What are the chances that WinSCP by itself changes the user ID for the connection? WinSCP 6.3.3

Advertisement

mkempes
Joined:
Posts:
1
Location:
Florida

What are the chances that WinSCP by itself changes the user ID for the connection? WinSCP 6.3.3

Please forgive me for such unreasonable question. I need to find the root cause for an instance where a wrong user ID was used to connect to a remote site (using the same host) and provide to client. All information pertaining to the client have been removed and using fictitious names.
The connection is started by a task in the task scheduler which in turn runs a batch that calls the connection in WinSCP.
As per vendor in this only instance where connection failed, the wrong ID was used to try to connect to their site using the authentication method of: publickey,password. Since I cannot provide full details, let say use this information:
Failed attempt with wrong user id and authentication method being used is public and password.:
2024-02-07 05:00:02.424 Host key matches cached key
. 2024-02-07 05:00:02.424 Initialised AES-256 SDCTR client->server encryption
. 2024-02-07 05:00:02.424 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2024-02-07 05:00:02.424 Initialised AES-256 SDCTR server->client encryption
. 2024-02-07 05:00:02.424 Initialised HMAC-SHA-256 server->client MAC algorithm
! 2024-02-07 05:00:02.565 Using username "WrongExtraTextAppended_Right_UserID".
. 2024-02-07 05:00:02.612 Server offered these authentication methods: publickey,password
. 2024-02-07 05:00:02.612 Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2024-02-07 05:00:12.671 Disconnected: Unable to authenticate
Failed attempt with wrong user id  userid: WrongExtraTextAppended_Right_UserID, authentication complete: false, EVENT: -16,776,961 - EVENT_DISCONNECTED
In this is the log where connection was successful (with the Right User ID and authentication method Public Key.
. 2024-02-07 12:16:47.984 Host key matches cached key
. 2024-02-07 12:16:47.984 Initialised AES-256 SDCTR client->server encryption
. 2024-02-07 12:16:47.984 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2024-02-07 12:16:47.984 Initialised AES-256 SDCTR server->client encryption
. 2024-02-07 12:16:47.984 Initialised HMAC-SHA-256 server->client MAC algorithm
. 2024-02-07 12:16:48.097 Reading key file "X:\_Folder\SubFolder\Client_Private Key_2.ppk"
! 2024-02-07 12:16:48.097 Using username " Right_UserID ".
. 2024-02-07 12:16:48.143 Server offered these authentication methods: publickey
. 2024-02-07 12:16:48.143 Offered public key
. 2024-02-07 12:16:48.300 Offer of public key accepted
! 2024-02-07 12:16:48.300 Authenticating with public key "Client_SSH-RSA-KEY 2048 MM/DD/YYYY"
. 2024-02-07 12:16:48.378 Sent public key signature
. 2024-02-07 12:16:48.425 Access granted
. 2024-02-07 12:16:48.425 Opening session as main channel
. 2024-02-07 12:16:48.472 Opened main channel
. 2024-02-07 12:16:48.652 Started a shell/command
Description: The file contains a screenshot of the GUI for more detail for the questions.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,286
Location:
Prague, Czechia

Re: What are the chances that WinSCP by itself changes the user ID for the connection? WinSCP 6.3.3

At the very least, please post complete logs from both scenarios.

Reply with quote

Advertisement

You can post new topics in this forum