我知道这个问题已经在其他帖子上被问过,但我找不到任何令人满意的答案。
我正在使用 Renci.SSH(C# 中的 SSH.NET 版本 2016.1.0)连接到 SFTP。我有一个使用 SSH key 和密码连接的 SFTP 服务器。
当我通过计算机上的 WinSCP 连接时,它运行良好。我想从我的 C# 代码中做同样的事情,但我得到:
Renci.SshNet.Common.SshAuthenticationException: 'Permission denied (password).'
我的 PPP 文件是由 PuTTYgen 生成的,看来 Renci.SSH 不支持 PuTTY 格式。实际上,按原样使用 ppk 文件,我得到:
Renci.SshNet.Common.SshException: 'Invalid private key file.'.
因此,我必须使用 PuTTY key 生成器转换将我的 .ppk 转换为 OpenSSH 格式 --> 使用 RSA 导出 OpenSSH key 。
下面是生成的 .ppk 文件的示例:
-----BEGIN RSA PRIVATE KEY-----
s8KrhoAE5MFNyd4P/zPmxBkOh3ZwIAXG7ns9srdNuFv0/UBu4tsRAoGBAMD0JIo1
808CfyBDkhpGXk8eQzIskFDA+HOpjDAmakHdHufCa5GEZXGnsFnKhy+2tD0HZVAW
rZFwpBiJezc4apAnh8ecgChvsZmCc9vTS2N+Da8MjptYFc0wJRExj1bUXbImIFA5
C7HtAoGBAOcNv6EJtzW80QN/0zFrBZ93vwI2BQ/G7A0tcdKRZZuOfoHs4R0vQ014
Vib+M5+D2V9qY91ZCRGrSXpHdi2CaMOqXnvnNHfNhPNAQBDkuq4qvVC+2dNS8o5+
s8KrhoAE5MFNyd4P/zPmxBkOh3ZwIAXG7ns9srdNuFv0/UBu4tsRAoGBAMD0JIo1
wFmOcvjya9upNZW28J6SCPtezddQcHUCysl0EDe8b+uA/Cn7+oFpSgUOraFJ3eAC
TIrccvWOXAjQN08SSoIpMjnIIRh00BCh6mVUJgAGpTPsveNGNwBqwgfHRuU/9gvH
b7XIKYXLV27a7vz+kXGeHmicXmKUuAf0e9FW5EEPtCkxWXOAeFyVjvGiIPaKXHF7
808CfyBDkhpGXk8eQzIskFDA+HOpjDAmakHdHufCa5GEZXGnsFnKhy+2tD0HZVAW
rZFwpBiJezc4apAnh8ecgChvsZmCc9vTS2N+Da8MjptYFc0wJRExj1bUXbImIFA5
C7HtAoGBAOcNv6EJtzW80QN/0zFrBZ93vwI2BQ/G7A0tcdKRZZuOfoHs4R0vQ014
Vib+M5+D2V9qY91ZCRGrSXpHdi2CaMOqXnvnNHfNhPNAQBDkuq4qvVC+2dNS8o5+
808CfyBDkhpGXk8eQzIskFDA+HOpjDAmakHdHufCa5GEZXGnsFnKhy+2tD0HZVAW
rZFwpBiJezc4apAnh8ecgChvsZmCc9vTS2N+Da8MjptYFc0wJRExj1bUXbImIFA5
C7HtAoGBAOcNv6EJtzW80QN/0zFrBZ93vwI2BQ/G7A0tcdKRZZuOfoHs4R0vQ014
Vib+M5+D2V9qY91ZCRGrSXpHdi2CaMOqXnvnNHfNhPNAQBDkuq4qvVC+2dNS8o5+
s8KrhoAE5MFNyd4P/zPmxBkOh3ZwIAXG7ns9srdNuFv0/UBu4tsRAoGBAMD0JIo1
wFmOcvjya9upNZW28J6SCPtezddQcHUCysl0EDe8b+uA/Cn7+oFpSgUOraFJ3eAC
TIrccvWOXAjQN08SSoIpMjnIIRh00BCh6mVUJgAGpTPsveNGNwBqwgfHRuU/9gvH
p6VRzmTNYJUaU/C/zJqdd2YFp18kcUzqdfptlIv20qoFmFKI4Z/Fiexep7pW8RZL
b7XIKYXLV27a7vz+kXGeHmicXmKUuAf0e9FW5EEPtCkxWXOAeFyVjvGiIPaKXHF7
808CfyBDkhpGXk8eQzIskFDA+HOpjDAmakHdHufCa5GEZXGnsFnKhy+2tD0HZVAW
rZFwpBiJezc4apAnh8ecgChvsZmCc9vTS2N+Da8MjptYFc0wJRExj1bUXbImIFA5
a6872Eh69Z3WkD8NGJZ1t/gApUxzdgGAckoRoS2Gz71gUuU=
-----END RSA PRIVATE KEY-----
然后我按如下方式连接到 SFTP 服务器:
private static void CreateSftpSession(FtpConnectionSettings settings, Action<IFtpSession> onSessionOpen)
{
var methods = new List<AuthenticationMethod>();
methods.Add(new PasswordAuthenticationMethod(settings.UserName, settings.UserPassword));
if (!string.IsNullOrEmpty(settings.PrivateKeyPath))
{
var keyFiles = new[] { new PrivateKeyFile(settings.PrivateKeyPath) };
methods.Add(new PrivateKeyAuthenticationMethod(settings.UserName, keyFiles));
}
var connectionInfo = new ConnectionInfo(settings.Host, settings.Port, settings.UserName, methods.ToArray());
using (SftpClient sftpClient = new SftpClient(connectionInfo))
{
SftpSession sftpSession = new SftpSession(sftpClient);
