Cannot connect with SFTP plugin using a private key file

English support forum

Moderators: white, Hacker, petermad, Stefan2

mmatrosov
Junior Member
Junior Member
Posts: 14
Joined: 2013-01-04, 19:07 UTC
Location: Russia

Cannot connect with SFTP plugin using a private key file

Post by *mmatrosov »

I create a new SFTP connection and specify a private key file (*.pem). When I am trying to connect, the progress bar goes to "Getting supported authentication methods..." step and then disappears. Nothing happens then.

If I auth with Pageant, the connection works fine.
User avatar
Dalai
Power Member
Power Member
Posts: 9364
Joined: 2005-01-28, 22:17 UTC
Location: Meiningen (Südthüringen)

Re: Cannot connect with SFTP plugin using a private key file

Post by *Dalai »

Does your private key file (.pem) look like this

Code: Select all

-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----
?
Can you use the same key file in a different SSH client (like 'ssh' command on any Linux or maybe WinSCP)? How did you generate the key pair? Note that PuTTY (.ppk) files won't work.

Regards
Dalai
#101164 Personal licence
Ryzen 5 2600, 16 GiB RAM, ASUS Prime X370-A, Win7 x64

Plugins: Services2, Startups, CertificateInfo, SignatureInfo, LineBreakInfo - Download-Mirror
User avatar
sqa_wizard
Power Member
Power Member
Posts: 3854
Joined: 2003-02-06, 11:41 UTC
Location: Germany

Re: Cannot connect with SFTP plugin using a private key file

Post by *sqa_wizard »

Do a doubleclick on the tiny window above the drive button bar to have a look at the created log located at:
c:\Users\<your name>\AppData\Local\Temp\_tc\wcftplog.txt
#5767 Personal license
mmatrosov
Junior Member
Junior Member
Posts: 14
Joined: 2013-01-04, 19:07 UTC
Location: Russia

Re: Cannot connect with SFTP plugin using a private key file

Post by *mmatrosov »

Dalai wrote: 2021-05-20, 21:50 UTC Does your private key file (.pem) look like this?
Yes.
Dalai wrote: 2021-05-20, 21:50 UTC Can you use the same key file in a different SSH client (like 'ssh' command on any Linux or maybe WinSCP)?
Yes. I tried with windows ssh and with WinSCP.
Dalai wrote: 2021-05-20, 21:50 UTC How did you generate the key pair?
AWS generated it for me.
sqa_wizard wrote: 2021-05-20, 22:02 UTC Do a doubleclick on the tiny window above the drive button bar to have a look at the created log located at:
Can't find anything like this, sorry.
sqa_wizard wrote: 2021-05-20, 22:02 UTC c:\Users\<your name>\AppData\Local\Temp\_tc\wcftplog.txt
The _tc directory is there but it is empty.
User avatar
sqa_wizard
Power Member
Power Member
Posts: 3854
Joined: 2003-02-06, 11:41 UTC
Location: Germany

Re: Cannot connect with SFTP plugin using a private key file

Post by *sqa_wizard »

It is a little bit tricky to see the log if the connection fails.
Just have to know that the log is continued with each connection (sftp or ftp).

First try your bad connection without success.
Next try another one which is save (e.g. FTP to ftp.mozilla.org (anonymous user) )
While this connection is established do a doubleclick on the tiny window above the drive button bar to have a look at the created log (incl. the failed sftp)
#5767 Personal license
mmatrosov
Junior Member
Junior Member
Posts: 14
Joined: 2013-01-04, 19:07 UTC
Location: Russia

Re: Cannot connect with SFTP plugin using a private key file

Post by *mmatrosov »

sqa_wizard wrote: 2021-05-21, 21:45 UTC First try your bad connection without success.
Next try another one which is save (e.g. FTP to ftp.mozilla.org (anonymous user) )
While this connection is established do a doubleclick on the tiny window above the drive button bar to have a look at the created log (incl. the failed sftp)
Ok, it worked. But there isn't much there:

Code: Select all

DISCONNECT \MYHOST
========================
Connecting to: 11.22.33.44
IP address: 11.22.33.44:22
Server fingerprint:
73 61 5A A6 0C 90 E3 CA DC 25 80 25 13 5A 5C 0C
Supported authentication methods: publickey,gssapi-keyex,gssapi-with-mic
========================
User avatar
NoSubstitute
Junior Member
Junior Member
Posts: 47
Joined: 2012-02-08, 10:45 UTC
Location: Malmö, Sweden

Re: Cannot connect with SFTP plugin using a private key file

Post by *NoSubstitute »

