WinSCP: Server refused key - But same key accepted from Putty?

winscp private-key

6,590

You’re not connecting to the same host. Putty connects to 134.60.51.57 while WinSCP connects to 134.60.51.55.

Furthermore, they really are different hosts as the SSH host key is different:

Putty: ssh-ed25519 256 2e:d6:11:b3:…
WinSCP: ssh-ed25519 256 a2:45:9b:45:…

6,590

Maxim Moloshenko

Physics student from the university of Ulm

Updated on September 18, 2022

Comments

Maxim Moloshenko almost 2 years

I try to connect to a server using WinSCP and I authenticate with a private key. This works fine if I use Putty, but the same key is refused when I try it with WinSCP.

The only thing I did, was to enter the server IP and the path to the key in both GUIs. [edit] The user name is "ubuntu", and by reading the key the server somehow knows who I am, and which virtual machine to connect me to. With putty I have to enter the user name, while with WinSCP I can either define it beforehand, or enter it (I tried both).

I am providing both programs the same path to the key, which is in the .ppk format.

Here is the log of WinSCP:

. 2017-05-17 14:31:16.592 --------------------------------------------------------------------------
. 2017-05-17 14:31:16.592 WinSCP Version 5.9.5 (Build 7441) (OS 10.0.14393 - Windows 10 Education)
. 2017-05-17 14:31:16.592 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2017-05-17 14:31:16.592 Log level: Normal
. 2017-05-17 14:31:16.592 Local account: DESKTOP-SJM9N7Q\Maxim Ott
. 2017-05-17 14:31:16.592 Working directory: C:\Program Files (x86)\WinSCP
. 2017-05-17 14:31:16.592 Process ID: 5464
. 2017-05-17 14:31:16.593 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" 
. 2017-05-17 14:31:16.593 Time zone: Current: GMT+2, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 26.03.2017, DST End: 29.10.2017
. 2017-05-17 14:31:16.593 Login time: Mittwoch, 17. Mai 2017 14:31:16
. 2017-05-17 14:31:16.593 --------------------------------------------------------------------------
. 2017-05-17 14:31:16.593 Session name: BWcloud (Site)
. 2017-05-17 14:31:16.593 Host name: 134.60.51.55 (Port: 22)
. 2017-05-17 14:31:16.593 User name: ubuntu (Password: No, Key file: Yes, Passphrase: No)
. 2017-05-17 14:31:16.593 Tunnel: No
. 2017-05-17 14:31:16.593 Transfer Protocol: SFTP (SCP)
. 2017-05-17 14:31:16.593 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2017-05-17 14:31:16.593 Disable Nagle: No
. 2017-05-17 14:31:16.593 Proxy: None
. 2017-05-17 14:31:16.593 Send buffer: 262144
. 2017-05-17 14:31:16.593 SSH protocol version: 2; Compression: No
. 2017-05-17 14:31:16.593 Bypass authentication: No
. 2017-05-17 14:31:16.593 Try agent: Yes; Agent forwarding: Yes; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2017-05-17 14:31:16.593 GSSAPI: Forwarding: Yes
. 2017-05-17 14:31:16.593 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2017-05-17 14:31:16.593 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2017-05-17 14:31:16.594 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2017-05-17 14:31:16.594 Simple channel: Yes
. 2017-05-17 14:31:16.594 Return code variable: Autodetect; Lookup user groups: Auto
. 2017-05-17 14:31:16.594 Shell: default
. 2017-05-17 14:31:16.594 EOL: LF, UTF: Auto
. 2017-05-17 14:31:16.594 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2017-05-17 14:31:16.594 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2017-05-17 14:31:16.594 SFTP Bugs: Auto,Auto
. 2017-05-17 14:31:16.594 SFTP Server: default
. 2017-05-17 14:31:16.594 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2017-05-17 14:31:16.594 Cache directory changes: Yes, Permanent: Yes
. 2017-05-17 14:31:16.594 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2017-05-17 14:31:16.594 DST mode: Unix
. 2017-05-17 14:31:16.594 --------------------------------------------------------------------------
. 2017-05-17 14:31:16.652 Looking up host "134.60.51.55" for SSH connection
. 2017-05-17 14:31:16.653 Connecting to 134.60.51.55 port 22
. 2017-05-17 14:31:16.654 We claim version: SSH-2.0-WinSCP_release_5.9.5
. 2017-05-17 14:31:16.705 Server version: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
. 2017-05-17 14:31:16.705 We believe remote version has SSH-2 channel request bug
. 2017-05-17 14:31:16.705 Using SSH protocol version 2
. 2017-05-17 14:31:16.706 Have a known host key of type ssh-ed25519
. 2017-05-17 14:31:16.706 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2017-05-17 14:31:17.141 Server also has ecdsa-sha2-nistp256/ssh-dss/ssh-rsa host keys, but we don't know any of them
. 2017-05-17 14:31:17.142 Host key fingerprint is:
. 2017-05-17 14:31:17.142 ssh-ed25519 256 a2:45:9b:45:ad:68:ea:8a:0b:05:11:ba:35:90:fe:05
. 2017-05-17 14:31:17.142 Verifying host key ssh-ed25519 0x6641e29b54243c7f e2e3014a0c1e45e7 b94017d3c85a3c01 8fdefc62d9b8f8a8 ,0x2255cb2a9d0411d5 36a6ac88c8c4c1ae 5915495f9c173e86 80f4da883f7c5ef6  with fingerprint ssh-ed25519 256 a2:45:9b:45:ad:68:ea:8a:0b:05:11:ba:35:90:fe:05
. 2017-05-17 14:31:17.163 Host key does not match cached key 0x62233d6170d863d8 a7a81e45359c7ec8 b69ad50d6f17e557 b2fe0dd00daa8a7,0x4b98045184945b41 d62f352537b498b4 f527fee1247b451c 22d3e75d00b98db6 
. 2017-05-17 14:31:17.163 Host key matches cached key
. 2017-05-17 14:31:17.163 Initialised AES-256 SDCTR client->server encryption
. 2017-05-17 14:31:17.163 Initialised HMAC-SHA-256 client->server MAC algorithm
. 2017-05-17 14:31:17.163 Initialised AES-256 SDCTR server->client encryption
. 2017-05-17 14:31:17.163 Initialised HMAC-SHA-256 server->client MAC algorithm
. 2017-05-17 14:31:17.201 Reading key file "C:\Program Files\PuTTY\bwcloud.ppk"
! 2017-05-17 14:31:17.201 Using username "ubuntu".
. 2017-05-17 14:31:17.219 Server offered these authentication methods: publickey
. 2017-05-17 14:31:17.219 Offered public key
! 2017-05-17 14:31:17.221 Server refused our key
. 2017-05-17 14:31:17.271 Server refused our key
. 2017-05-17 14:31:17.271 Server offered these authentication methods: publickey
. 2017-05-17 14:31:17.271 Disconnected: No supported authentication methods available (server sent: publickey)
* 2017-05-17 14:31:17.329 (EFatal) Disconnected: No supported authentication methods available (server sent: publickey)
* 2017-05-17 14:31:17.329 Anmeldungsprotokoll (Siehe Sitzungsprotokoll für Details):
* 2017-05-17 14:31:17.330 Verwende Benutzername "ubuntu".
* 2017-05-17 14:31:17.330 Der entfernte Rechner lehnte unseren Schlüssel ab.
* 2017-05-17 14:31:17.330 
* 2017-05-17 14:31:17.330 Anmeldung fehlgeschlagen.

