-1

I am working on a project where one of the users needs to connect to an FTP using a PUTTY key. The project uses Chilkat to handle SFTP connections and we have a copy of the .ppk file to make the connection. We have confirmed that with the .ppk file and user name provided we can connect to the server using Filezilla.

Using the provided key file with Chilkat though and calling either the FromOpentSshPrivateKey() or FromPuttyPrivateKey methods the same result is returned where the method returns false and the PrivateKey.LastErrorText shows the error message just reporting as "Invalid Putty Private Key (2)". I have done a few searches for this error and it seems all the questions relating to these keys failing are 6+ years old and the exact error message is typically not the same as the one I am seeing.

I have tried updating the version of Chilkat we are using to the most recent version and the error remains unchanged. Is there a way I can get more detail about what the issue may be, because verbose logging only seems to include the actual key value and algorithm used along with the error. Not sure if it will be easier to spend time trying to resolve the issue with chilkat or use the time finding alternatives to chilkat which may connect successfully.

We do not have problems with users that are connecting to SFTPs using OpenSSH, but this is the first user that has attempted to use Putty.

  • It's SFTP, not FTP. + I do not know Chilkat, but PuTTY recently introduced a new version (v3) of the PPK key. Chilkat (or your version of it) possibly does not support it yet. Try using PuTTYgen to convert the key to v2. + If OpenSSH keys work, you can also convert the key to OpenSSH format. – Martin Prikryl Jun 21 '22 at 19:24

2 Answers2

0

It shouldn't be a problem with the new v3 format of the PPK, unless you're using an older version of Chilkat. Chilkat is able to read the new PPK version starting one or two versions of Chilkat ago (I can't recall off the top of my head).

The problem is likely that your SSH server supports the rsa-sha2-256 host key algorithm but does not support rsa-sha2-256 for public key authentication. Clients will be slowly switching to using rsa-sha2-256 for public-key authentication instead of SHA1 if a server says it supports rsa-sha2-256. Chilkat recently switched (because some servers were rejecting SHA1 and required rsa-sha2-256). Thus the damned-if-you-do and damned-if-you-don't scenario. Some servers say they support something, but not entirely..

A solution is to set sftp.UncommonOptions = "ForceUserAuthRsaSha1" to force SHA1 for user authentication.

Chilkat Software
  • 1,405
  • 1
  • 9
  • 8
-1

This actually ended up being an issue with our system for some reason losing the format of the key and sticking all of the information on a single line. I started to manipulate the value and eventually started to get more precise error messaging about "Public-Lines expected on line 4". Currently reviewing our system to determine what caused the line structure to be lost in this case, but the connection does succeed now with it being corrected.

I appreciate the guidance as I am still fairly new to running SFTP connections and how these keys are structured. I will certainly investigate more into PuTTY going forward as there could always be the potential of us getting a client using a different version or have different restrictions than this current scenario.

  • 1
    Well, then please consider deleting the question as it could not have been answered in the first place and it hardly helps anyone else. – Martin Prikryl Jun 22 '22 at 16:20