sftpClient.Connect();
onSessionOpen(sftpSession);
sftpClient.Disconnect();
}
}
调用
sftpClient.Connect() ,抛出异常。你觉得我做的有什么不对吗?
非常感谢你的帮助
下面是根据要求成功连接 WinSCP 的日志:
. 2019-12-10 14:54:45.922 -------------------------------------------------------------------------- . 2019-12-10 14:54:45.922 WinSCP Version 5.15.9 (Build 10071) (OS 10.0.17763 - Windows 10 Enterprise) . 2019-12-10 14:54:45.922 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\ . 2019-12-10 14:54:45.922 Log level: Normal . 2019-12-10 14:54:45.922 Local account: XXXX\xxx . 2019-12-10 14:54:45.922 Working directory: C:\Program Files (x86)\WinSCP . 2019-12-10 14:54:45.922 Process ID: 20716 . 2019-12-10 14:54:45.923 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" . 2019-12-10 14:54:45.923 Time zone: Current: GMT+1, Standard: GMT+1 (W. Europe Standard Time), DST: GMT+2 (W. Europe Daylight Time), DST Start: 3/31/2019, DST End: 10/27/2019 . 2019-12-10 14:54:45.923 Login time: Tuesday, December 10, 2019 2:54:45 PM . 2019-12-10 14:54:45.923 -------------------------------------------------------------------------- . 2019-12-10 14:54:45.923 Session name: my_ftp_user@my_ftp_host.com (Site) . 2019-12-10 14:54:45.923 Host name: my_ftp_host.com (Port: 6671) . 2019-12-10 14:54:45.924 User name: my_ftp_user (Password: Yes, Key file: Yes, Passphrase: No) . 2019-12-10 14:54:45.924 Tunnel: No . 2019-12-10 14:54:45.924 Transfer Protocol: SFTP (SCP) . 2019-12-10 14:54:45.924 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec . 2019-12-10 14:54:45.924 Disable Nagle: No . 2019-12-10 14:54:45.924 Proxy: None . 2019-12-10 14:54:45.924 Send buffer: 262144 . 2019-12-10 14:54:45.924 SSH protocol version: 2; Compression: No . 2019-12-10 14:54:45.924 Bypass authentication: No . 2019-12-10 14:54:45.924 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes . 2019-12-10 14:54:45.924 GSSAPI: Forwarding: No; Libs: gssapi32,sspi,custom; Custom: . 2019-12-10 14:54:45.924 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No . 2019-12-10 14:54:45.924 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1 . 2019-12-10 14:54:45.924 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto . 2019-12-10 14:54:45.924 Simple channel: Yes . 2019-12-10 14:54:45.924 Return code variable: Autodetect; Lookup user groups: Auto . 2019-12-10 14:54:45.924 Shell: default . 2019-12-10 14:54:45.924 EOL: LF, UTF: Auto . 2019-12-10 14:54:45.924 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No . 2019-12-10 14:54:45.924 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No . 2019-12-10 14:54:45.924 SFTP Bugs: Auto,Auto . 2019-12-10 14:54:45.924 SFTP Server: default . 2019-12-10 14:54:45.924 Local directory: \xxxx.xxx\xxx\RFs\xxx\Documents, Remote directory: /log, Update: Yes, Cache: Yes . 2019-12-10 14:54:45.924 Cache directory changes: Yes, Permanent: Yes . 