|
|
| Line 1: |
Line 1: |
| − | == SFTP using SSH2: Key based authentication ==
| + | I simply watend to thank you one far more time for the wonderful website you've got produced here. It's full of useful hints for those who are genuinely interested in this particular topic, primarily this quite post. Your all genuinely sweet plus thoughtful of others in addition to the fact that reading your site posts is a fantastic delight if you ask me. And what a generous reward! Jeff and I will have excitement producing use of your recommendations in what we need to instead do within the near future. Our collection of ideas is often a distance extended which means your hints will certainly be put to incredibly good use. |
| − | | |
| − | Starting with version 3.0.8, FileZilla has a built-in key management page in the settings dialog.
| |
| − | | |
| − | Note: Importing a site's '''public''' key is not supported.
| |
| − | It's not possible to pre-cache a public key (which I had obtained as a keyfile from the site's administrator) to verify the server is the one you're trying to connect to. Eventually I had to run ssh-keygen -l -f <keyfile name> on a Linux box, then perform a visual comparison.
| |
| − | | |
| − | === Windows ===
| |
| − | For SFTP using SSH2, FileZilla utilizes the excellent [http://www.chiark.greenend.org.uk/~sgtatham/putty/ PuTTY] tools. To allow the use of RSA / DSA key files with Filezilla, you'll need to download two more tools from PuTTY: Pageant and (assuming your key file isn't already in PPK format) PuTTYgen.
| |
| − | | |
| − | If your key file is already in PuTTY's PPK format you can skip this paragraph. However if your key is in OpenSSH format, you first need to convert it to PuTTY's PPK format. To do this, launch PuTTYgen and from the "Conversions" menu, select the "Import key" option. Select your key and follow the prompts to enter your pass phrase. Save your private key.
| |
| − | | |
| − | Now run Pageant. In your system tray, you'll see the Pageant icon appear. Right-click the icon and select "Add Key" and select your private key (PPK) file. Follow the prompt to enter your pass phrase and you're done.
| |
| − | | |
| − | Now simply launch FileZilla and connect to your server using SFTP using SSH2 with a username and an empty password. Don't forget to close pageant when you're done.
| |
| − | | |
| − | I'm not sure how well this'll work on systems where you're not permitted to save your password, but after selecting "Don't save password" in the site manager for my server, I could exit the site manager by pressing "cancel" on the password dialog and then "Save and Exit". When you select your site from the list, again press "cancel" and it'll still attempt to connect.
| |
| − | | |
| − | As you may or may not know, FileZilla can be easily carried around on portable media such as a USB stick and used from any PC. This also applies to the PuTTY tools, so if you stick Pageant and your PPK key file on to, for example, a USB stick, you can now access your server from any Windows PC.
| |
| − | | |
| − | ==== Alternative Method ====
| |
| − | In the Edit - Settings menu of the FileZilla client, you can [Add key file...] under Connection - SFTP, and FileZilla can use the public key authentication in the site manager with the 'Interactive' Logontype. However, the .ppk file is converted to unprotected one if the original .ppk file is password-protected (FileZilla can do that for you when importing the file). As of 3.0.10, a password-protected key file is not supported yet.
| |
| − | | |
| − | === Other platforms ===
| |
| − | | |
| − | FileZilla supports the standard SSH agents. If your SSH agent is running, the SSH_AUTH_SOCK environment variable should be set.
| |
