WinSCP and PuTTY SSH (SFTP) authentication to Windows OpenSSH server won't work using public keys

Maybe I'm missing a small detail, but I'm a little confused because of the many keys I see on the server.

I've used the public key authentication set up guide of WinSCP and PuTTY installation for public keys for extra information.

But every time I want to login to the server (Windows Server 2012), it won't accept the PuTTY privaty key.

I've generated the HOST key in the OpenSSH folder on the server as requested (c:\Program Files\OpenSSH). The SSHD service is running and accepted the host key, all the files are readable and error free working. On the first login via WinSCP I received a host key notification as expected.

The PUBLIC key is stored on the server in a text file authorized_keys.txt in location: C:\Users\username\.ssh.

For demo purposes I'm using a password free PRIVATE key on the client and manually loading it in PuTTY and WinSCP, however it won't work. The server says it won't accept the key.

The HOST key is self-generated by using the ssh-keygen.exe –A command. The PUBLIC and PRIVATE key are generated simultaneously in PuTTYgen.

Has anyone any idea, what I'm doing wrong here?

EDIT

It would become nearly impossible to read so I've filered the errors and found one which is repeated a lot:

Couldn't create pid file "./sshd.pid": Permission denied

other rows where just logs when I logged in.

UPDATE

After a bit more research I've found this page. At the end there's a Windows Public key troubleshooter segment. The writer claims his problems were solved, but mine weren't. I'm restarting the installation but now using only the Administrator account.

Quispie

Posted 2017-05-16T14:04:57.123

Reputation: 131

@MartinPrikryl both connections won't work indeed – Quispie – 2017-05-16T14:28:33.087

Answers

It's not authorized_keys.txt, but authorized_keys.

Also, if you are using Microsoft build of OpenSSH for Windows, make sure only a respective Windows account have a write access to the folder and the file (what is the default access level, if you create the folder and the file, while logged in using the respective account).

All this is covered in WinSCP guide to setting up SSH public key authentication on Windows OpenSSH server. See also How to properly configure Win32-OpenSSH authentication.

Side note: The "host key" has nothing to do with the authentication. So do not get confused by it. See WinSCP article about SSH host keys.

Martin Prikryl

Posted 2017-05-16T14:04:57.123

Reputation: 13 764

As far as I know has the sshd service access to the files. I've had error 1067 and that was indeed a read access problem. Is it btw a problem that authorized_keys has the extension .txt? I've changed it to be safe, but stil no succes with the connection – Quispie – 2017-05-16T14:35:34.087

Show us SSHD service log file (C:\Program Files\OpenSSH\logs\sshd.log) – Martin Prikryl – 2017-05-16T14:37:32.093

I've added the error, I'm not quite sure what this means? – Quispie – 2017-05-16T14:57:11.003

The error message does not seem related. Did you try to increase a logging level? – Martin Prikryl – 2017-05-16T19:08:29.187

Where can I set these changes? – Quispie – 2017-05-23T07:00:56.410

After a long search, trial and error it's working now!

What the problem exactly created is still a mystery for me, but out of pure frustration I've given the .ssh folder and authorized_keys full control by NT_service/sshd.

Now I can connect with my RSA keys!

Quispie

Posted 2017-05-16T14:04:57.123

Reputation: 131