[edit] Here is the Putty log file when I successfully log in:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2017.05.17 17:04:17 =~=~=~=~=~=~=~=~=~=~=~=
login as: ubuntu
Authenticating with public key "imported-openssh-key"
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-75-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

111 packages can be updated.
0 updates are security updates.


*** System restart required ***
Last login: Wed May 17 15:03:36 2017 from 134.60.66.119

]0;ubuntu@maxim: ~ubuntu@maxim:~$

This is what I see on the server. How do I tell which log file to access, also, how what should I be looking for?Screenshot of folder contents on the server

Here is the Putty Event Log:Event Log (I can't copy paste stuff out of it, sorry!)

I opened the auth.log and auth.log.1 files, but the times are shifted by two hours there. Nevertheless, I think nothing is saved here when I try to connect with WinSCP. Here are the last lines. I connected with putty, then tried a couple of times with WinSCP and then opened the log file again:

May 18 08:04:57 maxim sshd[27705]: Accepted publickey for ubuntu from 134.60.66.119 port 61014 ssh2: RSA SHA256:BKLucrkY+1+Gdk+Nxu4dB4YlyiF4Np22h/1wmmfkRm4
May 18 08:04:57 maxim sshd[27705]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
May 18 08:04:57 maxim systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
May 18 08:04:57 maxim systemd-logind[651]: New session 430 of user ubuntu.
May 18 08:05:01 maxim CRON[27791]: pam_unix(cron:session): session opened for user root by (uid=0)
May 18 08:05:01 maxim CRON[27791]: pam_unix(cron:session): session closed for user root
May 18 08:14:19 maxim sshd[27705]: pam_unix(sshd:session): session closed for user ubuntu
May 18 08:14:19 maxim systemd-logind[651]: Removed session 430.
May 18 08:15:01 maxim CRON[27824]: pam_unix(cron:session): session opened for user root by (uid=0)
May 18 08:15:01 maxim CRON[27824]: pam_unix(cron:session): session closed for user root
May 18 08:17:01 maxim CRON[27829]: pam_unix(cron:session): session opened for user root by (uid=0)
May 18 08:17:01 maxim CRON[27829]: pam_unix(cron:session): session closed for user root
May 18 08:23:50 maxim sshd[27839]: Accepted publickey for ubuntu from 134.60.66.119 port 63162 ssh2: RSA SHA256:BKLucrkY+1+Gdk+Nxu4dB4YlyiF4Np22h/1wmmfkRm4
May 18 08:23:50 maxim sshd[27839]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
May 18 08:23:50 maxim systemd-logind[651]: New session 434 of user ubuntu.
May 18 08:23:50 maxim systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
May 18 08:25:01 maxim CRON[27898]: pam_unix(cron:session): session opened for user root by (uid=0)
May 18 08:25:01 maxim CRON[27898]: pam_unix(cron:session): session closed for user root

Thanks a lot to everybody for the suggestions!

Any ideas what I should do next? I just want to be able upload some files :/

Maxim Moloshenko about 7 years

Exactly. I made some edits to provide more info, I hope the mystery is more clear now.
Maxim Moloshenko about 7 years

I can't believe it, I have no idea how that happened, but I copy pasted everything instead of typing. It works now, thanks a lot everyone and you especially!