Search code examples
gitbashsftpmsysgit

Git bash on Windows - sftp not supported

I would like to use GIT Bash to upload files on server. I am using msysgit for Windows.

FTP upload is ok, but sftp not working.

git ftp init --verbose

gives me error: sftp not supported or disabled in libcurl

I was trying to install libssh2 to Cygwin with this reference http://docs.oracle.com/cd/E24628_01/install.121/e22624/preinstall_req_cygwin_ssh.htm#EMBSC150

But error still ocured. I don't know if I must install something directly to GIT Bash or what can I do else?

Thank you for any advices.

Edit: I updated msysgit and other software, now I just don't know how to get certificate from the server. From WinSCP I use only accept fingerprint and that was it.

curl -v --insecure sftp://user:password@xxx.com

  • SSH authentication methods available: publickey,password
  • Using SSH public key file '(nil)'
  • Using SSH private key file 'C:\Users\xxx/.ssh/id_rsa'
  • SSH public key authentication failed: Username/PublicKey combination invalid

curl: (67) Authentication failure

I saw here https://github.com/git-ftp/git-ftp/issues/124 that I can use another key instead of my default. But I don't know how to get that key from server.

Solution

  • Make sure you are not using git with Cygwin or the old and obsolete msysgit 1.9.x version.

    With the new git for windows, sftp should be supported:

    C:\Users\vonc\prog\seec>c:\prgs\git\PortableGit-2.6.1-64-bit\usr\bin\curl.exe -V
curl 7.44.0 (x86_64-pc-msys) libcurl/7.44.0 OpenSSL/1.0.2d zlib/1.2.8 libidn/1.32 libssh2/1.6.0
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: Debug IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets Metalink

    This project which needs sftp requires only user and password without any certificate file

    True, no need for an ssl certificate with sftp, simply make there is no key in 'C:\Users\xxx/.ssh/id_rsa(.pub)'

    From WinSCP I use only accept fingerprint and that was it.

    That could be the issue: the known_host must have the remote server fingerprint. See for instance my script or this blog post:

    To get a look at the server’s public key fingerprint before attempting a connection, one can utilize the ssh-keyscan program

    ssh-keyscan -t ecdsa host.example.org > tmp
ssh-keygen -lf tmp 
256 03:ed:6d:1f:ff:56:9d:5f:f3:65:20:b5:ad:55:55:87 host.example.org (ECDSA)

    Here the -t is for type of key to be scanned (which can be rsa1 for protocol version 1, dsa, ecdsa, ed25519, or rsa for protocol version 2).
    The output is redirected to a temporary file named tmp, then the file is checked with the ssh-keygen program.

    Once client has verified the fingerprint, it will store a copy of the server’s public key in $HOME/.ssh/known_hosts and will check the stored key on subsequent connections to that host.
    If the server has changed its keys, or another machine is attempting to spoof the real server, the client will notice and will not allow connections to that host.