Key file logon type prompts for password all of a sudden
Moderator: Project members
-
- 500 Command not understood
- Posts: 4
- Joined: 2019-03-14 21:45
- First name: Tom
- Last name: Manning
Key file logon type prompts for password all of a sudden
I've been using a key file with FileZilla to avoid having to enter a password. All of a sudden, I am prompted for a password every time I try to logon even though I'm still using a key file and the Logon Type is still set to Key File. I just upgraded to Mojave on Mac so I'm wondering if that has something to do with it. Any ideas?
-
- 500 Command not understood
- Posts: 4
- Joined: 2019-03-14 21:45
- First name: Tom
- Last name: Manning
Re: Key file logon type prompts for password all of a sudden
I thought this was a Mojave issue but it doesn't look like it. FileZilla prompts for the key password every time I launch the app and connect. Why is that? It's not saved in the Keychain.
Re: Key file logon type prompts for password all of a sudden
FileZilla only asks for a key file password if the file is encrypted. Try inspecting your key file with ssh-keygen, removing any password if needed.
-
- 500 Command not understood
- Posts: 4
- Joined: 2019-03-14 21:45
- First name: Tom
- Last name: Manning
Re: Key file logon type prompts for password all of a sudden
I believe I imported a key and FileZilla seems to have converted it to a .ppk file. FileZilla prompts for a password when you do this so I cannot remove the password on the keyfile. ssh-keygen doesn't work on the ppk file.
This behavior was not present before upgrading to Mojave. On El Capitan the keyfile just logged me in without a prompt. The whole reason I went with a key was so I didn't have to save or type a password. The way this works, I might as well just have FileZilla save a password for each site. Is there anyway around this?
I added the keyfile's password to the keychain using this:
ssh-add -K ~/.ssh/id_rsa
That works for ssh and persists after reboot. I can ssh into my server in terminal and not get prompted for a password, and if I do that first I can use FileZilla without being prompted for a password. However, if I don't first ssh into the web server using Terminal, FileZilla will always prompt for a password.
This behavior was not present before upgrading to Mojave. On El Capitan the keyfile just logged me in without a prompt. The whole reason I went with a key was so I didn't have to save or type a password. The way this works, I might as well just have FileZilla save a password for each site. Is there anyway around this?
I added the keyfile's password to the keychain using this:
ssh-add -K ~/.ssh/id_rsa
That works for ssh and persists after reboot. I can ssh into my server in terminal and not get prompted for a password, and if I do that first I can use FileZilla without being prompted for a password. However, if I don't first ssh into the web server using Terminal, FileZilla will always prompt for a password.
Re: Key file logon type prompts for password all of a sudden
Try removing the password from the original file, then import it and convert if need.I believe I imported a key and FileZilla seems to have converted it to a .ppk file. FileZilla prompts for a password when you do this so I cannot remove the password on the keyfile.
That's normal, expected and desired behavior of any SSH agent.
I added the keyfile's password to the keychain using this:
ssh-add -K ~/.ssh/id_rsa
That works for ssh and persists after reboot. I can ssh into my server in terminal and not get prompted for a password, and if I do that first I can use FileZilla without being prompted for a password.
-
- 500 Command not understood
- Posts: 4
- Joined: 2019-03-14 21:45
- First name: Tom
- Last name: Manning
Re: Key file logon type prompts for password all of a sudden
I finally got this to work. It turns out Apple did change the behavior with Sierra and later. Here's what works assuming you are already using SSH keys to connect to a server in Terminal. This does not require a separate FileZilla key:
1. Create or Edit your ~/.ssh/config file to include:
Host *
UseKeychain yes
AddKeysToAgent yes
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa
2. Issue the following command in Terminal:
ssh-add -K ~/.ssh/id_rsa
3. Create this file:
~/Library/LaunchDaemons/local.computername.AddSSHKeysAtLogin.plist
Contents of the file:
<plist version="1.0">
<dict>
<key>Label</key>
<string>local.mycomputername.AddSSHKeysAtLogin</string>
<key>ProgramArguments</key>
<array>
<string>/usr/bin/ssh-add</string>
<string>-A</string>
</array>
<key>StandardOutPath</key>
<string>/dev/null</string>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
That's it! Now after you reboot you will not be required to enter your SSH Key password.
1. Create or Edit your ~/.ssh/config file to include:
Host *
UseKeychain yes
AddKeysToAgent yes
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa
2. Issue the following command in Terminal:
ssh-add -K ~/.ssh/id_rsa
3. Create this file:
~/Library/LaunchDaemons/local.computername.AddSSHKeysAtLogin.plist
Contents of the file:
<plist version="1.0">
<dict>
<key>Label</key>
<string>local.mycomputername.AddSSHKeysAtLogin</string>
<key>ProgramArguments</key>
<array>
<string>/usr/bin/ssh-add</string>
<string>-A</string>
</array>
<key>StandardOutPath</key>
<string>/dev/null</string>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
That's it! Now after you reboot you will not be required to enter your SSH Key password.