Can not connect to SSH with Public Key!

Patschi · 01-27-2013, 02:25 PM

Everytime I try to connect to my server with a public key I got following message:

Quote:

[20:23:52] [R] Connecting to root -> IP=000000 PORT=0000
[20:23:52] [R] Connected to root
[20:23:52] [R] Host key algorithm ssh-RSA, size 2048 bits.
[20:23:52] [R] Fingerprint (MD5): 000000
[20:23:52] [R] Key exchange: diffie-hellman-group14-sha1. Session encryption: aes256-ctr, MAC: hmac-sha1, compression: none.
[20:23:52] [R]
[20:23:52] [R] Auth Type: Public Key
[20:23:53] [R] Authentication failed [Public Key]
[20:23:53] [R] SSH Error: failed to negotiate authentication method [Public Key]
[20:23:53] [R] SSH Connection closed
[20:23:53] [R] Connection failed

I tried all I could, still not working!

My SSH key is 15 KB big, but Host key will be shown 2048 bits. Could that be the problem?

bigstar · 01-27-2013, 10:29 PM

What version/build of FlashFXP are you using?

What SSH key format did you import from?

Did you import the private key?
(the public key is stored on the server and the private key is used by the client)

Did you select the correct key for the site via the site manager?

Quote:

Host key algorithm ssh-RSA, size 2048 bits.

This has no direct relationship to the size of the public key used for account authentication.

Patschi · 01-27-2013, 10:36 PM

I use the latest beta 4.3.0 build 1917.
RC2 as I remember.

I'm sure I setted up everything correct. Yes, I imported the private key correctly. The private key was generated by puttygen.exe

I just have one key in my key manager and so I took the right key in the site manager.

bigstar · 01-28-2013, 10:25 AM

I cannot see any explanation as to why this would fail, I assume the same key works fine in putty?

If you use Pageant (part of the Putty tool-set) you could load the key into it and then configure FlashFXP to request the key from Pageant and see if that works.

Patschi · 01-28-2013, 10:32 AM

I got it work, but I generated a seperate key with 2048 bit directly in FlashFXP... Pageant? Don't know this tool. I only used Putty itself and the puttygen.

And yes, the 15KB key is working without any problems in Putty. That's why I dont know why it won't work.

bigstar · 01-28-2013, 04:24 PM

Pageant is available via the putty website
http://www.chiark.greenend.org.uk/~s.../download.html

I will try to test with a large key later today, I tested with a 8KB key and it worked without a problem. Though it took around 5 minutes to create.. I wonder how long a 16KB key will take.

Patschi · 01-28-2013, 04:29 PM

Okay, thanks. I'll test it.

It took about 30 minutes

MxxCon · 01-28-2013, 07:48 PM

Unless you are transferring nuclear missile launch codes, 16KB key is an insane overkill. 2KB is perfectly sufficient.

Patschi · 01-28-2013, 07:58 PM

Who knows...

Indeed you're right, but I still want a more secure keyfile

Why it's only possible to generate keys up to 4KB? Why not up to 8KB? Would be nice

MxxCon · 01-28-2013, 08:06 PM

Before somebody can crack your 2KB key, it'll be faster for them to hack something else to get into your system.

bigstar · 01-28-2013, 09:07 PM

Soooo 3 hours later.. thats how long it took to generate a 16KB SSH key pair.. lol..

But it was worth the wait.. Testing with a 16KB public key does in fact fail with FlashFXP. It would appear that the encryption engine I use has a default max length of 8KB (which I was completely unaware of.).

It would appear that using a 16KB public key adds a fair amount of overhead so I think that perhaps the reason its limited to 8KB is just to be reasonable.

I can simply override the default value and increase the limit to 16KB so that the key will work.

I will post a test build with this change tonight or tomorrow morning, I need to finish investigating a couple other issues first.

bigstar · 01-28-2013, 10:16 PM

Here's an update that supports up to 16KB key pairs.

This build also includes the following fixes/changes.

When creating x509 certificates and public keys I added two more bit sizes, 6KB and 8KB.

The ability to rename keys (the common name) in the Key Manager.

When creating x509 certificates and public keys it now shows the time elapsed.

The queue time remaining had a small glitch that could skew the estimated time.

Fixed a small memory leak in the new drag/drop routines.

https://oss.azurewebsites.net/testr/dev-bu...4.3.0.1918.zip

Unzip the flashfxp.exe into your FlashFXP program folder overwriting the existing flashfxp.exe

Patschi · 01-28-2013, 10:55 PM

Thank you for fixing the bug in this short time. I'll try it after I some hours of sleep.
Will the auto update still work, when I have a newer version that on the beta channel of FlashFXP?

Thanks again and good night

bigstar · 01-29-2013, 07:35 AM

yes, auto update will still work.

Patschi · 01-29-2013, 08:10 AM

Thanks. Renaming won't work correctly for me... When I click right click and "Rename" nothing happens. By pressing F2 it works.