jEdit Version Numbers: 5.0.0 / 5.1pre1
Plugins: FTP 1.0.3 / SshConsole 1.0.6a
Platform: OS X version 10.8.4
Java Version: 1.7.0_25-b15
Steps to Reproduce:
- Create an SSH2 key pair using the default settings with 'ssh-keygen' on OS X 10.8
- this results in a AES-128-CBC encrypted key.
- Add the public key to server's authorized keys and log in via SSH in Terminal to
verify the new key pair is working.
- Attempt to use the same key to log in with (S)FTP or SshConsole plugins results
in multiple (4-5) prompts for the key's password even if it is correctly entered
- jEdit appears to give up on public key authentication and falls back to keyboard
interactive - resulting in an "Auth Fail".
Expected Result: Password prompt asks for correct password and logs in to the server
when it's given.
Following the same steps with a key pair generated on OS 10.6 - resulting in a DES-EDE3-CBC
encrypted key - produces the expected result (no log in errors using the key).
jEdit activity log:
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Connecting to {server} port
{port}
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Connection established
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Remote version string: SSH-2.0-OpenSSH_5.2
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Local version string: SSH-2.0-JSCH-0.1.42
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_KEXINIT sent
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_KEXINIT received
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: kex: server->client aes128-ctr
hmac-md5 none
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: kex: client->server aes128-ctr
hmac-md5 none
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_KEXDH_INIT sent
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: expecting SSH_MSG_KEXDH_REPLY
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: ssh_rsa_verify: signature true
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Host '{server}' is known and
mathces the RSA host key
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_NEWKEYS sent
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_NEWKEYS received
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_SERVICE_REQUEST sent
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: SSH_MSG_SERVICE_ACCEPT received
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Authentications that can continue:
gssapi-with-mic,publickey,keyboard-interactive,password
4:42:58 PM \[jEdit Worker #3\] \[message\] SftpLogger: Next authentication method:
gssapi-with-mic
4:42:59 PM \[jEdit Worker #3\] \[message\] SftpLogger: Authentications that can continue:
publickey,keyboard-interactive,password
4:42:59 PM \[jEdit Worker #3\] \[message\] SftpLogger: Next authentication method:
publickey
4:42:59 PM \[jEdit Worker #3\] \[debug\] SFtpConnection: Passphrase for /Users/{luser}/.ssh/id_rsa
4:42:59 PM \[jEdit Worker #3\] \[debug\] SFtpConnection: Passphrase for /Users/{luser}/.ssh/id_rsa
4:43:05 PM \[jEdit Worker #3\] \[debug\] SFtpConnection: Passphrase for /Users/{luser}/.ssh/id_rsa
4:43:09 PM \[jEdit Worker #3\] \[debug\] SFtpConnection: Passphrase for /Users/{luser}/.ssh/id_rsa
4:43:11 PM \[jEdit Worker #3\] \[message\] SftpLogger: Authentications that can continue:
keyboard-interactive,password
4:43:11 PM \[jEdit Worker #3\] \[message\] SftpLogger: Next authentication method:
keyboard-interactive
4:43:12 PM \[jEdit Worker #3\] \[message\] SftpLogger: Disconnecting from {server}
port {port}
4:43:12 PM \[jEdit Worker #3\] \[debug\] ConnectionManager: catch java.io.IOException
on sftp://{server}:{port}
4:43:12 PM \[jEdit Worker #3\] \[error\] ListDirectoryBrowserTask: at ftp.SFtpConnection.<init>(SFtpConnection.java:124)
4:43:12 PM \[jEdit Worker #3\] \[error\] ErrorListDialog$ErrorEntry: sftp://{user}@{server}:{port}/~/:
Submitted | an-crm-114 - 2013-07-21 21:16:04 | Assigned | |
---|---|---|---|
Priority | 5 | Labels | FTP |
Status | open | Group | None |
Resolution | accepted |
2013-07-22 16:24:24 ezust |
I can only do this on linux, not macos, but perhaps my experiences will help you.
|
---|---|
2013-07-22 16:56:37 an-crm-114 |
Sorry if my "steps to reproduce" weren't clear - I'm not entering a password into
the "Connect to Secure FTP Server Dialog", I'm entering the password / passphrase
into the "Enter passphrase for private key file" dialog which pops up when attempting
to connect to the remote server using SFTP. The passphrase is never accepted even
if it is correct and the private key passphrase dialog comes back several times after
the proper passphrase has been entered. |
2013-09-21 23:39:53 ezust |
I just tried it with the latest jsch library and I can reproduce your issue still
even after updating to jsch 0.1.50\!
|
2013-10-26 01:58:39 ezust |
I just made a discovery. It depends on what KIND of key you make. I tried making a
1024 bit DSA key from the mac and it works. But RSA keys don't.
|
2013-10-26 01:58:39 ezust |
- **summary**: Cannot use SSH keys generated on OS X 10.8 with FTP plugin --> Cannot use rsa SSH keys generated from OS X 10.8 |
2013-11-12 15:46:39 an-crm-114 |
I took a quick look at using a DSA key and it appears you're correct - the 1028 bit
DSA key I generated on OS X Server 10.6.8 works fine for SFTP connections in jEdit
5.0 with FTP 1.0.3. I'll need to play around with the various keys which can be generated
with ssh-keygen and see how various types of keys behave. |