SSH - Private Key Passphrase not working for

Help
vwyoda
2013-03-18
2017-02-03
  • vwyoda

    vwyoda - 2013-03-18

    I am not sure if I am just not getting something here or if it is actually not working. When I have a SSH private key that also has a passphrase attached to it, Entering it in the field does not make PAC actually enter it when it is asked on the terminal.
    Here is the output on the terminal in PAC when it asks

    Enter passphrase for key '/key/location/here':
    

    Even trying to enter it when it pops up makes it fail to login properly. I know that I am putting in the correct phrase as I can SSH doing the same thing from my CLI.
    Can someone help shed some light here please thanks.

     
  • David Torrejón Vaquerizas

    Hi!

    Are yuo using the "Private key" filelds "User" and "Passphrase" on that connection?
    - David.

     
  • vwyoda

    vwyoda - 2013-03-19

    Here is what I did
    I enter the private key location. Then enter the user. Then enter the passphrase. Click Save and Close. Then double click the connection.

    I also tried leaving passphrase empty and typing it in when it shows on the screen like the above output.

    Thanks

     
  • David Torrejón Vaquerizas

    Could you please atcivate de "DEBUG" option  (Preferences -> TErminal options -> Advanced -> Expect DEBUG), and retry that connection?

    Then, could you please send me the whole output? (remember ro REMOVE PASSWORDS or any other confident information that may appear!)

    - David.

     
  • vwyoda

    vwyoda - 2013-03-20

    Hi David,

    Thanks for the help and great software, here is the requested info.

     CONNECTING WITH 'Server' =->
    [pac_conn(4905)][Server][Server]: !!_PAC_AUTH_[pac_PID681_n7]!!
    [pac_conn(4905)][Server][Server]: SPAWNING:ssh -p 22 -i "/home/user/.keys/mykey.pem"  -2 -4 -x -C -l USERNAMEHERE 1.2.3.4.5
    [pac_conn(4905)][Server][Server]: SPAWNED:'ssh -p 22 -i "/home/user/.keys/mykey.pem"  -2 -4 -x -C -l USERNAMEHERE 1.2.3.4.5' (PID:4905)
    Starting EXPECT pattern matching...
     at /usr/share/perl5/vendor_perl/Expect.pm line 561.
        Expect::expect('Expect=GLOB(0x23d8ee0)', 40, 'ARRAY(0x3577ee0)', 'ARRAY(0x3581058)', 'ARRAY(0x35812b0)', 'ARRAY(0x35813d0)', 'ARRAY(0x357cae8)', 'ARRAY(0x357cc98)', 'ARRAY(0x357cf20)', ...) called at /usr/share/pacmanager/lib/pac_conn line 1387
    spawn id(3): list of patterns:
      #2: -eof `'
      #3: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'
      #4: -re `.*(any key to continue|tecla para continuar).*'
      #5: -re `ffending .*key in (.+)\\:(\\d+)'
      #6: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'
      #7: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key )\\s*:\\s*$'
      #8: -re `[#%\\$>]|\\:\\/\\s*$'
    spawn id(3): Does `'
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #4: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #5: -re `ffending .*key in (.+)\\:(\\d+)'? No.
      pattern #6: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #7: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key )\\s*:\\s*$'? No.
      pattern #8: -re `[#%\\$>]|\\:\\/\\s*$'? No.
    Enter passphrase for key '/home/user/.keys/mykey.pem': 
    spawn id(3): Does `Enter passphrase for key \'/home/user/.keys/mykey.pem\': '
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #4: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #5: -re `ffending .*key in (.+)\\:(\\d+)'? No.
      pattern #6: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #7: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key )\\s*:\\s*$'? No.
      pattern #8: -re `[#%\\$>]|\\:\\/\\s*$'? No.
    [pac_conn(4905)][Server][Server]: CLOSE:TIMEOUT:40 seconds trying to connect or get prompt!!
    [pac_conn(4905)][Server][Server]: DISCONNECTING
    [pac_conn(4905)][Server][Server]: DISCONNECTED
    
     
  • David Torrejón Vaquerizas

    Hi!

