www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: SSH public key authentication failed: Callback returned error

SSH public key authentication failed: Callback returned error

From: EHLERS ERIC <eric.ehlers_at_esternibisp.com>
Date: Fri, 21 Jun 2013 11:02:47 +0000

Hello,

I am trying to do an SFTP GET under Windows using curl and libssh2. The
command fails with:

    SSH public key authentication failed: Callback returned error

I would be grateful for any assistance in fixing the problem.

I have myself compiled from source the packages openssl-1.0.1e, libssh2-1.4.3,
and curl-7.30.0. The curl binary works for other operations, e.g. HTTP GET,
just not for SFTP.

I am able to execute the SFTP GET successfully using other tools. So I know
that my local private keyfile is good, and that the public keyfile is set up
correctly on the remote server.

In order to generate the public keyfile that ssh2 requires locally, I copied
the private keyfile to linux, and ran the following command:

    ssh-keygen -y -f id_rsa > id_rsa.pub

Then I copied the public keyfile back to the Windows machine.

Below are the commands that I used to attempt the SFTP, and the output. Thanks
in advance for any help you can provide.

Kind Regards,
Eric

curl.exe -version

curl 7.30.0 (i386-pc-win32) libcurl/7.30.0 OpenSSL/1.0.1e libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp s
ftp smtp smtps telnet tftp
Features: AsynchDNS Largefile NTLM SSL

curl.exe -vv --insecure --proxy xxxxx.com:8080
--proxy-user xxxxx\xxxxxxx:xxxxxxxx --proxy-ntlm --proxytunnel --user xxxxxxx:
--key id_rsa --pubkey id_rsa.pub --pass xxxxxxxx sftp://999.999.999.9:9999/path/to/file

* Adding handle: conn: 0xa63850
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0xa63850) send_pipe: 1, recv_pipe: 0
* About to connect() to proxy xxxxx.com port 8080 (#0)
* Trying 99.999.999.99...
* Connected to xxxxx.com (99.999.999.99) port 8080 (#0)
* Establish HTTP proxy tunnel to 999.999.999.9:9999
* Proxy auth using NTLM with user 'xxxxx\xxxxxxx'
* Server auth using Basic with user 'xxxxxxx'
> CONNECT 999.999.999.9:9999 HTTP/1.1
> Host: 999.999.999.9:9999
> Proxy-Authorization: NTLM xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
> User-Agent: curl/7.30.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 407 authenticationrequired
< Content-Type: text/html
< Cache-Control: no-cache
< Content-Length: 1086
< Proxy-Connection: Keep-Alive
< Proxy-Authenticate: NTLM xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxx
<
* Ignore 1086 bytes of response-body
* TUNNEL_STATE switched to: 0
* Establish HTTP proxy tunnel to 999.999.999.9:9999
* Proxy auth using NTLM with user 'xxxxx\xxxxxxx'
* Server auth using Basic with user 'xxxxxxx'
> CONNECT 999.999.999.9:9999 HTTP/1.1
> Host: 999.999.999.9:9999
> Proxy-Authorization: NTLM xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
> User-Agent: curl/7.30.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 Connection established
<
* Proxy replied OK to CONNECT request
* SSH MD5 fingerprint: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* SSH authentication methods available: publickey
* Using ssh public key file id_rsa.pub
* Using ssh private key file id_rsa
* SSH public key authentication failed: Callback returned error
* Failure connecting to agent
* Authentication failure
* Closing connection 0
curl: (67) Authentication failure

Prima di stampare, pensa all'ambiente ** Think about the environment before printing

________________________________

Il presente messaggio, inclusi gli eventuali allegati, ha natura aziendale e potrebbe contenere informazioni confidenziali e/o riservate. Chiunque lo ricevesse per errore, ? pregato di avvisare tempestivamente il mittente e di cancellarlo.
E' strettamente vietata qualsiasi forma di utilizzo, riproduzione o diffusione non autorizzata del contenuto di questo messaggio o di parte di esso.
Pur essendo state assunte le dovute precauzioni per ridurre al minimo il rischio di trasmissione di virus, si suggerisce di effettuare gli opportuni controlli sui documenti allegati al presente messaggio. Non si assume alcuna responsabilit? per eventuali danni o perdite derivanti dalla presenza di virus.

Per lo svolgimento delle attivit? di investimento nel Regno Unito, la societ? ? autorizzata da Banca d'Italia ed ? soggetta alla vigilanza limitata della Financial Services Authority. Maggiori informazioni in merito ai poteri di vigilanza della Financial Services Authority sono a disposizione previa richiesta..

Nel Regno Unito Intesa Sanpaolo S.p.A. opera attraverso la filiale di Londra, sita in 90 Queen Street, London EC4N 1SA, registrata in Inghilterra & Galles sotto No.FC016201, Branch No.BR000036

In osservanza dei requisito imposti dal Internal Revenue Service (Agenzia delle Entrate degli Stati Uniti), qualunque discussione relativa a temi di natura fiscale contenuta in questo messaggio o nei suoi allegati non e' intesa ne' e' stata scritta per essere utilizzata, ne' puo' essere utilizata per (i) evitare l'imposizione di gravami fiscali secondo il codice tributario vigente negli Stati Uniti o (ii) per promuovere, sollecitare o raccomandare una operazione finanziaria o altra transazione indirizzata ad un altro destinatario.

***

________________________________

This email (including any attachment) is a corporate message and may contain confidential and/or privileged and/or proprietary information. If you have received this email in error, please notify the sender immediately, do not use or share it and destroy this email. Any unauthorised use, copying or disclosure of the material in this email or of parts hereof (including reliance thereon) is strictly forbidden.
We have taken precautions to minimize the risk of transmitting software viruses but nevertheless advise you to carry out your own virus checks on any attachment of this message. We accept no liability for loss or damage caused by software viruses.

For the conduct of investment business in the UK, the Company is authorised by Banca d'Italia and subject to limited regulation in the UK by the Financial Services Authority. Details about the extent of our regulation by the Financial Services Authority are available from us on request.

In the UK Intesa Sanpaolo S.p.A. operates through its London Branch, located at 90 Queen Street, London EC4N 1SA. Registered in England & Wales under No.FC016201, Branch No.BR000036

To comply with requirements imposed by the IRS, we inform you that any discussion of U.S. federal tax issues contained herein (including any attachments) was not intended or written to be used, and cannot be used by you, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending any transaction or matter addressed herein to another party.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2013-06-21

the libssh2 team