2019-12-10 14:54:45.924 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2019-12-10 14:54:45.924 DST mode: Unix . 2019-12-10 14:54:45.924 -------------------------------------------------------------------------- . 2019-12-10 14:54:45.965 Looking up host "my_ftp_host.com" for SSH connection . 2019-12-10 14:54:45.999 Connecting to 64.209.89.13 port 6671 . 2019-12-10 14:54:46.103 We claim version: SSH-2.0-WinSCP_release_5.15.9 . 2019-12-10 14:54:46.206 Server version: SSH-2.0-SSHD . 2019-12-10 14:54:46.206 Using SSH protocol version 2 . 2019-12-10 14:54:46.206 Have a known host key of type rsa2 . 2019-12-10 14:54:46.206 Doing Diffie-Hellman group exchange . 2019-12-10 14:54:46.701 Doing Diffie-Hellman key exchange with hash SHA-256 . 2019-12-10 14:54:47.496 Host key fingerprint is: . 2019-12-10 14:54:47.496 ssh-rsa 2048 bc:37:d9:2a:15:93:3c:a6:a0:e9:88:5e:86:81:8d:43 mxhRidA9vIdsw+hmLZfFnLI/0BujM3kjJPrH5no9wGI= . 2019-12-10 14:54:47.503 Host key matches cached key . 2019-12-10 14:54:47.503 Initialised AES-256 SDCTR client->server encryption . 2019-12-10 14:54:47.503 Initialised HMAC-SHA1 client->server MAC algorithm . 2019-12-10 14:54:47.503 Initialised AES-256 SDCTR server->client encryption . 2019-12-10 14:54:47.503 Initialised HMAC-SHA1 server->client MAC algorithm . 2019-12-10 14:54:47.707 Reading key file "C:\Temp\AttribByStrategy\My_PrivateKey_wopp.ppk" . 2019-12-10 14:54:47.708 Pageant is running. Requesting keys. . 2019-12-10 14:54:47.708 Pageant has 0 SSH-2 keys . 2019-12-10 14:54:47.708 Configured key file not in Pageant ! 2019-12-10 14:54:47.708 Using username "my_ftp_user". . 2019-12-10 14:54:58.649 Server offered these authentication methods: password,publickey,keyboard-interactive . 2019-12-10 14:54:58.649 Offered public key . 2019-12-10 14:54:58.758 Offer of public key accepted ! 2019-12-10 14:54:58.758 Authenticating with public key "rsa-key-20140520" . 2019-12-10 14:54:58.878 Sent public key signature ! 2019-12-10 14:54:58.981 Further authentication required . 2019-12-10 14:54:59.007 Further authentication required . 2019-12-10 14:54:59.007 Server offered these authentication methods: password,keyboard-interactiveÀí½œt»Yªâ…©xоñs€ç‘ð¾€Ó . 2019-12-10 14:54:59.007 Attempting keyboard-interactive authentication . 2019-12-10 14:54:59.110 Prompt (keyboard interactive, "SSH server: Password Authentication", "Using keyboard-interactive authentication.", "Password: ") . 2019-12-10 14:54:59.110 Using stored password. . 2019-12-10 14:54:59.295 Access granted . 2019-12-10 14:54:59.295 Opening session as main channel . 2019-12-10 14:54:59.397 Opened main channel . 2019-12-10 14:54:59.641 Started a shell/command . 2019-12-10 14:54:59.668 -------------------------------------------------------------------------- . 2019-12-10 14:54:59.668 Using SFTP protocol. . 2019-12-10 14:54:59.668 Doing startup conversation with host.
