EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SFTP/SSH2 Public Key Authentication

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#6534
Posted: 06/09/2008 17:00:36
by Fabio Paixao (Basic support level)
Joined: 06/09/2008
Posts: 2

Hello,

We are having difficulties connecting to an existing SFTP site over SSH2 using public key authentication. Below is a code snipet we are using to initialize our TElSimpleSFTPClient client instance. We need assistance in loading the key-ring into the instance for authentication.

m_Instance.ASCIIMode = false;
m_Instance.AuthAttempts = 1;
m_Instance.AuthenticationTypes = SBSSHConstants.Unit.SSH_AUTH_TYPE_PUBLICKEY;
m_Instance.AutoAdjustCiphers = false;
m_Instance.AutoAdjustTransferBlock = true;
m_Instance.CertAuthMode = SBSSHClient.TSBSSHCertAuthMode.camAuto;
m_Instance.ClientHostname = "";
m_Instance.ClientUsername = "";
m_Instance.CompressionLevel = 6;
m_Instance.DefaultWindowSize = 2048000;
m_Instance.DownloadBlockSize = 8192;
m_Instance.ForceCompression = false;
m_Instance.IncomingSpeedLimit = 0;
m_Instance.KeyStorage = null;
m_Instance.LocalAddress = null;
m_Instance.LocalNewLineConvention = new byte[] { ((byte)(13)), ((byte)(10)) };
m_Instance.LocalPort = 0;
m_Instance.MinWindowSize = 2048;
m_Instance.OperationErrorHandling = SBSftpCommon.TSBOperationErrorHandling.oehTryAllItems;
m_Instance.OutgoingSpeedLimit = 0;
m_Instance.PipelineLength = 32;
m_Instance.RequestPasswordChange = false;
m_Instance.SftpBufferSize = 131072;
m_Instance.SFTPExt = new SBSftpCommon.TSBSftpExtendedAttribute[0];
m_Instance.SocketTimeout = 0;
m_Instance.SocksAuthentication = 0;
m_Instance.SocksPassword = "";
m_Instance.SocksPort = 1080;
m_Instance.SocksResolveAddress = false;
m_Instance.SocksServer = null;
m_Instance.SocksUserCode = "";
m_Instance.SocksVersion = 1;
m_Instance.SoftwareName = "SecureBlackbox.6";
m_Instance.SSHAuthOrder = SBSSHCommon.TSBSSHAuthOrder.aoDefault;
m_Instance.TrustedKeys = null;
m_Instance.UploadBlockSize = 32768;
m_Instance.UseInternalSocket = true;
m_Instance.UseSocks = false;
m_Instance.UseUTF8 = true;
m_Instance.UseWebTunneling = false;
m_Instance.Versions = ((short)(124));
m_Instance.WebTunnelAddress = null;
m_Instance.WebTunnelAuthentication = 0;
m_Instance.WebTunnelPassword = null;
m_Instance.WebTunnelPort = 3128;
m_Instance.WebTunnelUserId = null;

TElSSHKey keyStorage = new TElSSHKey();
keyStorage.LoadPrivateKey(@"C:\Documents and Settings\user123\Desktop\PrivateKeyFile.ppk", "123");

m_Instance.KeyStorage = new TElSSHCustomKeyStorage();
m_Instance.KeyStorage.Add(keyStorage);

Please help.

Thanks!
#6537
Posted: 06/09/2008 23:36:33
by Eugene Mayevski (EldoS Corp.)

And what your problem is?

In general, several SSH and SFTP samples show how to use the private key for authentication. You can look at them and see if they work with your key.


Sincerely yours
Eugene Mayevski
#6583
Posted: 06/11/2008 09:54:10
by Fabio Paixao (Basic support level)
Joined: 06/09/2008
Posts: 2

Hi Eugene,

We have purchased a site license for your product and need help in getting SFTP/SSH2 to work. We are able to connect to the SFTP/SSH2 site using private/public key authentication using other SFTP client applications without any issues. However, we are unable to connect using the Eldos SFTP module API. We have looked and were not able to locate a working sample that connects to our site successuflly. Below are the samples we have checked:

ConsoleSftp_VS2008
------------------
This is a simple console application with the authentication being done in the Main() method of the ConsoleSftpClient class. It is using basic username/password authentication:

Client = new TElSimpleSFTPClient();
Client.Address = parAddress;
Client.Port = parPort;

Client.Username = parUsername;
Client.Password = parPassword;

SftpUpload_ASPNET20
-------------------
This is a simple web application with the authentication being done in the SendFile() method of Default.aspx.cs. It is using basic username/password authentication:

SftpClient.Address = tbHostName.Text;
SftpClient.Username = tbUserName.Text;
SftpClient.Password = tbPassword.Text;
SftpClient.AuthenticationTypes = SBSSHConstants.Unit.SSH_AUTH_TYPE_PASSWORD;

i = SftpClient.Address.IndexOf(':');
if (i > 0)
{
SftpClient.Port = Int32.Parse(SftpClient.Address.Substring(i + 1, SftpClient.Address.Length - i - 1));
SftpClient.Address = SftpClient.Address.Substring(0, i);
}

Log("SFTP connecting to " + SftpClient.Address + ":" + SftpClient.Port, false);
try
{
SftpClient.Open();
}
catch (Exception ex)
{
Log("SFTP connection failed with message [" + ex.Message + "]", true);
return;
}

SimpleSftpDemo_VS2008
---------------------
This is a full-blown Windows Application which seems to support SFTP/SSH connections, but we are getting the following error when attempting to connect:

SFTP connection failed with message [Connection failed (error code is 11004)]

We get similar errors when attempting to connect using the code shown in the original post. We have not been able to locate in the documentation what these error codes mean.

We have been able to connect to the same site using the same parameters using other SFTP applications.

SophisticatedClient
-------------------
This is a simple Window Application that seems to support username/password only.

We need assistance in getting this component to work.

Please advice.

Thanks in advance,

Fabio Paixao
#6584
Posted: 06/11/2008 10:15:07
by Eugene Mayevski (EldoS Corp.)

1) If you check the support policy and the registration e-mail, you will find that in order to get standard support you need to have your license ticket assigned to your account (the procedure is described in the registration e-mail). This lets us identify your license. Without this we have no way to know that you are eligible for standard support. Also the license contains other important information such as the edition and version of the software used.

2) Your code creates an instance of TElSSHCustomKeyStorage. This is an abstract class. SecureBlackbox includes TElSSHMemoryKeyStorage class for holding the keys in memory. We will make it impossible for the code

3) Error 11004 is a Winsock error, however the Platform SDK headers give no clue regarding why this error can be reported.

/* Valid name, no data record of requested type */
#define WSANO_DATA (WSABASEERR+1004)

I used google to get information about this error and have found the following information: http://www.sockets.com/err_lst1.htm#WSANO_DATA

Probably it would help us diagnoze the problem if you gave us the address of the server and we could try to connect to it (at this stage username/key are not needed).


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 3134 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!