How can we connect to an SFTP server from a Windows machine to a Linux SFTP server using a DSA key?

windows linux ssh sftp
10,346

Solution 1

Is there a difference between how SFTP works between Windows and Linux?

No. The only difference is key storage formats used by various programs. Most Linux systems run OpenSSH as the SSH/SFTP server, and your third party is requesting an OpenSSH-compatible public key.

  • CoreFTP stores private keys in the OpenSSH format, and public keys in a similar to OpenSSH.

    You can use PuTTYgen or ssh-keygen -yf to extract the public key, as the "private" file always contains the entire keypair.

    Or you can simply add "ssh-dss" before the CoreFTP public key data to make it OpenSSH-compatible. Example:

    ssh-dss AAAAB3NzaC1kc3M...

    (Why does CoreFTP forget the header? It could be that the developers deemed it unnecessary, as the Base64-encoded data already has ssh-dss in the beginning. And besides, who would ever need compatibility with the most popular SFTP software?)

  • PuTTY uses its own "PPK" key format.

    When you open the key in PuTTYgen (or generate a fresh one), the OpenSSH public key is displayed in the big box at the top.

    The private key can be exported to OpenSSH format through the menus.

  • WinSCP does not have a key generation program. It bundles PuTTYgen from PuTTY.

For completeness:

  • OpenSSH (ssh, ssh-keygen) stores private keys in "PEM" format used by OpenSSL, and public keys in its own single-line format. (As mentioned above, the "private" key file contains both private and public keys.)

They told me that a valid DSA key needs to have [...] the username@systemname at the end.

[...] If I put a useraccount@systemname at the end of the text will it work? How would the Linux system validate that my system is called "systemname"? If it can't validate, what is the purpose of adding it?

The username@systemname part is a comment used for key identification (for example, when you have 10 keys in authorized_keys), but is entirely ignored by software.

OpenSSH public keys without a comment are perfectly valid.

Solution 2

You need to provide the public part of your key pair in a format that the third party's SFTP server can recognise - and in this case, it looks like they want the openssh format.

I'm no expert on the format of CoreFTP Lite dsa keys, but from some random google hits, it looks like you can use PuttyGen to open the key generated by CoreFTP, then export it as an OpenSSH public key.

Share:
10,346
Zesty
Author by

Zesty

Updated on September 18, 2022

Comments

  • Zesty
    Zesty over 1 year

    As a Windows user, I generated a pair of DSA keys from CoreFTP Lite and sent it to a third party that runs an SFTP server.

    They told me that a valid DSA key needs to have ssh-dsa at the start and the username@systemname at the end.

    CoreFTP generated neither the ssh-dsa header nor the username@systemname footer. I tried with WinSCP and it didn't generate them either.

    Is there a difference between how SFTP works between Windows and Linux?

    If I put a useraccount@systemname at the end of the text will it work? How would the Linux system validate that my system is called "systemname"? If it can't validate, what is the purpose of adding it?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to check if file exists in remote SFTP server from local Linux script?
Command to copy client public key to Windows OpenSSH SFTP/SSH server authorized keys file
Rename file while using SFTP to append date
SFTP failing with "Match Group" clause
scp stuck when trying to copy files from Linux to windows
Permission denied (publickey,password,keyboard-interactive) error
How can I set up remote capturing in Wireshark, capturing from a CentOS server on my Windows laptop?
How do I copy files from a Unix server to a Windows client with SSH?
RDP a Windows Box from over a SSH tunnel to a Linux box
Can't sftp into server Permission denied, please try again