Key file logon type prompts for password all of a sudden

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
htm1
500 Command not understood
Posts: 4
Joined: 2019-03-14 21:45
First name: Tom
Last name: Manning

Key file logon type prompts for password all of a sudden

#1 Post by htm1 » 2019-03-14 21:48

I've been using a key file with FileZilla to avoid having to enter a password. All of a sudden, I am prompted for a password every time I try to logon even though I'm still using a key file and the Logon Type is still set to Key File. I just upgraded to Mojave on Mac so I'm wondering if that has something to do with it. Any ideas?

htm1
500 Command not understood
Posts: 4
Joined: 2019-03-14 21:45
First name: Tom
Last name: Manning

Re: Key file logon type prompts for password all of a sudden

#2 Post by htm1 » 2019-03-20 00:07

I thought this was a Mojave issue but it doesn't look like it. FileZilla prompts for the key password every time I launch the app and connect. Why is that? It's not saved in the Keychain.

User avatar
botg
Site Admin
Posts: 32070
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: Key file logon type prompts for password all of a sudden

#3 Post by botg » 2019-03-20 08:12

FileZilla only asks for a key file password if the file is encrypted. Try inspecting your key file with ssh-keygen, removing any password if needed.

htm1
500 Command not understood
Posts: 4
Joined: 2019-03-14 21:45
First name: Tom
Last name: Manning

Re: Key file logon type prompts for password all of a sudden

#4 Post by htm1 » 2019-03-20 18:16

I believe I imported a key and FileZilla seems to have converted it to a .ppk file. FileZilla prompts for a password when you do this so I cannot remove the password on the keyfile. ssh-keygen doesn't work on the ppk file.

This behavior was not present before upgrading to Mojave. On El Capitan the keyfile just logged me in without a prompt. The whole reason I went with a key was so I didn't have to save or type a password. The way this works, I might as well just have FileZilla save a password for each site. Is there anyway around this?

I added the keyfile's password to the keychain using this:

ssh-add -K ~/.ssh/id_rsa

That works for ssh and persists after reboot. I can ssh into my server in terminal and not get prompted for a password, and if I do that first I can use FileZilla without being prompted for a password. However, if I don't first ssh into the web server using Terminal, FileZilla will always prompt for a password.

User avatar
botg
Site Admin
Posts: 32070
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: Key file logon type prompts for password all of a sudden

#5 Post by botg » 2019-03-21 08:05

I believe I imported a key and FileZilla seems to have converted it to a .ppk file. FileZilla prompts for a password when you do this so I cannot remove the password on the keyfile.
Try removing the password from the original file, then import it and convert if need.

I added the keyfile's password to the keychain using this:

ssh-add -K ~/.ssh/id_rsa

That works for ssh and persists after reboot. I can ssh into my server in terminal and not get prompted for a password, and if I do that first I can use FileZilla without being prompted for a password.
That's normal, expected and desired behavior of any SSH agent.

htm1
500 Command not understood
Posts: 4
Joined: 2019-03-14 21:45
First name: Tom
Last name: Manning

Re: Key file logon type prompts for password all of a sudden

#6 Post by htm1 » 2019-03-22 03:05

I finally got this to work. It turns out Apple did change the behavior with Sierra and later. Here's what works assuming you are already using SSH keys to connect to a server in Terminal. This does not require a separate FileZilla key:

1. Create or Edit your ~/.ssh/config file to include:

Host *
UseKeychain yes
AddKeysToAgent yes
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa

2. Issue the following command in Terminal:

ssh-add -K ~/.ssh/id_rsa

3. Create this file:

~/Library/LaunchDaemons/local.computername.AddSSHKeysAtLogin.plist

Contents of the file:

<plist version="1.0">
<dict>
<key>Label</key>
<string>local.mycomputername.AddSSHKeysAtLogin</string>
<key>ProgramArguments</key>
<array>
<string>/usr/bin/ssh-add</string>
<string>-A</string>
</array>
<key>StandardOutPath</key>
<string>/dev/null</string>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>

That's it! Now after you reboot you will not be required to enter your SSH Key password.

Post Reply