SFTP plugin works for me, as I just tested with an exported putty key, and I could connect fine, without the putty agent.
UncleBO
Junior Member
Junior Member
Posts: 8
Joined: 2021-10-28, 16:52 UTC

Re: Cannot connect with SFTP plugin using a private key file

Post by *UncleBO »

Hello.
I hope you can help me. Probably after updating to TC 10 (not sure however) my SFTP connection started reporting "Authentication of client certificate failed" after I enter correct passphrase in the corresponding window. Nothing happened to public/private files on my Windows 10 PC. When this isuue started to happen I've updateed to version 2.80 of SFTP plugin. Updating to the latest version didn't solve my problem. Putty connects OK using the same keyset.
Public key looks like "ssh-rsa AAAA........." while private key looks like
"-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,FDF6CAA8B0D04843

RVMQHLjD1rPeDzbaaOChBOo0Dhu2vi9sWjybiEQy6o5q5/lT9HljDOfEyrLwXnYS
many lines
-----END RSA PRIVATE KEY-----".
Any ideas?
User avatar
NoSubstitute
Junior Member
Junior Member
Posts: 47
Joined: 2012-02-08, 10:45 UTC
Location: Malmö, Sweden

Re: Cannot connect with SFTP plugin using a private key file

Post by *NoSubstitute »

That's what the keys should look like.
SFTP plugin (2.80) works fine for me.
UncleBO
Junior Member
Junior Member
Posts: 8
Joined: 2021-10-28, 16:52 UTC

Re: Cannot connect with SFTP plugin using a private key file

Post by *UncleBO »

2NoSubstitute
What TC and Windows versions do you run?
User avatar
NoSubstitute
Junior Member
Junior Member
Posts: 47
Joined: 2012-02-08, 10:45 UTC
Location: Malmö, Sweden

Re: Cannot connect with SFTP plugin using a private key file

Post by *NoSubstitute »

TC x64 10.00
Windows 10, 19043.1288
User avatar
Dalai
Power Member
Power Member
Posts: 9364
Joined: 2005-01-28, 22:17 UTC
Location: Meiningen (Südthüringen)

Re: Cannot connect with SFTP plugin using a private key file

Post by *Dalai »

2UncleBO
It looks like your private key has a password. Did you try a private key without password? As per my quick tests, it should also work with password, but I'd start with small steps.

Regards
Dalai
#101164 Personal licence
Ryzen 5 2600, 16 GiB RAM, ASUS Prime X370-A, Win7 x64

Plugins: Services2, Startups, CertificateInfo, SignatureInfo, LineBreakInfo - Download-Mirror
UncleBO
Junior Member
Junior Member
Posts: 8
Joined: 2021-10-28, 16:52 UTC

Re: Cannot connect with SFTP plugin using a private key file

Post by *UncleBO »

2Dalai
Thanks for answering. It worked OK with a password in private key earlier. I don't understand what happened and when. It maybe a server update (hosting provider is Pair) or my Windows 10 got an update which "confused" SFTP plugin. Anyway, I removed a password from my private key but that didn't help. By the way I got the same "Authentication of client certificate failed" error on another Windows 10 PC with TC10 with SFTP 2.80 as well. My colleague on Mac doesn't experience such behavior. And Putty on my PC connects OK with the same keyset while TC10 with SFTP 2.80 doesn't. I tried TC9.5 with SFTP 2.80 - no luck. I'm using Windows 10.0.19043.1288. Any more ideas?
User avatar
Dalai
Power Member
Power Member
Posts: 9364
Joined: 2005-01-28, 22:17 UTC
Location: Meiningen (Südthüringen)

Re: Cannot connect with SFTP plugin using a private key file

Post by *Dalai »

Did you try the SFTP plugin's XP version? You may need additional OpenSSL DLLs but it works without the Windows encryption (SChannel?) components.

BTW, I don't know how you use the same keyset in PuTTY since PuTTY uses its own .ppk files, not separate private/public key files in OpenSSH format like the SFTP plugin does. It might have been converted to the other format, and technically they have the same fingerprint, but IMO it's still not the same.

Regards
Dalai
#101164 Personal licence
Ryzen 5 2600, 16 GiB RAM, ASUS Prime X370-A, Win7 x64

Plugins: Services2, Startups, CertificateInfo, SignatureInfo, LineBreakInfo - Download-Mirror
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Re: Cannot connect with SFTP plugin using a private key file

Post by *ghisler(Author) »

First, the SFTP plugin does support encrypted private keys, and it is advised to use them.

Second, it may be a mismatch between the used encryption method and host key. Your key is RSA, but your server may be using elliptic curves for the key exchange. You may need to create a new private key for the used encryption method.
Author of Total Commander
https://www.ghisler.com
Post Reply