Internet Security Components - COM, ActiveX and .NET

public key authentication using wodSFTP 2.2.2 (eva - WeOnlyDo Discussion board

Linear

I am using wodSFTP 2.2.2 (eval) in a PowerBuilder 8.0.4 development environment.

My SFTP server is Bitvise WinSSHD 3.31 (eval). It is configured to authenticate via either a password or a public key.

I can use wodKeys to generate, import, and export keys. Everything seems to work fine: imported and exported keys are compatible with other applications, and MD5 fingerprints match after transferring keys.

I can use wodSFTP to connect to the SFTP server, using code similar to this:
wodSFTPObject.Authentication = authPassword {value=1}
wodSFTPObject.Password = as_PassWd
(where as_PassWd is a string variable that contains the printable text for the password)
It connects fine.

ISSUE #1

Right after a good connection with password, I disconnect, and change parameters to public key, like this:
wodSFTPObject.Authentication = authPubkey {value=2}
wodSFTPObject.PrivateKey = abl_MyKey
(where abl_MyKey is a blob variable that contains the binary string of the private key)
I then attempt to connect again.

I get a successful connection, but wodSFTP is using the old password (instead of the requested public key). This doesn't sound right.

I can get rid of this behavior by explicitly clearing the password like this:
wodSFTPObject.Password =
wodSFTPObject.Authentication = authPubkey {value=2}
wodSFTPObject.PrivateKey = abl_MyKey

ISSUE #2

Now I am set up for authentication only via public key:
wodSFTPObject.Password =
wodSFTPObject.Authentication = authPubkey {value=2}
wodSFTPObject.PrivateKey = abl_MyKey
But I can't connect. I get:
error number = 30015
error text = Invalid username or password reported by server.

I am reasonably sure that I have everything configured properly: After setting the wodSFTPObject.PrivateKey property, I can read it back and get the same key. I can use a different SFTP client (Secure FX 2.2.9) to connect to the SFTP server using public key authentication.

Do you have any suggestions?

locked

2274 views

Hmm. Not sure why in ISSUE1 wodSFTP sends old password, it shouldn't. I cannot double-check this until tuesday, but I will try it out at that time.

As for ISSUE2 - it looks ok. Only thing that comes to my mind is question - what exactly do yuo put in PrivateKey property? Is it wodKeys object, or something else?

locked

2154 views

Not sure why in ISSUE1 wodSFTP sends old password, it shouldn't.
I cannot double-check this until tuesday, but I will try it out
at that time.

Excellent! I look forward to your results!

what exactly do you put in PrivateKey property? Is it wodKeys
object, or something else?

I assign to the PrivateKey property a variable of type blob . In PowerBuilder, regular character strings are null-terminated (like in C), so they can not contain arbitrary binary data. The blob type is like a string, but can contain anything.

The raw binary key that I assign to the PrivateKey property was previously extracted from a wodKey object.

When I assign the binary key to PrivateKey, no exception is thrown. Then I can read back the PrivateKey property, and get the same data. So, I assume that the key is acceptable to wodSFTP.

It might be nice if wodSFTP had BubbleBabble and FingerPrint properties, just as wodKey does. This would allow me to confirm that the correct key is loaded.

locked

2196 views

Dennis,

but what is in your blob? Reference to wodKeys or something else?

locked

2115 views

but what is in your blob? Reference to wodKeys or something else

The blob contains the raw binary data for the key itself. In this case, it is a 1024-bit private DSA key.

It is not a LPDISPATCH from the IKeys object. It isn't an object at all, just data for the key.

locked

2240 views

Dennis,

any chance you can zip PB executable that connects to your server using your key, and send it to me? I'd like to try it out, and debug under the hood to see what could possibly be the reason this all happens.

locked

2143 views

May I say how nice it is to work with components so complete and self-explanatory that using them in my application is as instinctive as though I wrote them myself?

Michael Barnett

Full Spectrum Telecommunications

Fantastic product by the way, it has helped us tremendously on a daily basis. Keep up the good work.

Ben Lewis

Waterson Consulting Ltd.

We are having great success with your component ... email server that has over 750 000 mailboxes back ended by a SQL server...

Conrad Leigh

Leaf Wireless

Thank you so much for your hard work and commitment in producing well thought-out solutions. WeOnlyDo is very committed to customer satisfaction!

Mike McPherson

Nokia Inc.

...with the SFTP interface you produced, everything was so simple to understand, we were able to start coding almost immediately!

Zack Menendez

Mapframe Corporation

Don't be fooled by the cost, it's value and quality far exceeds the price being charged!

Ian D. Mead, author of UltraEdit-32

IDM Computer Solutions

You have been great as far as offering support is concerned and has been extremely responsive to both support requests and suggestions for product enhancements.

David Keenan

Serengeti Systems Incorporated

I would highly recommend this to anyone who needs a good quality SFTP solution.

Ian D. Mead, author of UltraEdit-32

IDM Computer Solutions

You made it so simple for us to integrate SFTP - a technology we had little experience with...

Zack Menendez

Mapframe Corporation

Your .NET components allow us to blend .NET technology seamlessly with secure communication, and with excellent technical support.

Bil Bragg

Dionach

Product groups

Support

public key authentication using wodSFTP 2.2.2 (eva (wodSFTP / wodSFTP.NET / wodSFTPdll)

Re: public key authentication using wodSFTP 2.2.2

Re: public key authentication using wodSFTP 2.2.2

Re: public key authentication using wodSFTP 2.2.2

Re: public key authentication using wodSFTP 2.2.2

Re: public key authentication using wodSFTP 2.2.2

About

Contact