Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- sftp Authentication Issue (Unix to Windows)
May 27, 2009, 3:53 pm
rate this thread
We're trying to set up passwordless authentication between a Unix
bash-3.00$ ssh2 -V
ssh2: F-Secure-SSH-2.3.1 (build 7) on sparc-sun-solaris2.8
and a windows (2003 R2) server, running:-
SSH tectia Server v188.8.131.52
On the Unix side, I created a public key in the following format:-
bash-3.00$ more batchftp_uat.pub
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "2048-bit rsa, genevaz@nsufu351, Wed Apr 29 2009
---- END SSH2 PUBLIC KEY ----
This has been placed in the .ssh2 directory on the Windows server,
under the user's configuration directory.
When I attempt to connect from the Unix to the Windows server, it
prompts me for a password. In the Windows Event Viewer, I get the
Event Type: Warning
Event Source: SSH Tectia Server
Event Category: None
Event ID: 0
Time: 6:00:54 AM
708 Publickey_auth_error, Username: HNAH\svc-us-sftp-hbeuie,
Algorithm: publickey, "Signature verification failed.", Session-Id:
Could anyone point me towards what could be causing this error - I'm
presuming it's on the Windows side, but I may be wrong. Are there any
further tests that I could run, or information that I could provide
that would help me troubleshoot this issue.
Also, is anyone aware of any general compatibility issues between
these operating systems/versions of ssh/F-secure?
Thanks in advance,
Re: sftp Authentication Issue (Unix to Windows)
These are the server configuration settings that I believe are related
to enabling authentication:-
Host Key (RSA) - Public/private key fields have entries, others don't:
Host Key (DSA), Certificate and External Key
Selectors tab: General section: Allow authentication for the user
that's attempting the connection
Password Authentication: Allow password authentication
Public-Key Authentication: Allow public-key authentication
GSSAPI: Allow GSSAPI/Ticket Forwarding
Host-Based Authentication: Allow host-based authentication
Keyboard-Interactive Authentication: Allow keyboard-interactive
Commands/Local Tunnels/Remote Tunnels: Deny All
User home directory: %USERPROFILE%
Enable audit messages for SFTP
If you require any further information, please let me know.
Many thanks for your assistance.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum