Add certificate login via SFTP - RESOLVED!
Add certificate login via SFTP - RESOLVED!
SFTP source is a great addition to Neutron. I've manager to making it work with a SFTP server in OpenWRT. But its would be safer to use certificates rather than passwords. Is this a possibility in Neutron?
SOLUTION:
After some tries and a very precious and fast response from the developer (thank you once again), I've managed to make keys and put them to work in about 10 minutes. I'll try to help those with Windows 10 (such as myself), and in my particular case, a OpenWRT router running Dropbear.
First, and after making sure Dropbear is working properly at accepting SSH connections with a user account created in it (don't EVER use root to login with SSH from the internet!!!), that I tried first using login+password, then it's time to create keys for the connection.
Don't use Putty to create keys! If you search for SSH and Windows, there will be a lot of sites telling to use Putty. Just DON'T!! Putty keys are not compatible with OpenSSH.
Install OpenSSH server in windows 10. For that, go to Settings > Apps > Apps and Features > Manage Optional Features. Click Add a Feature, then search for OpenSSH Server.
After installed, its ready to work. Use Windows Powershell or Command Prompt to create the keys. For a minimum security key, you can just type "ssh-keygen". It'll create a RSA 2048 bit key. It'll ask for a name for the keys. Use whatever you want. They'll be created in C:\Windows\users\"user account name". I chose to create a more secure public+private key combination by typing "ssh-keygen -t rsa -b 4096".
The file with no extension is the private key. The one with .pub extension, is the public key.
After this, you'll have to add the public key inside the users home folder (I'm refering to OpenWRT), which is located in /home/"user_name"/.ssh, in a file called "authorized_keys". This file has to have the permissions 0600 and the owner being the user name, and the folder .ssh has to have the same owner and 0700 permissions. After that, restart the router, or only the Dropbear service.
When the server is up and running, you have to use some kind of file explorer in Android to open the private key file, copy ALL of the contents (just select all - copy) and paste them on the Neutron corresponding field. Do the same with the public key file (.pub), pasting in the correct field in Neutron. And that's it! Simple and much safer than using user+password.
Hope this will help a lot of users.
SOLUTION:
After some tries and a very precious and fast response from the developer (thank you once again), I've managed to make keys and put them to work in about 10 minutes. I'll try to help those with Windows 10 (such as myself), and in my particular case, a OpenWRT router running Dropbear.
First, and after making sure Dropbear is working properly at accepting SSH connections with a user account created in it (don't EVER use root to login with SSH from the internet!!!), that I tried first using login+password, then it's time to create keys for the connection.
Don't use Putty to create keys! If you search for SSH and Windows, there will be a lot of sites telling to use Putty. Just DON'T!! Putty keys are not compatible with OpenSSH.
Install OpenSSH server in windows 10. For that, go to Settings > Apps > Apps and Features > Manage Optional Features. Click Add a Feature, then search for OpenSSH Server.
After installed, its ready to work. Use Windows Powershell or Command Prompt to create the keys. For a minimum security key, you can just type "ssh-keygen". It'll create a RSA 2048 bit key. It'll ask for a name for the keys. Use whatever you want. They'll be created in C:\Windows\users\"user account name". I chose to create a more secure public+private key combination by typing "ssh-keygen -t rsa -b 4096".
The file with no extension is the private key. The one with .pub extension, is the public key.
After this, you'll have to add the public key inside the users home folder (I'm refering to OpenWRT), which is located in /home/"user_name"/.ssh, in a file called "authorized_keys". This file has to have the permissions 0600 and the owner being the user name, and the folder .ssh has to have the same owner and 0700 permissions. After that, restart the router, or only the Dropbear service.
When the server is up and running, you have to use some kind of file explorer in Android to open the private key file, copy ALL of the contents (just select all - copy) and paste them on the Neutron corresponding field. Do the same with the public key file (.pub), pasting in the correct field in Neutron. And that's it! Simple and much safer than using user+password.
Hope this will help a lot of users.
Last edited by jorgemvo on Wed May 27, 2020 11:03 pm, edited 2 times in total.
Can't login to SFTP with private key
I've already setup my server (Dropbear in OpenWRT) to be able to login with RSA keys. I manage to login from my windows PC with Putty and WINSCP using the keys I've made. But not with Neutron... What part am I supposed to copy from the private and public keys? Everything including from public:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-*****"
AAAA******
---- END SSH2 PUBLIC KEY ----
and from private:
-----BEGIN OPENSSH PRIVATE KEY-----
b3Bl***********
*********
CAkKCw==
-----END OPENSSH PRIVATE KEY-----
Or only the main part of the key? I tried multiple combinations, but so far it won't login.
EDIT: From what I can see on my server logs, it's only trying to login via password, not SSH keys. Even though I have password login disabled on my server.
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-*****"
AAAA******
---- END SSH2 PUBLIC KEY ----
and from private:
-----BEGIN OPENSSH PRIVATE KEY-----
b3Bl***********
*********
CAkKCw==
-----END OPENSSH PRIVATE KEY-----
Or only the main part of the key? I tried multiple combinations, but so far it won't login.
EDIT: From what I can see on my server logs, it's only trying to login via password, not SSH keys. Even though I have password login disabled on my server.
Re: Can't login to SFTP with private key
Generally if you want somebody to allow you to access their server you give them your public key ( that's why it's called public so that you can give it away ). You keep your private key to yourself. So I would think you'll have to give your public key to the server and the private key to Neutron ( never did this myself - does it ask ? for what ? file or key value ? ). What to give Neutron if it asks not for a file but for the key value ? I'd try the key itself without the comments.
Re: Can't login to SFTP with private key
From what I see on the user interface Neutron doesn't ask for keys but password :
Found this on some forum, but that's perhaps specific for that client
Found this on some forum, but that's perhaps specific for that client
So you could try without userid and password if you've successfully set up keys, if Neutron behaves as a shell would do then it shouldn't need userid and password if a key pair has been set up.sftp is used either with entering password etc. manually or passwordless via key exchange.
[...]
Set up public keys which have been generated without entering a passphrase using ssh-keygen and try again.
Re: Can't login to SFTP with private key
I just browsed a bit with regard to ssh. I would seem that every client has its own rules regarding location and name of ssh key files. So if Neutron doesn't ask for a key or its location I don't see where it would get one from. So perhaps Neutron doesn't work with keys and only relies on userid and password.
Re: Can't login to SFTP with private key
asked the developer :
does Neutron support the use of SSH keys ? It only asks for userid and password. If it does support keys, how to give them to Neutron, where to store and how to name the key files ?
Re: Can't login to SFTP with private key
ok, tried with the new version ... and there it is
I suggest you try to enter the contents of the private key into the private key area, using the key pair whose public key is used by the server.
I suggest you try to enter the contents of the private key into the private key area, using the key pair whose public key is used by the server.
Re: Can't login to SFTP with private key
I've done all of this several times. Pasted several different formats of the keys (Putty, OpenSSH, ssh.com), and none of those work. The issue is not with my server, because I connect just fine with keys using Putty, WinSCP and even an Android APP (Solid Explorer).
When I check my Server logs (Dropbear on a OpenWRT router), it says if I log in via user+password or user+key. Using all the other programs, it logs as user+keys. But with Neutron, even if I don't use a password, only with user+key, my server will log as an user+password atempt, as if neutron didn't even try to user the keys...
Other thing is that with all of the other software, I only need to provide my private key to login. I don't understand why with Neutron it asks for both the private and the public key...
When I check my Server logs (Dropbear on a OpenWRT router), it says if I log in via user+password or user+key. Using all the other programs, it logs as user+keys. But with Neutron, even if I don't use a password, only with user+key, my server will log as an user+password atempt, as if neutron didn't even try to user the keys...
Other thing is that with all of the other software, I only need to provide my private key to login. I don't understand why with Neutron it asks for both the private and the public key...
Re: Can't login to SFTP with private key
The developer wrote
I suggest you contact neutronmp@gmail.com . Perhaps you can prepare a key-pair for that purpose and send it together with screenshots, so that the developer can test with your keys.
Yes, the public key is used to allow you access on the server side, you won't need that on client side.just copy-paste contents of key-files to that areas and it should work.
I suggest you contact neutronmp@gmail.com . Perhaps you can prepare a key-pair for that purpose and send it together with screenshots, so that the developer can test with your keys.
Re: Can't login to SFTP with private key
Thanks for your suggestion, I've just sent him an e-mail. Hope there will be a solution, because on top the SFTP connection being much faster for me than FTP (FTP takes about 6 hours to scan through my library vs 3/4 hours with SFTP), it's also much safer.blaubär wrote: ↑Tue May 26, 2020 3:38 pmThe developer wroteYes, the public key is used to allow you access on the server side, you won't need that on client side.just copy-paste contents of key-files to that areas and it should work.
I suggest you contact neutronmp@gmail.com . Perhaps you can prepare a key-pair for that purpose and send it together with screenshots, so that the developer can test with your keys.
Who is online
Users browsing this forum: No registered users and 50 guests