My SSH servers are all configured to refuse passwords.
Public Key auth. for SFTP logins?
Public Key auth. for SFTP logins?
Can I configure Zeus to use my public key for authenticating sftp?
My SSH servers are all configured to refuse passwords.
My SSH servers are all configured to refuse passwords.
I have Putty, and it is configured to use my key.
You may know that you can create and save a "profile" w/ putty, and I have profiles saved for all servers. So, when running Putty (or Plink) you just reference the saved profile on the command line, like:
I assume when you say Putty, you really mean Plink. It would be more useful for "backgrounded" transfers. In SciTE for example, I have a "tool" set up that runs:
where $1 is replaced at runtime w/ the directory on the server I want a listing of.
and another:
which gets me the contents of a file named in $2.
HTH!
I'm liking Zeus pretty well by the way.
More docs would be nice. You've got some features I don't quite grasp. :0
I'll get back to you on that.
You may know that you can create and save a "profile" w/ putty, and I have profiles saved for all servers. So, when running Putty (or Plink) you just reference the saved profile on the command line, like:
Code: Select all
putty @profilename
Code: Select all
plink @profilename ls $1
and another:
Code: Select all
plink @profilename cat $1/$2
HTH!
I'm liking Zeus pretty well by the way.
More docs would be nice. You've got some features I don't quite grasp. :0I'll get back to you on that.
Using Putty can't you configure a default public key 
It looks like Putty stores this key detail in the registry at this location:
Jussi
It looks like Putty stores this key detail in the registry at this location:
If this registry entry is is present, from looking at the OpenSSH code it looks like Zeus should load and use this key when it tries to connectHKEY_CURRENT_USER\Sessions\Default Settings\PublicKeyFile
Jussi
-
Guest
But I have configured putty?
any of the suite of programs included with Putty will hook right up.
and if you'll pardon my asking, what does openSSH have to do with it?
I also use the Cygwin openSSH server and clients on this same machine,
and I can't find anything that software has stored in my registry.
Those components are also configured to use public key auth, and work just fine. In other words, I have seen to the proper contents of my .ssh folder in my home directory.
The "Sessions" key you pointed me to does not exist on my machine. I would create it manually to test if you could tell me which format key to use. ssh-keygen (from openSSH) and puttygen create keys in different formats, and the public key requires manual editing before adding it to the authorized_keys file on the server.
It would be great if Zeus would do the same as other SSH/SFTP clients, and look to ~/.ssh for all configuration.
Thanks for your follow-up, my apologies for my delayed response.
any of the suite of programs included with Putty will hook right up.
and if you'll pardon my asking, what does openSSH have to do with it?
I also use the Cygwin openSSH server and clients on this same machine,
and I can't find anything that software has stored in my registry.
Those components are also configured to use public key auth, and work just fine. In other words, I have seen to the proper contents of my .ssh folder in my home directory.
The "Sessions" key you pointed me to does not exist on my machine. I would create it manually to test if you could tell me which format key to use. ssh-keygen (from openSSH) and puttygen create keys in different formats, and the public key requires manual editing before adding it to the authorized_keys file on the server.
It would be great if Zeus would do the same as other SSH/SFTP clients, and look to ~/.ssh for all configuration.
Thanks for your follow-up, my apologies for my delayed response.
if you'll pardon my asking, what does openSSH have to do with it?
Zeus uses the OpenSSH set of DLL's to do the SSH authentication.
The "Sessions" key you pointed me to does not exist on my machine.
Could you download this new xNet.dll. To install and test this new dll do the following:
- Backup current xnet.dll
- Install the new dll
- Attempt to connect to the server
- Cancel failed ftp logon
- Now there should be a new registry \\HKEY_CURRENT_USER\Software\xidicone\SSH_FTP section
- One of the registry values will be a public key file
- Enter the full file name of the public key file
- Attempt to connect to the server again
the public key requires manual editing before adding it to the authorized_keys file on the server.
For just this reason this dll has not yet been fully tested
But based on how the OpenSSH code reads this change will hopefully mean that the public key file is used when attempting the logon
If the change does not work let me know and I then will then set up a SSH server to fully test this new code.
It would be great if Zeus would do the same as other SSH/SFTP clients, and look to ~/.ssh for all configuration.
I will see if the OpenSSH version that Zeus uses looks for this configuration file.