2019-12-10 14:54:59.684 Type: SSH_FXP_INIT, Size: 5, Number: -1 < 2019-12-10 14:54:59.786 Type: SSH_FXP_VERSION, Size: 33, Number: -1 . 2019-12-10 14:54:59.786 SFTP version 3 negotiated. . 2019-12-10 14:54:59.786 Unknown server extension newline@vandyke.com="\n" . 2019-12-10 14:54:59.786 We believe the server has signed timestamps bug . 2019-12-10 14:54:59.786 We will use UTF-8 strings until server sends an invalid UTF-8 string as with SFTP version 3 and older UTF-8 strings are not mandatory . 2019-12-10 14:54:59.786 Changing directory to "/log". . 2019-12-10 14:54:59.786 Getting real path for '/log' 2019-12-10 14:54:59.786 Type: SSH_FXP_REALPATH, Size: 13, Number: 16 < 2019-12-10 14:54:59.897 Type: SSH_FXP_NAME, Size: 49, Number: 16 . 2019-12-10 14:54:59.897 Real path is '/log' . 2019-12-10 14:54:59.897 Trying to open directory "/log". 2019-12-10 14:54:59.897 Type: SSH_FXP_LSTAT, Size: 13, Number: 263 < 2019-12-10 14:55:00.003 Type: SSH_FXP_ATTRS, Size: 29, Number: 263 . 2019-12-10 14:55:00.004 Getting current directory name. . 2019-12-10 14:55:00.073 Listing directory "/log". 2019-12-10 14:55:00.073 Type: SSH_FXP_OPENDIR, Size: 13, Number: 523 < 2019-12-10 14:55:00.184 Type: SSH_FXP_HANDLE, Size: 10, Number: 523 2019-12-10 14:55:00.184 Type: SSH_FXP_READDIR, Size: 10, Number: 780 < 2019-12-10 14:55:00.286 Type: SSH_FXP_NAME, Size: 205, Number: 780 2019-12-10 14:55:00.286 Type: SSH_FXP_READDIR, Size: 10, Number: 1036 < 2019-12-10 14:55:00.388 Type: SSH_FXP_STATUS, Size: 17, Number: 1036 < 2019-12-10 14:55:00.388 Status code: 1 2019-12-10 14:55:00.388 Type: SSH_FXP_CLOSE, Size: 10, Number: 1284 . 2019-12-10 14:55:00.388 ..;d;0;2016-11-27T05:00:00.000Z;3;"2123" [2123];"2020" [2020];rwxr-xr-x;0 . 2019-12-10 14:55:00.436 Startup conversation with host finished.
最佳答案
如 WinSCP 日志文件中所示,您应该首先使用私钥进行身份验证,然后才使用密码:
2019-12-10 14:54:58.649 Server offered these authentication methods: password,publickey,keyboard-interactive
2019-12-10 14:54:58.649 Offered public key
2019-12-10 14:54:58.758 Offer of public key accepted
2019-12-10 14:54:58.758 Authenticating with public key "rsa-key-20140520"
2019-12-10 14:54:58.878 Sent public key signature
2019-12-10 14:54:59.007 Further authentication required
2019-12-10 14:54:59.007 Server offered these authentication methods: password,keyboard-interactive
2019-12-10 14:54:59.007 Attempting keyboard-interactive authentication
2019-12-10 14:54:59.110 Prompt (keyboard interactive, "SSH server: Password Authentication", "Using keyboard-interactive authentication.", "Password: ")
2019-12-10 14:54:59.110 Using stored password.
var methods = new List<AuthenticationMethod>();
if (!string.IsNullOrEmpty(settings.PrivateKeyPath))
{
var keyFiles = new[] { new PrivateKeyFile(settings.PrivateKeyPath) };
methods.Add(new PrivateKeyAuthenticationMethod(settings.UserName, keyFiles));
}
methods.Add(new PasswordAuthenticationMethod(settings.UserName, settings.UserPassword));
var connectionInfo =
new ConnectionInfo(settings.Host, settings.Port, settings.UserName, methods.ToArray());
using (SftpClient sftpClient = new SftpClient(connectionInfo))
{
// ...
}
另见 Authentication with PPK key in SSH.NET .
关于c# - 在 SSH.NET 中进行多因素身份验证( key 和密码)时获取 'Permission denied (password).',我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59254206/