Search code examples
chilkat

Authentication failed or partial success with ckosshtunnel and AuthenticatePk

I'm having an issue where I can connect via publickey to an ssh server via command line:

ssh -N -L 12345:127.0.0.1:22 -i /Users/kylehankinson/.ssh/id_rsa USER@HOST

But if I try the same thing via code:

CkoSshKey * sshkey = [[CkoSshKey alloc] init];
sshkey.Password = @"blahblah";

NSString * privateKeyString = [sshkey LoadText: @"/Users/kylehankinson/.ssh/id_rsa"];

if(![sshkey FromPuttyPrivateKey: privateKeyString])
{
    NSLog(@"Had failure: %@", sshkey.LastErrorText);
    return;
}

CkoSshTunnel *ssh = [[CkoSshTunnel alloc] init];
success = [ssh Connect: @"HOST" port: @(22)];
if (success != YES)
{
    NSLog(@"%@",ssh.LastErrorText);
    return;
}

success = [ssh AuthenticatePk: @"USER"
                   privateKey: sshkey];
if(!success)
{
    NSLog(@"%@",ssh.LastErrorXml);
    return;
}

I receive the following error:

<ChilkatLog>
  <AuthenticatePK>
    <DllDate>Apr 16 2019</DllDate>
    <ChilkatVersion>9.5.0.78</ChilkatVersion>
    <UnlockPrefix>xxxxxxx</UnlockPrefix>
    <Architecture>Little Endian; 64-bit</Architecture>
    <Language>Cocoa Objective-C</Language>
    <VerboseLogging>0</VerboseLogging>
    <login>sshtunnel</login>
    <sshAuthenticatePk>
      <keyFingerprint>ssh-rsa 2048 xxxxxxxxx</keyFingerprint>
      <requestUserAuthService>
        <sendServiceRequest>
          <svcName>ssh-userauth</svcName>
          <SentServiceReq>ssh-userauth</SentServiceReq>
        </sendServiceRequest>
        <info>ssh-userauth service accepted.</info>
      </requestUserAuthService>
      <info>Using an RSA key.</info>
      <info>Sent public-key request.</info>
      <AuthList>publickey,password</AuthList>
      <rsaSigLen>256</rsaSigLen>
      <info>Sent public-key request with signature.</info>
      <error>Authentication failed or partial success. (4)</error>
      <PartialSuccess4>0</PartialSuccess4>
      <AuthList>publickey,password</AuthList>
      <error>Publickey authentication failed..</error>
    </sshAuthenticatePk>
    <error>Failed.</error>
  </AuthenticatePK>
</ChilkatLog>

Any suggestions?

Solution

  • Thanks Kyle,

    Here's a new build that fixes the problem: https://chilkatdownload.com/prerelease/chilkat-9.5.0-macosx-objc-1408.zip

    The source of the problem had to do with the private key blob format in the OpenSSH key format. The order of parsing RSA key parts was not correct. (If the key was loaded from the PuTTY private key format, .ppk, then there was no problem..)

    PS> The above download link is temporary and will not be valid in the future..