Join Log in
Score:0
LosmiNCL avatar Server

WinSCP can't authenticate to my server using public key

in flag
LosmiNCL

I need to be able to upload files to my server on a VM instance on Google Cloud. I was following this tutorial: https://www.youtube.com/watch?v=o_OQEydt3MI

  • I've generated key via PuTTY key generator
  • Key Comment: I've entered my Gmail address that I use to log in into Cloud console (without ...@gmail part, just like in tutorial)
  • I've inserted my key passphrase
  • In the instance details I've pasted my SSH key
  • In WinSCP Advanced settings I configured just like in the tutorial (I provided my public key file) I still can't connect to my server. I'm getting an error: "No supported authentication methods available (server sent: publickey, gssapi-keyhex, gssapi-with-mic)".

Am I missing something? Maybe some firewall configurations? Should I install something for SCP on Centos7?

WinSCP log:

. 2022-01-21 22:43:51.941 Session name: root@serverIP (Site)
. 2022-01-21 22:43:51.941 Host name: serverIp (Port: 22)
. 2022-01-21 22:43:51.941 User name: myGmail (Password: No, Key file: Yes, Passphrase: No)
. 2022-01-21 22:43:51.941 Tunnel: No
. 2022-01-21 22:43:51.941 Transfer Protocol: SFTP
. 2022-01-21 22:43:51.941 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2022-01-21 22:43:51.941 Disable Nagle: No
. 2022-01-21 22:43:51.941 Proxy: None
. 2022-01-21 22:43:51.941 Send buffer: 262144
. 2022-01-21 22:43:51.941 SSH protocol version: 2; Compression: No
. 2022-01-21 22:43:51.941 Bypass authentication: No
. 2022-01-21 22:43:51.941 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2022-01-21 22:43:51.941 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom: 
. 2022-01-21 22:43:51.941 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2022-01-21 22:43:51.941 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2022-01-21 22:43:51.941 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2022-01-21 22:43:51.941 Simple channel: Yes
. 2022-01-21 22:43:51.941 Return code variable: Autodetect; Lookup user groups: Auto
. 2022-01-21 22:43:51.941 Shell: default
. 2022-01-21 22:43:51.941 EOL: LF, UTF: Auto
. 2022-01-21 22:43:51.941 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2022-01-21 22:43:51.941 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2022-01-21 22:43:51.941 SFTP Bugs: Auto,Auto
. 2022-01-21 22:43:51.941 SFTP Server: su -c /usr/libexec/openssh/sftp-server
. 2022-01-21 22:43:51.941 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2022-01-21 22:43:51.941 Cache directory changes: Yes, Permanent: Yes
. 2022-01-21 22:43:51.941 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2022-01-21 22:43:51.941 DST mode: Unix
. 2022-01-21 22:43:51.941 ---------------------------------------------
. 2022-01-21 22:43:51.963 Looking up host "serverIp" for SSH connection
. 2022-01-21 22:43:51.963 Connecting to (serverIp) port 22
. 2022-01-21 22:43:52.015 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.015 We claim version: SSH-2.0-WinSCP_release_5.19.4
. 2022-01-21 22:43:52.015 Detected network event
. 2022-01-21 22:43:52.059 Detected network event
. 2022-01-21 22:43:52.059 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.059 Remote version: SSH-2.0-OpenSSH_7.4
. 2022-01-21 22:43:52.059 Using SSH protocol version 2
. 2022-01-21 22:43:52.060 Have a known host key of type ssh-ed25519
. 2022-01-21 22:43:52.103 Detected network event
. 2022-01-21 22:43:52.103 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.103 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2022-01-21 22:43:52.156 Detected network event
. 2022-01-21 22:43:52.156 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.192 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
. 2022-01-21 22:43:52.192 Host key fingerprint is:
. 2022-01-21 22:43:52.192 ssh-ed25519 255 (I censored)
. 2022-01-21 22:43:52.192 Verifying host key ssh-ed25519 (I've censored)  with fingerprints ssh-ed25519 255 (I've censored)
. 2022-01-21 22:43:52.204 Host key matches cached key
. 2022-01-21 22:43:52.204 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2022-01-21 22:43:52.204 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2022-01-21 22:43:52.204 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2022-01-21 22:43:52.204 Initialised HMAC-SHA-256 inbound MAC algorithm
. 2022-01-21 22:43:52.248 Detected network event
. 2022-01-21 22:43:52.248 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.248 Reading key file "C:\myPath\public_key_my_key.ppk"
. 2022-01-21 22:43:52.248 Key file contains public key only
! 2022-01-21 22:43:52.248 Using username "myGmail".
. 2022-01-21 22:43:52.429 Detected network event
. 2022-01-21 22:43:52.429 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.429 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic
. 2022-01-21 22:43:52.429 Using SSPI from SECUR32.DLL
. 2022-01-21 22:43:52.429 Trying gssapi-with-mic...
. 2022-01-21 22:43:52.429 Attempting GSSAPI authentication
. 2022-01-21 22:43:52.474 Detected network event
. 2022-01-21 22:43:52.474 Waiting for the server to continue with the initialization
. 2022-01-21 22:43:52.474 GSSAPI authentication request refused
. 2022-01-21 22:43:52.474 Server offered these authentication methods: publickey,gssapi-keyex,gssapi-with-mic
. 2022-01-21 22:43:52.474 No supported authentication methods available (server sent: publickey,gssapi-keyex,gssapi-with-mic)
. 2022-01-21 22:43:52.474 Attempt to close connection due to fatal exception:
* 2022-01-21 22:43:52.474 No supported authentication methods available (server sent: publickey,gssapi-keyex,gssapi-with-mic)
. 2022-01-21 22:43:52.474 Closing connection.
* 2022-01-21 22:43:52.533 (EFatal) No supported authentication methods available (server sent: publickey,gssapi-keyex,gssapi-with-mic)
* 2022-01-21 22:43:52.533 Authentication log (see session log for details):
* 2022-01-21 22:43:52.533 Using username "myGmail".
* 2022-01-21 22:43:52.533 
* 2022-01-21 22:43:52.533 Authentication failed.
684
0 + 0
ssh
another victim of the mouse avatar
cf flag
another victim of the mouse
`. 2022-01-21 22:43:52.248 Key file contains public key only` You'll need to add your private key to the key file. https://winscp.net/eng/docs/ssh_keys
3
Reply
Score:1
avatar Server
so flag
Martin Prikryl

You cannot authenticate with public key file. You have to use the private key file.

Indeed, WinSCP accepts even public key file in the settings. But that's only ever useful as a way to tell it, what specific private key to load from Pageant (in case you have multiple keys loaded into the Pageant). If you are not using Pageant, then public key is useless for the authentication.

See https://winscp.net/eng/docs/ui_login_authentication#private_key

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.