Key authentication not working

Core FTP Server questions and answers
Post Reply
cjard
Posts: 7
Joined: Wed Oct 08, 2008 3:14 pm

Key authentication not working

Post by cjard »

Hi

Using FileZilla as a client:

Used PuTTYGen to create an ssh-rsa key
Exported an OpenSSH version of the Public key into \\ftpserver\c$\PubKey.openssh
Saved a ppk version for FileZilla into \\ftpserver\c$\BothKeys.ppk

In the domain setup of CoreFTP:
YES allow key authentication
YES key auth only
NO force password with keys

In the user setup of CoreFTP:
ssh pub cert: c:\PubKey.openssh
NO user does not require key auth

Imported PPK to filezilla's store

Connection trace:
[code]
Trace: Looking up host "ftpserver"
Trace: Connecting to 10.0.0.4 port 29
Trace: Server version: SSH-2.0-CoreFTP-0.1.2
Trace: Using SSH protocol version 2
Trace: We claim version: SSH-2.0-PuTTY_Local:_Nov_15_2009_16:27:54
Trace: Using Diffie-Hellman with standard group "group14"
Trace: Doing Diffie-Hellman key exchange with hash SHA-1
Trace: Host key fingerprint is:
Trace: ssh-rsa 1024 bc:08:23:7f:20:59:99:85:7a:a8:60:a7:a6:52:13:50
Trace: Initialised AES-256 CBC client->server encryption
Trace: Initialised HMAC-SHA1 client->server MAC algorithm
Trace: Initialised AES-256 CBC server->client encryption
Trace: Initialised HMAC-SHA1 server->client MAC algorithm
Trace: Successfully loaded 1 key pair from file
Trace: Offered public key from "\\ftpserver\c$\BothKeys.ppk"
Trace: Offer of public key accepted, trying to authenticate using it.
Trace: Received disconnect message (protocol error)
Trace: Disconnection message text: key check failed
Trace: Server sent disconnect message
Trace: type 2 (protocol error):
Trace: "key check failed"


The Public key lines of the PPK and the key section of the .openssh file have been verified to be identical

What is wrong?
Kindheitenoge
Posts: 2
Joined: Sat Jul 17, 2010 12:04 pm

Key authentication not working

Post by Kindheitenoge »

Is it possible to use Active Directory accounts to authenticate to a Kioware Server on the same domain instead of individually created local accounts?
Post Reply