Based on question Key based authenication with net-sftp in Ruby, I can SFTP with key-based authentication using the following:
Net::SFTP.start(host, "user", keys:['~/.ssh/my_key']) do |sftp|
sftp.upload! "/local/file.tgz", "/remote/file.tgz"
end
But I can't get this to work for keys that require a passphrase -- I just get prompted for the user login on that host. Am I missing something to pass in that would let me enter the passphrase for my key? Or do I need to just stick with ssh-agent for this?
There's the passphrase option:
the passphrase to use when loading a private key (default
is nil, for no passphrase)
If you do not specify the passphrase, you should get asked for one, unless you used the non_interactive option:
set to true if your app is non interactive and prefers
authentication failure vs password prompt
non interactive applications should set it to true
to prefer failing a password/etc auth methods vs asking for password
Related
I'm trying to connect to a server with ssh using an ssh key. The logs me an error and it also asks me for the password which I shouldn't be asked for because I'm using the key authen-ion and my intention is get rid of having to enter the password:
ERROR -- net.ssh.authentication.key_manager[2b02154b7610]: could not load private key file `/home/me/.ssh/id_rsa.pub': ArgumentError (Could not parse PKey: no start line)
My code:
Net::SSH.start(ip_item, "root", host_key: "ssh-rsa", keys: ["~/.ssh/id_rsa.pub"], verbose: :debug) do |ssh|
Is that a bug? Why does it say "private"?
The key exists.
I'm able to connect to the server via the terminal without a password and it's added to the list of the known hosts of the server properly since I'm able to connect to it.
Also cat ~/.ssh/authorized_keys on the server shows my public key.
You need to provide the path to the private key when connecting to a host, not the public key.
Try change "~/.ssh/id_rsa.pub" to "~/.ssh/id_rsa" in your code. It should help.
I want to switch from Putty to OpenSSH for SSH connections in windows to our servers. I want to use OpenSSH only as client and I have a private key with additional passphrase.
I tried to connect to my server and OpenSSH loads the keyfile, but everytime I enter the passphrase, it seems that it isn't correct.
C:\Users\user>ssh -i D:\folder\.ssh\private_key user#host
Enter passphrase for key 'D:\folder\.ssh\private_key':
Enter passphrase for key 'D:\folder\.ssh\private_key':
Enter passphrase for key 'D:\folder\.ssh\private_key':
user#host's password:
You can see, my keyfiles are not located in the standard folder. I don't think that this is the problem, so only fyi.
What is the problem? I installed OpenSSH with the standard configuration and changed nothing.
Edit:
I also tried a different keyfile on an other server which has also a passphrase: this also doesn't work. Is that maybe a problem in configuration?
I'm sorry.
I discovered that I load a very old version. I think I get it from sourceforge and the executables are very outdated (year 2003 to 2004).
You can get a actual version from github: https://github.com/PowerShell/Win32-OpenSSH/releases/. I don't know if this is the official release. It's a bit confusing.
I'm trying to start a Jenkins build from the command line on OS X.
Our server has authentication turned on so I have to authenticate from the command line call.
I've registered my ssh key with the jenkins server but I'm still required to enter the key's passphrase manually.
Here is the command I'm using:
$ java -jar jenkins-cli.jar -s http://localhost:8080/ -i ~/.ssh/id_rsa build 'MyApp'
After entering the command, I get this prompt:
Enter passphrase for /Users/jenkins/.ssh/id_rsa:
Why is the passphrase required when I'm using a private key and how do I overcome this?
This is happening because Jenkins is trying to use the ssh authentication method by default and is not smart enough to use your ssh agent, or to figure out that if you specify the user/password this does not makes sense.
If you want you can disable this behaviour by adding -noKeyAuth parameter.
I've been trying for days to connect my application to a remote server with the NET::SSH gem without success. The issue seems to originate from the fact I need to use a private key file to authenticate the login.
require 'net/ssh'
def SSH(host, user, psw, keys, cmd)
Net::SSH.start( host,
user,
:password => psw,
:host_key => "ssh-rsa",
:encryption => ["blowfish-cbc","aes256-cbc"],
:keys => keys,
:verbose => :debug,
:auth_methods => ["publickey","password"]
) do|ssh|
#result = ssh.exec!(cmd)
puts #result
end
return #result
end
The debug output gives me the error:
Could not load private key file `C:/path_to_key/key.ppk': ArgumentError (Could not parse PKey)
I've seen many examples of this error with No start line appended however have not found anything to suggest workarounds to this. I've even uninstalled and reinstalled the NET::SSH gem.
I have no problem connecting through puTTY/WinSCP with the same credentials so I'm sure there are no remote authentication issues.
Any help appreciated
It can be problem of SSLv3. Re-generate your ssl certificates and try again.
The issue for me was the format of the private key. For some (still unexplained) reason Ruby didn't like the .ppk extension.
To get round it
ssh-keygen -t rsa (or dsa if you want more secure format) on the remote box to generate public/private key pair. Give it a folder in which to put both keys.
Add public key to ~/.ssh/authorized_keys file
Move private key to local machine with WinSCP and use it as key or key_data for NET::SSH
My current solution is to ask the user to add the keys to the user agent:
eval `ssh-agent -s`
ssh-add
While the above may not be known by some users, it is the standard way to let your shell know what keys to use for remote access. It handles typing in a password for more of a single sign on handling of credentials with passwords.
The most recent version of net ssh potentially no longer has this issue
I'm on a Windows 7 machine and have installed PuTTY. I'm trying to connect, but the authentication fails because of an incorrect password. But, the VM I'm connecting to doesn't have a password?
Here are the creds I'm trying to use:
Host: 127.0.0.1
Port: 2222
Username: vagrant
Private key: c:/users/<username>/.vagrant.d/insecure_private_key
When I open PuTTY, I put in the above credentials and click open, at which point it ask for the username and I enter 'vagrant', then it asks for the password, but there isn't a password, so I get access denied?
Not sure how to get around this?
Thanks.
The "---Begin RSA PRIVATE KEY ...." key is not of a format that PuTTY uses.
Use the program puttygen.exe (same place where the putty.exe program
is) to "Load" the private key.
Select "All Files (.)" from the filter to see the file c:/users/.../.vagrant.d/insecure_private_key
and open it. It will say that it has successfully imported foreign
key....
Then use "Save private key" option to save the loaded key
into a *.ppk file.
Then use that ppk file as the key file for "SSH |
Auth" in PuTTY
That should work.
I had experienced the opposite: using the putty proprietary .ppk format to configure the "config.ssh.private_key_path" which expects the SSH format.
You can also you the puttygen to convert from .ppk format to SSH format.