Dear All,
We are currently migrating our Application Server from Solaris to Linux, while continuing to use an existing Windows server with CoreFTP Server installed. Our objective is to implement passwordless file transfers from the Linux server to the Windows CoreFTP Server using SSH key-based authentication with OpenSSH-generated id_rsa keys.
Current setup steps:
On the Linux server, an ssh-keygen-generated RSA key pair (id_rsa and id_rsa.pub) has been created.
On the Windows server, CoreFTP Server is installed and a Domain is configured with its base location set to C:\Users\usrname\sftp.
A Windows user account "USRA" is configured in CoreFTP Server with username/password and base directory C:\Users\usrname\sftp. The public key file id_rsa.pub is referenced in the user security settings under the path C:\Users\usrname\sftp\id_rsa.pub.
CoreFTP Server services were restarted after configuration changes.
While testing connectivity from the Linux server using sftp USRA@Hostname, the client is prompted for the user password. Providing the password allows connection, but the goal is to connect without any password prompt.
Domain configuration has "Allow Key Authentication" enabled.
Issue: Despite the setup, the SFTP client still prompts for a password during login instead of authenticating solely with the SSH key.
Thanks In Advance.
Thanks,
Hari
Password Prompting for passwordless authentication
-
ForumAdmin
- Site Admin
- Posts: 1026
- Joined: Mon Mar 24, 2003 4:37 am
Re: Password Prompting for passwordless authentication
Which build of Core FTP Server and Linux are being used?
Tested this with Core FTP Server 775 and Ubuntu22 without issue.
Tested this with Core FTP Server 775 and Ubuntu22 without issue.
-
ForumAdmin
- Site Admin
- Posts: 1026
- Joined: Mon Mar 24, 2003 4:37 am
Re: Password Prompting for passwordless authentication
Partial log as follows:
sftp -v test-ed25519@10.0.0.137
OpenSSH_8.9p1 Ubuntu-3ubuntu0.13, OpenSSL 3.0.2 15 Mar 2022
debug1: Connecting to 10.0.0.137 [10.0.0.137] port 22.
debug1: Connection established.
debug1: identity file /home/test/.ssh/id_ed25519 type 3
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13
debug1: Remote protocol version 2.0, remote software version OpenSSH
debug1: compat_banner: match: OpenSSH pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.137:22 as 'test-ed25519'
debug1: load_hostkeys: fopen /home/test/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vai07PKGC7gLffhpPyWBwEGYqgZq3M4QFpjXiP+R9Sc
debug1: load_hostkeys: fopen /home/test/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '10.0.0.137' is known and matches the ECDSA host key.
debug1: Found key in /home/test/.ssh/known_hosts:2
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
debug1: Server accepts key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
Authenticated to 10.0.0.137 ([10.0.0.137]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: Sending environment.
debug1: channel 0: setting env LANG = "en_US.UTF-8"
debug1: Sending subsystem: sftp
Connected to 10.0.0.137.
sftp -v test-ed25519@10.0.0.137
OpenSSH_8.9p1 Ubuntu-3ubuntu0.13, OpenSSL 3.0.2 15 Mar 2022
debug1: Connecting to 10.0.0.137 [10.0.0.137] port 22.
debug1: Connection established.
debug1: identity file /home/test/.ssh/id_ed25519 type 3
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13
debug1: Remote protocol version 2.0, remote software version OpenSSH
debug1: compat_banner: match: OpenSSH pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.137:22 as 'test-ed25519'
debug1: load_hostkeys: fopen /home/test/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vai07PKGC7gLffhpPyWBwEGYqgZq3M4QFpjXiP+R9Sc
debug1: load_hostkeys: fopen /home/test/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '10.0.0.137' is known and matches the ECDSA host key.
debug1: Found key in /home/test/.ssh/known_hosts:2
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
debug1: Server accepts key: /home/test/.ssh/id_ed25519 ED25519 SHA256:Xnknsa6E+Gik7E+OwUUAO3G8r4hYPTrGF28M/TwL4n4 agent
Authenticated to 10.0.0.137 ([10.0.0.137]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: Sending environment.
debug1: channel 0: setting env LANG = "en_US.UTF-8"
debug1: Sending subsystem: sftp
Connected to 10.0.0.137.