Cheers Jussi
-
Guest
Wow, thanks for trying!
I installed the dll, ran Zeus, tried a connection and got:
clicking ok on that got me to the expected 'failed connection' message, at which point the registry keys mentioned in your instructions did exist.
manually entering the path to an openSSH public key file, (enclosed in quotes, there's spaces in the path) and trying again showed the same behaviour.
the server there is OpenSSH_4.3p1, OpenSSL 0.9.7d.
it's configured to accept only SSH2 connections, but on this machine I have not excluded the "weak ciphers". (what they call it in the man pages)
I tried another server, with the same version of OpenSSH, but OpenSSL 9.8a - same results. On this server "weak ciphers" are refused, but I'm sure I remember from the OpenSSH manual, that most of the ciphers on that list are available.
I just realized, this may not matter but I'll mention it. I have a number of open-source apps installed, stuff ported from unix, that all want to be on the path, and all install their own ssl dlls. I have to shuffle my path around sometimes to make some of them work. if xnet.dll is all there is to it, then I suspect Zeus will not suffer from that?
Again, thanks for trying.
I installed the dll, ran Zeus, tried a connection and got:
Code: Select all
Fatal Connection Error
Couldn't agree a client-to-server cipher (available:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr)
manually entering the path to an openSSH public key file, (enclosed in quotes, there's spaces in the path) and trying again showed the same behaviour.
the server there is OpenSSH_4.3p1, OpenSSL 0.9.7d.
it's configured to accept only SSH2 connections, but on this machine I have not excluded the "weak ciphers". (what they call it in the man pages)
I tried another server, with the same version of OpenSSH, but OpenSSL 9.8a - same results. On this server "weak ciphers" are refused, but I'm sure I remember from the OpenSSH manual, that most of the ciphers on that list are available.
I just realized, this may not matter but I'll mention it. I have a number of open-source apps installed, stuff ported from unix, that all want to be on the path, and all install their own ssl dlls. I have to shuffle my path around sometimes to make some of them work. if xnet.dll is all there is to it, then I suspect Zeus will not suffer from that?
Again, thanks for trying.
-
Guest
The OpenSSH that Zeus uses are these dll files found in the Zeus install directory:
Since the xnet.dll is a Zeus only dll that talks to the OpenSSH dll's,it should not matter what other software is installed on your machine.
Feel free to post the server trace messages to this thread.
In the mean time I will have to setup a SSH server and do some extra debugging at this end
Cheers Jussi
Code: Select all
xnet.dll
ssleay32.dllFeel free to post the server trace messages to this thread.
In the mean time I will have to setup a SSH server and do some extra debugging at this end
Cheers Jussi
-
Guest
Wow, you're fast.
I just came back to add that I updated to the 3.95t release, and tried connecting w/ and w/out the xnet.dll you posted, and both scenarios gave same results as prev. version.
I also went looking in the Zeus folder and saw that you did indeed ship ssl dlls so I cleared my path ( to .;c:\windows;c:\windows\system32 ) and ran Zeus from a command prompt, in the zeus folder. as you predicted, it made no difference.
so I did the trace, I'm surprised at how little output it generated, but it looks like the client offers no ciphers:
I ran the trace starting Zeus from "clean path" command prompt, with the xnet.dll you posted. good luck, and thanks again for looking at it.
I just came back to add that I updated to the 3.95t release, and tried connecting w/ and w/out the xnet.dll you posted, and both scenarios gave same results as prev. version.
I also went looking in the Zeus folder and saw that you did indeed ship ssl dlls so I cleared my path ( to .;c:\windows;c:\windows\system32 ) and ran Zeus from a command prompt, in the zeus folder. as you predicted, it made no difference.
so I did the trace, I'm surprised at how little output it generated, but it looks like the client offers no ciphers:
Code: Select all
Server listening on 0.0.0.0 port 22.
no matching cipher found: client server aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
This bug is now fixed
To fix this issue you will need to do the following:
To fix this issue you will need to do the following:
- Download this file: http://www.zeusedit.com/z300/xnet.zip
- Use it to replace the xnet.dll found in the Zeus install directory
- Delete this registry key if it exists: HKEY_LOCAL_MACHINE\SOFTWARE\Xidicone\SSH_FTP
- Restart Zeus