0
2
I have Foogle Authenticator setup on an AWS EC2 instance, so that, when I SSH in with my .pem file, I am prompted for the current security key.
I was wondering if it is possible to configure FileZilla to ask me for the security code, so that I can edit files on my AWS EC2 using FileZilla (instead of pure terminal).
FileZilla logs
2:17:23 Status: Connecting to ec2-.....compute- 1.amazonaws.com...
12:17:23 Trace: Going to execute /Applications/FileZilla.app/Contents/MacOS/fzsftp
12:17:23 Response: fzSftp started, protocol_version=8
12:17:23 Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started, protocol_version=8)
12:17:23 Trace: CSftpControlSocket::SendNextCommand()
12:17:23 Trace: CSftpControlSocket::ConnectSend()
12:17:23 Command: keyfile "/Users/.../...pem"
12:17:23 Trace: CSftpControlSocket::ConnectParseResponse()
12:17:23 Trace: CSftpControlSocket::SendNextCommand()
12:17:23 Trace: CSftpControlSocket::ConnectSend()
12:17:23 Command: open "ubuntu@......amazonaws.com" 22
12:17:24 Trace: Server version: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
12:17:24 Trace: We believe remote version has SSH-2 channel request bug
12:17:24 Trace: Using SSH protocol version 2
12:17:24 Trace: Doing ECDH key exchange with curve Curve25519 and hash SHA-256
12:17:25 Trace: Server also has ... host keys, but we don't know any of them
12:17:25 Trace: Host key fingerprint is:
12:17:25 Trace: ssh- :... uDt....=
12:17:25 Trace: Initialised AES-256 GCM client->server encryption
12:17:25 Trace: Initialised AES256 GCM client->server MAC algorithm (in ETM mode) (required by cipher)
12:17:25 Trace: Initialised AES-256 GCM server->client encryption
12:17:25 Trace: Initialised AES256 GCM server->client MAC algorithm (in ETM mode) (required by cipher)
12:17:25 Trace: Pageant is running. Requesting keys.
12:17:25 Trace: Pageant has 0 SSH-2 keys
12:17:25 Trace: Successfully loaded 1 key pair from file
12:17:25 Trace: Offered public key from "/Users/.../....pem"
12:17:25 Trace: Offer of public key accepted, trying to authenticate using it.
12:17:25 Trace: Further authentication required
12:17:25 Trace: Attempting keyboard-interactive authentication
12:17:25 Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 1
12:17:25 Command: Pass:
12:17:25 Trace: Keyboard-interactive authentication failed
12:17:25 Trace: Attempting keyboard-interactive authentication
12:17:25 Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 1
12:17:25 Error: Authentication failed.
12:17:25 Trace: CControlSocket::DoClose(1030)
12:17:25 Trace: CSftpControlSocket::ResetOperation(1094)
12:17:25 Trace: CControlSocket::ResetOperation(1094)
12:17:25 Error: Critical error: Could not connect to server
12:17:25 Trace: CFileZillaEnginePrivate::ResetOperation(1094)
user1709076
Posted 2017-02-14T06:49:57.630
Reputation: 103
Original post was here http://stackoverflow.com/questions/42193016/filezilla-to-ssh-into-ec2-with-google-authenticator?
– user1709076 – 2017-02-14T06:52:08.973Verbose log please, this does not show anything. And PuTTY event log too. – Martin Prikryl – 2017-02-15T13:07:57.133
You’d usually construct this thing so that you’ll have to append the code to your password. This provides maximum compatibility because passwords always work. An extra prompt will most likely not work with anything but interactive SSH. – Daniel B – 2017-02-20T17:32:27.093
hmm @DanielB my password is my pem file. so would i paste in the 6 letter google auth at the end of the pem file? – user1709076 – 2017-02-20T21:36:05.913
No. I was assuming you had a password setup, I misread your post. The point about an extra prompt confusing software that isn't prepared for it still stands of course. You should contact the developers of Filezilla about this. – Daniel B – 2017-02-20T21:55:19.827