Filezilla (MacOS) and Keagent support
Moderator: Project members
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Filezilla (MacOS) and Keagent support
I am using Keagent (Keypassxc) to store my keys and this is working flawlessly with MacOS terminal but Filezilla is not making use if it? I remember on Windows its used to be working but on MacOS its not.
Re: Filezilla (MacOS) and Keagent support
Make sure it is configured as session-wide or even system-wide SSH agent.
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
Its is for sure system wide as the Transmit is working fine with it.
Re: Filezilla (MacOS) and Keagent support
Which version of FileZilla are you using?
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
I am using the latest version now and somehow its working fine now without any other change in my knowledge!
Re: Filezilla (MacOS) and Keagent support
Which is? No offense, but there have been cases where people thought a decade-old version has been the latest one.I am using the latest version now
Re: Filezilla (MacOS) and Keagent support
Cuirrently, the actual latest one is 3.43.0.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
I narrowed down the issue to SSH "IdentityFile" config. When I am setting "MaxAuthTries" to '1' I can SSH the host with the specific pinned key but Filezilla is still pushing all keys one by one hence failing to login due to max retry failure.
Is there something we can do?
BTW my version is 3.43.0
Is there something we can do?
BTW my version is 3.43.0
Re: Filezilla (MacOS) and Keagent support
A limit of one is insane. Please consider the recommendation given in the SSH specifications:
RFC 4252 wrote:Additionally, the implementation SHOULD limit the number of failed authentication attempts a client may perform in a single session (the RECOMMENDED limit is 20 attempts).
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
The reason is I have multiple dozens of servers to manage and I have to keep the login process faster and I also have IDS/IPS which blocks the intruding IP after X no of failed attempts too but this is not related to those things as as per my observation Filezilla is probably not compatible with SSH Agent IdentiyFile as its always trying all keys.botg wrote: ↑2019-07-02 06:29A limit of one is insane. Please consider the recommendation given in the SSH specifications:RFC 4252 wrote:Additionally, the implementation SHOULD limit the number of failed authentication attempts a client may perform in a single session (the RECOMMENDED limit is 20 attempts).
Re: Filezilla (MacOS) and Keagent support
Why do you have more than one key? Multiple keys do not increase security.
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
those are different clients production servers and ssh is exposed to world. If I use same key for all that in case of the key leak all servers will be in danger.
Its a multi customers and multi users (employees) infrastructure so there are many other security complications as well.
Its a multi customers and multi users (employees) infrastructure so there are many other security complications as well.
Re: Filezilla (MacOS) and Keagent support
If it's pure key authentication you can specify each server's key directly in its Site Manager entry. I guess it doesn't work that way if the server needs key + password.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2019-06-19 10:52
- First name: Azfar
- Last name: Hashmi
Re: Filezilla (MacOS) and Keagent support
I have passphrase on all keys.
Re: Filezilla (MacOS) and Keagent support
If you configure the password-protected key in FileZilla, then FileZilla will prompt for the key file password if needed.