EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Unable to load public key in SFTP adapter

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
#25315
Posted: 06/17/2013 07:45:49
by Industriens Pension (Standard support level)
Joined: 05/09/2008
Posts: 33

I am trying to load a trusted public key into the SFTP adapter and i am getting the followoing error:
Quote
[17-06-2013 14:39:23.490] EldoS SFTP Adapter: Loading private key
[17-06-2013 14:39:23.490] EldoS SFTP Adapter: 1 keys have been loaded
[17-06-2013 14:39:23.490] EldoS SFTP Adapter: Loading trusted keys
[17-06-2013 14:39:23.490] EldoS SFTP Adapter: Failed to load keys, error 3329.
[17-06-2013 14:39:23.490] EldoS SFTP Adapter: Opening connection to SFTP server
[17-06-2013 14:39:44.844] EldoS SFTP Adapter: Failed to transfer file(s): Connection failed (error code is 10060)


I i try to set "Trust all keys" against the same server i get:
Quote
[17-06-2013 12:26:34.316] EldoS SFTP Adapter: Loading private key
[17-06-2013 12:26:34.316] EldoS SFTP Adapter: 1 keys have been loaded
[17-06-2013 12:26:34.316] EldoS SFTP Adapter: Loading trusted keys
[17-06-2013 12:26:34.316] EldoS SFTP Adapter: Opening connection to SFTP server
[17-06-2013 12:26:34.629] EldoS SFTP Adapter: Running key validation handler
[17-06-2013 12:26:34.629] EldoS SFTP Adapter: All keys are trusted, exiting
[17-06-2013 12:26:34.785] EldoS SFTP Adapter: Authentication type 2 failed
[17-06-2013 12:26:34.785] EldoS SFTP Adapter: SSH error 114


Could you please help me find what i am doing wrong?
#25316
Posted: 06/17/2013 08:06:28
by Ken Ivanov (EldoS Corp.)

Hello Kristian,

Error 3329 (0xD01, SB_ERROR_SSH_KEYS_INVALID_PUBLIC_KEY) is returned if the provided file was not recognized as a valid public key. Which exactly format was your public key saved in?

The 'Authentication type 2 failed' line followed by an 'error 114' is a symptom of failed private key authentication. Since, according to the log, your private key appears to be loaded correctly, please re-check that you pass the correct private key file name - it is likely that the key you are passing corresponds to a different SFTP service.
#25317
Posted: 06/17/2013 08:27:51
by Industriens Pension (Standard support level)
Joined: 05/09/2008
Posts: 33

I got the key from the server using sshkeygetter.exe
I then created a file which had 1 line:
ssh-dss AAAA....Rw== (the key from sshkeygetter)
and added the file path to "Trusted Key File"

For authentication type 2 failed i have tried with several keys, adding and readding what i find is the correct key and still get the same result.
#25318
Posted: 06/17/2013 08:59:22
by Ken Ivanov (EldoS Corp.)

Kristian,

Usually SSH servers have two public keys (DSS and RSA), so it is a good idea to retrieve both of them with SshKeyGetter.exe and specify both of them in the trusted keys file.

Quote
For authentication type 2 failed i have tried with several keys, adding and readding what i find is the correct key and still get the same result.

Did you have a chance to connect to that server with some third-party tool (e.g. Putty)? If you did, we could take the private key used by that tool and expect that it's the right one.
#25352
Posted: 06/19/2013 03:12:07
by Industriens Pension (Standard support level)
Joined: 05/09/2008
Posts: 33

We changed the key to one generated by puttygen and selected "Trust all keys".
This solved our problem.
#25354
Posted: 06/19/2013 03:42:30
by Ken Ivanov (EldoS Corp.)

Kristian,

Please note that setting "Trust All Keys" to true makes the component bypass server authentication. In other words, you can't be sure that the server the adapter has connected to is a genuine one. We strongly suggest that you sort the problem with the trusted keys file out as I described above.
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 4204 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!