I've been trying to use libssh to connect to a server and download files via SFTP. I have a PuTTY private key file containing 6 lines of key for the public key and 12 for the private key yet I can't find any decent help or documentation of taking these keys and using them to authenticate a connection to the server. Does anybody know how to do this?
So far the only options for authentication I can find are what I found in the libssh header file:
LIBSSH_API int ssh_userauth_pubkey(ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey);
However, I don't know how a key from a PuTTY .ppk file can translate into an ssh_string for the public key or a ssh_private_key for the private key.
Use the ssh_userauth_privatekey_file instead, or see a libssh code for how it is implemented (it calls the ssh_userauth_pubkey internally).
int ssh_userauth_privatekey_file(ssh_session session,
const char *username,
const char *filename,
const char *passphrase);
You will need to convert your .ppk file to OpenSSH format using PuTTYgen (Conversions > Export OpenSSH key).
Please go through the below link, it has the solution for this problem:
http://social.technet.microsoft.com/wiki/contents/articles/20974.biztalk-server-2010-how-to-use-blogical-sftp-adapter.aspx
Just install a Bitwise SSG server.
Go to Manage host.
Import your private key.
Then select the same private key and click on "export" option.
Pop-up will ask the format for key to export, click on openSSH format.
Save the new key with extension as .ppk in your local.
Now give this key as input to BizTalk SFTP adapter. It will connect to the SFTP Server.
Related
I created a PGP master key and an authenticate subkey on my Ubuntu server. For a user testUserX, which I still have to create, I want him (testUserX) to use the authenticate subkey for the login onto this server.
sec rsa1024/1CA56EBE6E0D128A
created: 2020-03-27 expires: never usage: C
trust: ultimate validity: ultimate
ssb rsa1024/7D9558836D7E9E72
created: 2020-03-27 expires: never usage: A
[ultimate] (1). admin <admin-test#example.com>
I tried to follow a few tutorials I found on the internet to do so but none of them worked so far. I have an Ubuntu 18.04 server and my gpg (GnuPG) version is 2.2.4.
Can anybody help me out how to do that? It must be rather simple but I wasn't able to do manage it. Thanks.
Edit: Maybe I should elaborate my answer what I have done so far.
On the Ubuntu server, I exported the public key of the authenticate subkey to ~/.ssh/authorized_keys
gpg --export-ssh-key 7D9558836D7E9E72! > 7D9558836D7E9E72.pub.ssh
cat ~/7D9558836D7E9E72.pub.ssh >> ~/.ssh/authorized_keys
Then I exported the private key to my Windows 10 computer and imported it there:
scp ferit#192.168.2.8:~/7D9558836D7E9E72.sub.key C:\Users\ferit\Downloads\
gpg --import 7D9558836D7E9E72.sub.key
So, question: How can I log in from Windows 10 to the Ubuntu server via PGP?
I am not sure the approach is right, but maybe I misunderstood something.
The idea is as follows:
each user on your system will be able to upload their public key on your server
when this is done, you can import the key to a keyring
then, when they want to login they first need to enter their user name
then, the server will fetch the matching key ID in the database
then, you generate a random challenge, that is PGP-encrypted using the public key of the user (and optionally yours), so that only the user (and optionally, you) is able to decipher the message
the user enters the response to the challenge
if the response matches the generated value, he/she will be logged in successfully.
To sum up, each user (even if there is just one at the moment...) should have their own key pair, and they provide it. You don't provide them with one, and you certainly don't share the same key with multiple users.
Everyone keeps their secret keys secret, but the public key may be (has to be) shared freely.
This is a type of 2FA, so I am sure you will easily find code samples for this task. But you didn't specify the language you will be using. Also, you are not exactly saying the purpose. 'Log in' is vague. Is the goal to log in to a website or some service like SSH ? Implementation will vary depending on the goal.
I am using WinSCP to automate the copy process to server and the authentication is only with username and password.
Script is:
open username:password#ipaddress:portno -hostkey=<hostkey>
Whereas now the authentication mode has to be changed to public key.
Script changed for authenticate through public key:
open username#ipaddress:portno -privatekey=mykey.ppk
Passphrase for the private key is requested after executing the above script, but is there any way that the passphrase of the private key can be provided in the same command?
Use the -passphrase switch of the open command.
See also WinSCP FAQ
How can I connect without entering private key passphrase each time?
Also, note, that you still should use the -hostkey switch.
open username:password#ipaddress:portno -hostkey=... -privatekey=... -passphrase=...
For quite a simple application that mostly depends on ssh connections made via JSch, I wanted to ask for the passphrase at the login screen, try to decrypt the private key and if it is wrong, go back to the login window.
I could not find the way to discover whether an invocation to
jsch.addIdentity(keyfile, prvkey, pubkey, passphrase);
ended properly, even if I can see in the code that the decryption has already been tried, and I suppose it already knows the passphrase is wrong.
Is there any way to detect the passphrase is correct BEFORE attempting to establish any session?
Thank you.
You can use KeyPair class for your requirements as follows,
KeyPair kpair = KeyPair.load(jsch, prvkey, pubkey);
System.out.println(kpair.decrypt(passphrase));
I am trying to connect to phpclould using netbeans.
I am following the instruction writen on eschrade blog
On the following step, I have provided all necessary information and private key
But I am getting following error when I press the test connection button
Cannot connect to server XXX.my.phpcloud.com
(Cause: invalid privatekey: key.ppk)
I know key is correct bucause I used the same key with winScp and it worked perfectly fine.
Any Idea?
It turns out the the private key must be in OpenSSH format. Use Puttygen to load your .ppk file and then export it as an openssh key (.priv). Then specify the .priv file in the Netbeans dialog box.
See this link.
My client provided me public key and asked me to do a ssh login. But i havent done any ssh login before. So can you please suggest me how to use public key for ssh login. I am using putty on windows
Here is a very nice tutorial on how to setup key based authentication usint putty on Windows.
http://www.ualberta.ca/CNS/RESEARCH/LinuxClusters/pka-putty.html
With SSH, public key is stored on the server and a user must have corresponding private key to log in. If this is your situation, you can specify your private key with PuTTY in one of two ways:
Configuration -> Connection -> SSH -> Auth -> Private key file for authentication
Use -i command-line option when starting PuTTY.
In both cases you need the private key in PuTTY format (.ppk). If your key is in a different format, you'll have to convert it using PuttyGen.