EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How do I use the Simple SSH Client?

Posted: 05/14/2010 07:41:05
by  Trevor Mason

I'm evaluating your components and I'm trying to open a connection to an ssh server using the simple ssh client.
I have the socket open and the client tries to authenticate me on the server, but fails with an error 114 - There are no more methods for user authentication.

I have generated and saved new public and private 1024 bit rsa keys, which are loaded into the Memory storage object and I have supplied a user name and password to the ssh client.

What am I doing wrong?

Im using CBuilder 2009 on XP and SBB version 8.
Posted: 05/14/2010 08:32:36
by Eugene Mayevski (Team)

The problem is in the way you use authentication.

The generated public key is placed on the server (check server documentation for how to do this) and you provide the private key on the client side when connecting with a client to the server.

Sincerely yours
Eugene Mayevski
Posted: 05/14/2010 09:10:42
by  Trevor Mason
Hi Eugene,

That would be a valid argument for public key auths, but what about password auths?

When I use Putty, I don't have to put the public key on the server - I just open up a session to the server, supply my user name and password and I'm in.
Why can't I get that to work?

Posted: 05/14/2010 09:42:03
by Eugene Mayevski (Team)

What exactly messages do you get in the log before error 114? It must be preceded by one or more error messages saying that authentication type X failed. It's important to know, what types failed.

Sincerely yours
Eugene Mayevski
Posted: 05/14/2010 11:03:15
by  Trevor Mason
Hi Eugene,

I don't get any messages before the 114 error.

AuthenticationTypes is set to 20, which I believe is password & keyboard auth methods.

It looks as though it is not attempting the keyboard auth.
I have just added an onAuthAttempt handler which prints the auth type to screen and it is only being fired once for type 4 - Password?

Posted: 05/14/2010 12:31:28
by Eugene Mayevski (Team)

That's all strange what you describe - if the authentication method fails, the server tells this to the client and the client reports an error. Maybe it's some issue specific to C++Builder 2009. Are you running the sample project or you've written your own code?

Sincerely yours
Eugene Mayevski
Posted: 05/14/2010 13:12:49
by  Trevor Mason
Hi Eugene,

I found the problem - the user name was not being passed correctly to the server - my fault for trying to be too clever and doing input validation.

So... now that I can log on with a pre-supplied user/password combination, what do I have to do to get the server to prompt me for a user and password in the terminal window, like putty does?

Posted: 05/14/2010 13:39:02
by Eugene Mayevski (Team)

putty's prompts for username and password are not related to terminal at all. So you can draw these questions in any way you like, be it a dialog window or two or a terminal emulation window or any other way to talk to the user.

About keyboard-interactive authentication: this scheme assumes that the server asks for something and the user types the answer. This is not a password as you see it. It's just common that the servers ask for a password, but a smart server (coded using our SSH server component for example) can be asking for a day of week or simple math operation result just to ensure that it's the human user that logs in. This means that you must be ready to let the user provide answers to these questions. See OnAuthenticationKeyboard event for more details.

Now about terminals in general: SSH is a way to securely access remote shell, but SSH itself doesn't offer or define terminals. The protocol sends and receives what you (or the server) give to it. This means that escape sequences, sent by the server to change text or background color, play beep etc. are your business, not SSH ones. If you emulate a simple terminal using ReadLn/WriteLn, you will see some strange sequences of characters that you would not expect. These are terminal escape sequences that I am talking about.

Sincerely yours
Eugene Mayevski



Topic viewed 2755 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!