Hello,
I have set up my Raspberry with SSH and Keyfile login (password protected).
I have used WinSCP, it took my private OpenSSH Keyfile (format) and converted it into a Putty format key. I have now tried both key formats but I can't log into my Raspberry. I don't get the prompt for the Keyfile password.
Log:
Server version: SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 -
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users-----\Documents\SSH-Identity\Identity.ppk"
Unable to load private key (file format error)
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
If I use the OpenSSH-2 Key format, similar message:
Unable to use this key file (OpenSSH SSH-2 private key)
Still doesn't work. I tried the already converted key from WinSCP, then the original keyfile.
Unable to load private key (file format error)
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Without any issue. I can also load the original keyfile and get the message "Successfully imported foreign key (OpenSSH SSH-2 private key (new format))..."
I can also load the keyfile converted automatically via WinSCP
Hi, I have the same problem with using my SSH private keys. I generated mine using ssh-keygen long time ago and tried the conversion with puttygen to putty's own format. Both file formats throw errors in DOpus' FTP Log.
I have several different servers to test the FTP feature with.
This is the FTP log for three different server connect attempts using the SFTP protocol.
Server A
Opening Connection XXXXXXXX
Server version: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXX"
Unable to use this key file (OpenSSH SSH-2 private key)
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
Server B
Opening Connection XXXXXXXXXX
Server version: SSH-2.0-OpenSSH_7.4
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXXXXXXX"
Unable to use this key file (OpenSSH SSH-2 private key)
Disconnected: Unable to authenticate
SSH: Unable to authenticate
Connection closed
Server C
Opening Connection XXXXXXXXXXXXXX
Server version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u8
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXXXXX"
Unable to use this key file (OpenSSH SSH-2 private key)
Disconnected: Unable to authenticate
SSH: Unable to authenticate
Connection closed
BTW:
While editing my FTP bookmarks I also noticed that changes are not really applied in a Listener window. I had to refresh the window by hitting F5. Just a heads up and maybe something that could be fixed in a future update.
Sure, so I changed all the server bookmarks to use the converted ssh key (putty file format) now:
Server A
Opening Connection XXXXXXXX
Server version: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXXXXXX"
Offered public key
Server refused our key
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
Server B
Opening Connection XXXXXXX
Server version: SSH-2.0-OpenSSH_7.4
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXX"
Offered public key
Server refused our key
Disconnected: Unable to authenticate
SSH: Unable to authenticate
Connection closed
Server C
Opening Connection XXXXXXXXXX
Server version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u8
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 XXXXXXXXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading private key file "C:\Users\XXXXXXXXXXX"
Offered public key
Server refused our key
Disconnected: Unable to authenticate
SSH: Unable to authenticate
Connection closed
Oh wait ... is this basically a totally different key pair now? Like should I put the putty's pub key on my servers?
AFAIK the server side key should not need to change (unless there's more to the issue than just the client side key format; e.g. it may be using a different algorithm or something as well).
When I've done this with my own keys/servers, I only had to make the server side key once, then converted the client side key to the putty format. (At least as far as I can remember. It was a few years ago.)
This surprised me as well. My understanding is that the key should only be transformed into another file format instead of creating an unrelated or maybe even derived key pair.