I'm not sure how to solve that, sorry. If the key wasn't working via other methods then the error messages would make me think the server doesn't like public key authentication at all, but that can't be true if it is working in another client.
Guess I'll have to stay on Linux with that one. Alright, thank you.
@Leo I just found out that there's a port of OpenSSH for Windows, here:
I tested the ssh.exe and scp.exe in the latest release, they both work where PuTTY would not. Is it possible to include this in Dopus instead or in addition and provide a GUI?
It's quite strange if the server won't work with PuTTY, even the latest version of PuTTY (which is newer than what's in Opus). PuTTY is extremely common.
Swapping out the SSH library we use is non-trivial, although it is something we're considering for other reasons (as the PuTTY code is not really designed to be a library and quite time consuming to keep up-to-date). It's not something we would do for compatibility with one server (and where the issue isn't really understood yet), but it's something that may happen anyway. Not in the extremely near future, however, as it's not a trivial change.
1 Like
I was using a Linux jump host till now, did not realize there was a Windows port - accessing everything from the main workstation is much more convenient than moving files around to a network share and copying off of it on a different host. Not to mention I cannot use Dopus during maintenance because SMB gets locked up lol.
I don't know why PuTTY doesn't accept the original files in the first place but needs conversion, seems like a kludge in an otherwise reliable app. I think PuTTY is screwing up something with the keys or I'm using the conversion tool incorectly.
The rough timeline I presume means the next couple of years?
We have upgraded the version of PuTTY our SSH support is based on in 12.26.3 beta - this apparently should support the new OpenSSH-format keyfiles, if you'd like to give it a try.
Sorry for the delay.
I've previously been unable to get it working with PuTTY, which is still on the same version as it was then, so any solution based on PuTTY will probably not work as well. When importing the key into PuTTY Key Generator, it only asks/takes my private key as far as I can tell.
Either I'm using it incorrectly or PuTTY doesn't support it. OpenSSH port for Windows works beautifully (scp.exe or ssh.exe), but no integration in Dopus.
PuTTY’s keygen tool can load and convert both public and private keys, if I remember correctly.
They would be done separately, except you usually only need the private key on the client side. The server side has the other half and is unlikely to need that to be in PuTTY’s key file format.
(You may also be able to derive the public key from the private key. It’s been a while since I did any of this. But you shouldn’t need the public key at all on the client side.)
I don't see where to load the public keys in the key generator, it only offers loading of private key, it can SAVE public key, but not load it, which doesn't help. I tried loading public key under private but it rejects it, of course ("Couldn't load private key (SSH-2 public key (OpenSSH format))").
It can indeed derive the public key from private, but it cannot sign it. It needs to send the genuine public key to the server to verify against CA.
You don't need to load or convert a public key at all. You only need the private key on the client side.
Think of the private key as the password. The public key is just the thing that the server (or anyone else) can use to verify you have the private key (without needing to know what the private key is).
If you only have the public key then you can't use that to log into a server, no matter what format it's in or which software you use.
If I have just public key, then it doesn't work, I need the public key as well, the server does not have my public key, it just verifies that the CA has signed it, whatever the actual public/private key is. If I remove the public key, then it does not work with OpenSSH either.
Hi,
I'm currently in the trial period for DOpus, using 2.27, but I was having the same issues with public key / private key auth via SFTP that were happening on previous versions.
If I try to load the host's provided OpenSSH SSH-2 key directly, I get the expected error:
Unable to use this key file (OpenSSH SSH-2 private key (new format))
If I use the current version of puttygen.exe to load this key file and save it as a .ppk in the host's required DSA format, then DOpus throws these errors in the console:
Unable to load key (PuTTY key format too new)
...
Disconnected: No supported authentication methods available (server sent: publickey)
This occurs whether the private key file has a key passphrase assigned or not.
Using the old version of puttygen.exe linked in Leo's post from Jul 26, 2021 to generate the local private key in .ppk format does however work, even with a passphrase assigned to the key.
While I'm grateful to have a working solution, it's not ideal to have to keep an old version of puttygen around just for DOpus. May I please ask if you're planning to support the new format of ppk key file in the future?
Thanks for reporting that. We'll look into it. I'm surprised that the new puttygen format isn't working after the updates in 12.27.
In Puttygen, select the Parameters for saving key files command from the Key menu:
And change the key version to 2:
I have retested this with new Putty version, it now works with Putty as well, what am I supposed to do to get it working with Dopus 13? I still see only a place to configure one file in settings... Is this still unsupported?
Which error are you seeing? There have been a couple of different issues discussed in this thread.
Reading key file "C:\Test.ppk"
Unable to load key (PuTTY key format too new)
Unable to load key file "C:\Test.ppk" (PuTTY key format too new)
Using username "root".
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
However only one file is able to be selected, unless I'm missing something...
The key needs to be saved out in V2 format, as Jon showed above.
Load it into PuttyGen, set the format to V2, then save it back out again.
You only need to select one file: the V2 version of the key.
Saving a V2 version of it doesn't break the V3 version; you can use them both in different software (or can probably use the V2 key in everything if you want only one file).
Using v2 format:
Reading key file "C:\Test.ppk"
Using username "root".
Offered public key
Server refused our key
Server refused our key
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed
I have this same issue. I tried OpenSSH and format is too new:
Unable to use this key file (OpenSSH SSH-2 private key (new format))
Unable to use key file "C:\Users\Atenosis\Documents\SuperPuTTY\vm1.txt" (OpenSSH SSH-2 private key (new format))
Then I tried PuTTYgen and it is also too new:
Unable to load key (PuTTY key format too new)
Unable to load key file "C:\Users\Atenosis\Documents\SuperPuTTY\rsa.ppk" (PuTTY key format too new)
Finally, I tried saving the key to PuTTy v2 rather than v3, but my server won't accept v2 keys.
Reading key file "C:\Users\Atenosis\Documents\SuperPuTTY\vm1.rsa-v2.ppk"
Using username "akutra".
Offered public key
Server refused our key
Server refused our key
Also, I tried the keys with FileZilla, PuTTy, SuperPuTTy as well as Ubuntu SSH from the bash shell and the keys work fine, but the server does not accept v2 keys.