Version: (using KDE 4.3.1) OS: Linux Installed from: SuSE RPMs Using OpenSUSE 11.2 Factory packages, so version numbers are a bit wonky. I use a passwordless public key to log into an SSH server, but since some versions prior to (and including) kdebase4-runtime 4.3.1-140.2 kio_sftp has been insisting that I give the traditional username and password instead. Logging in with the key works on the console (OpenSSH) and via kio_fish. I have also filed an OpenSUSE bug at https://bugzilla.novell.com/show_bug.cgi?id=540488 in case this is actually a downstream issue.
Thanks for taking the time to report a bug. I need more information to understand the problem. You have to be more precise. You should always try to describe what you have done to understand the problem, which components and version you're using. What files are involved etc. a) Do you use ssh-agent? b) What is the path/filename of your private key? c) Do you have a public key file (path/name)?
a) I am not using, and have never used, ssh-agent as far as I know b) The private key is at ~/.ssh/id_dsa c) The public key is inside ~/.ssh/authorized_keys As I said, logging in over the console (i.e., in Konsole) and kio_fish (fish://user@server) work exactly as expected: I get logged into the server without being asked for anything. Only kio_sftp (sftp://user@server) asks for the username and password and won't connect (and show me the directory I'm asking for) unless I do. If you can tell me how to determine what version of kio_sftp I am using I will readily go find out; but short of that I can only tell you that /usr/lib/kde4/kio_sftp.so is provided by OpenSUSE's (Factory) kdebase4-runtime package, and that I am using version 4.3.1-140.2. The file /usr/lib/kde4/kio_fish.so is provided by the same package, and OpenSSH is version 5.1p1-40.15 (from OpenSUSE's OSS repo). Thanks
So you don't have a ~/.ssh/id_dsa.pub file? If yes, this is the reason why it doesn't work. You don't have a file with the public key.
Hi Andreas. I have same problem with kio_sftp. My files in ~/.ssh/ directory: id_rsa id_rsa.keystore id_rsa.pub known_hosts known_hosts.2 My public key is included in /root/.ssh/authorized_keys on server side. When I connect to my server over command line (or kio_fish), password isn't required, but over kio_sftp (kdebase-runtime 4.3.1-0ubuntu2) always is.
SVN commit 1026329 by anschneider: Fixed public key authentication. BUG: 207855 M +1 -1 kio_sftp.cpp WebSVN link: http://websvn.kde.org/?view=rev&revision=1026329
@ Comment #4 Lukáš, can you tell me if the fix has hit Ubuntu yet? It is supposed to be in OpenSUSE already ( https://bugzilla.novell.com/show_bug.cgi?id=540488#c3 ) but even though I have updated kdebase4-runtime twice already I still do not see it. @ Comment #3 Andreas, I never had to have a *.pub file before. As I said, my public key is located in ~/.ssh/authorized_keys (both on the server and on my local) and that worked fine for kio_sftp prior to the bug and continues to work fine for kio_fish and ssh on the console. I generated the key a long time ago, but I think I set things up similar to instructions here: http://www.sshkeychain.org/mirrors/SSH-with-Keys-HOWTO/SSH-with-Keys-HOWTO-4.html which actually involve rm'ing the *.pub file. I didn't have the authorized_keys2 file, so I tried doing that but it doesn't seem to make any difference. Since I didn't have the *.pub file, I also regenerated it using instructions from http://meinit.nl/regenerating-your-lost-public-ssh-key-id_dsa-pub with also no difference after placing it in ~/.ssh/ (on both server and local). I am still experiencing the problem, but as per my reply to Comment #4 I am not sure if it is because the fix was reported as put into Factory but actually wasn't or what. I will ask on OpenSUSE's bugtracker. Thanks, you two.
(In reply to comment #6) > @ Comment #4 > > Lukáš, can you tell me if the fix has hit Ubuntu yet? It is supposed to be in > OpenSUSE already ( https://bugzilla.novell.com/show_bug.cgi?id=540488#c3 ) but > even though I have updated kdebase4-runtime twice already I still do not see > it. > Yes, this bug is already fixed on Ubuntu (Karmic). Thank you!
The file ~/.ssh/id_dsa.pub has nothing to do with ~/.ssh/authorized_keys. Normally ~/.ssh/id_dsa is the private key and ~/.ssh/id_dsa.pub is the public key of it. ~/.ssh/authorized_keys tells the *server* which keys are allowed to authenticate as this user. You can generate the public key out of the private key. I think we need a use case. Lets assume you have 10 password protected private keys (~/.ssh/a, ~/.ssh/b, ..., ~/.ssh/j) and no public keys. Now you try to connect to an ssh server and j is the key for this server. So you have to enter 10 passwords to open the private key, generate the public key and offer it to the server.
I wasn't able to generate a public key from my original private key that libssh would accept, so I made a new one and it works just fine. Since it was high time for me to replace the key, anyway, I suppose it's all well that ends well. Thanks for looking into the matter.