sFtp Client Part 2 : Auth Banner returned?

polaris · · 28 次点击    
<p>Hi all!</p> <p>It is my second post in my sftp saga.</p> <p>I have a .bat tools that connect to a sftp via WinSCP with a putty private key.</p> <p>I&#39;m trying to reproduce the same thing with Golang and SSH.</p> <p>So I converted the putty privatekey in SSH and used Crypto ssh package to connect to the stp.</p> <p>I&#39;m getting stuck at the authentification. The package goes all the way to checking Auth method, and start with the none auth method.</p> <p>When he try to auth with none, he get a type 53 return : UserAuthBanner.</p> <p>But nothing happen in that part of the code : </p> <pre><code>switch packet[0] { case msgUserAuthBanner: // TODO: add callback to present the banner to the user </code></pre> <p>Why do I get that value back? </p> <p>Thank you!!</p> <hr/>**评论:**<br/><br/>aboukirev: <pre><p>I have yet to dive into this myself (I want to run a remote command to dump database and download the dump for practice) but have not done anything thus far. I&#39;ve found <a href="http://blog.ralch.com/tutorial/golang-ssh-connection/" rel="nofollow">http://blog.ralch.com/tutorial/golang-ssh-connection/</a> article very useful as well as <a href="https://stackoverflow.com/questions/38242598/golang-scp-file-using-crypto-ssh" rel="nofollow">https://stackoverflow.com/questions/38242598/golang-scp-file-using-crypto-ssh</a></p></pre>Kardiamond: <pre><p>Ahaha that is exactly what I&#39;m using, the first link.</p> <p>I&#39;m using his code, and I get stuck because the target server seems to return a &#34;banner&#34; and I have no idea what it is.</p></pre>aboukirev: <pre><p>Technically, you can just ignore it and return from processing the message (proceed to next step). That&#39;s according to RFC. Presenting it to user is optional.</p></pre>Kardiamond: <pre><p>what I found out is, when trying to authentificate, it get a return banner, but it should also receive a lsit of remaining authentification methods to try, but I don&#39;t.</p> <p>I can&#39;t get to publickey (my auth type) authentification because before this I get a banner and no return auth type.</p></pre>aboukirev: <pre><p>Are you following instructions from &#34;SSH certificate file&#34; section of the article and pass the respective config. Looks like maybe SSH server does not recognize what type of authentication you are trying to use. Using proper config should result into sending SSH_MSG_USERAUTH_REQUEST (<a href="http://www.faqs.org/rfcs/rfc4252.html" rel="nofollow">http://www.faqs.org/rfcs/rfc4252.html</a>) with &#34;publickey&#34; and TRUE, I believe. </p> <p>Ahh, and also if you are using the latest RC of <code>go</code>, you may need to set</p> <p>HostKeyCallback: ssh.InsecureIgnoreHostKey()</p> <p>in ClientConfig.</p></pre>Kardiamond: <pre><p>Yep I had to add the insecureignorehostkey thing.</p> <p>The only thing that I differ, is that I had to add </p> <pre><code>sshConfig.Ciphers = append(sshConfig.Ciphers, &#34;aes128-cbc&#34;) </code></pre> <p>Because my sftp server only have cbc ciphers.</p></pre>Kardiamond: <pre><p>So I got it to bypass the banner, and now I think my publickey isnt working. I will check what is happening with it. Thanks for helping me! :)</p></pre>aboukirev: <pre><p>I quickly put a Go application together to test it and got everything working. I am on Windows but I do use MSYS2. So I launched <code>bash</code> , used <code>ssh-keygen</code>, copied public key to Debian server I am running and put it where it belongs (added to authorized_keys). I did not configure a banner on my SSH server but the keys are working. I can run commands on the server. I think using <code>ssh</code> from MSYS2 helped generating proper keys.</p></pre>
28 次点击  
加入收藏 微博
0 回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet