes I have password disabled setting on registry, I have no permission to change it. Is this the reason? But why was session password taken? Only tunnel password was not taken.

reg_pwd_disabled.PNG

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
38,408
Location:
Prague, Czechia

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Can you send me an email, so I can send you back a development version of WinSCP for testing? Please include a link back to this topic in your email. Also note in this topic that you have sent the email. Thanks.

You will find my address (if you log in) in my forum profile.

Reply with quote

Advertisement

Guest

Re: Command-line didn't take the TunnelPasswordPlain="tunnel_pwd"

Thank you so much, it fixed the tunnel password cannot be taken issue with the 6.0dev version, the tunnel password was taken and I am able to start a session from cmd and login automatically.

Let me know when you release the official fixed version.

Thanks,
James

Reply with quote

Advertisement

You can post new topics in this forum