    I think I found the problem.
    Please, goto "Preferences" -> "PAC Main options" -> "Advanced", and change the "PASSSWORD promtp" entry with this line:

    (ass|assor|ontrase.a|Enter passphrase for key '.+')\s*:\s*$

    Save and try again.
    If that didn't work, try using this other line:

    (ass|assor|ontrase.a|Enter passphrase for key .+)\s*:\s*$

    Please, let me know the results! :)

    - David.

     
  • vwyoda

    vwyoda - 2013-03-21

    Hi David,

    This string worked for me

    ([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key '.+')\s*:\s*$
    

    Thanks for that :)

     
  • Serghei

    Serghei - 2017-01-24

    Hello,

    It seems that passphrase doesn't go through in my case, even though the above mentioned strings were tried. Please find below the log from my attempts and advise.

    [pac_conn(10995)][test][remote_machine]: !!_PAC_AUTH_[pac_PID10692_n2]!!
    [pac_conn(10995)][test][remote_machine]: SPAWNING:ssh -p 22 -i "/home/user/Desktop/temp_key.ppk"  -X -l root x.x.x.x
    [pac_conn(10995)][test][remote_machine]: SPAWNED:'ssh -p 22 -i "/home/user/Desktop/temp_key.ppk"  -X -l root x.x.x.x' (PID:10995)
    Starting EXPECT pattern matching...
     at /usr/share/perl5/Expect.pm line 561
        Expect::expect('Expect=GLOB(0x18b5b08)', 40, 'ARRAY(0x19eb370)', 'ARRAY(0x19eb4c0)', 'ARRAY(0x19eb760)', 'ARRAY(0x19e4728)', 'ARRAY(0x19e4848)', 'ARRAY(0x19e4c38)', 'ARRAY(0x19e4de8)', ...) called at /opt/pac/lib/pac_conn line 1533
    spawn id(3): list of patterns:
      #2: -eof `'
      #3: -re `\\[__PAC__SUDO__PROMPT__\\]'
      #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'
      #5: -re `.*(any key to continue|tecla para continuar).*'
      #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'
      #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'
      #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'
      #9: -re `[#%\\$>]|\\:\\/\\s*$'
    
    spawn id(3): Does `'
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? No.
      pattern #9: -re `[#%\\$>]|\\:\\/\\s*$'? No.
    
    Enter passphrase for key '/home/user/Desktop/temp_key.ppk': 
    spawn id(3): Does `Enter passphrase for key \'/home/user/Desktop/temp_key.ppk\': '
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? YES!!
        Before match string: `'
        Match string: `Enter passphrase for key \'/home/user/Desktop/temp_key.ppk\': '
        After match string: `'
        Matchlist: (`Enter passphrase for key \'/home/user/Desktop/temp_key.ppk\'')
    Calling hook CODE(0x19e4e48)...
    Sending 'passphrase\n' to spawn id(3)
     at /usr/share/perl5/Expect.pm line 1264
        Expect::print('Expect=GLOB(0x18b5b08)', 'passphrase\x{a}') called at /opt/pac/lib/pac_conn line 514
        main::send_slow('Expect=GLOB(0x18b5b08)', 'passphrase
    ', 'hide') called at /opt/pac/lib/pac_conn line 1402
        main::__ANON__('Expect=GLOB(0x18b5b08)') called at /usr/share/perl5/Expect.pm line 760
        Expect::_multi_expect(40, 'ARRAY(0x19e5598)', 'ARRAY(0xde89a8)') called at /usr/share/perl5/Expect.pm line 565
        Expect::expect('Expect=GLOB(0x18b5b08)', 40, 'ARRAY(0x19eb370)', 'ARRAY(0x19eb4c0)', 'ARRAY(0x19eb760)', 'ARRAY(0x19e4728)', 'ARRAY(0x19e4848)', 'ARRAY(0x19e4c38)', 'ARRAY(0x19e4de8)', ...) called at /opt/pac/lib/pac_conn line 1533
    [pac_conn(10995)][test][remote_machine]: PASSWORD:Sent (not shown)
    Continuing expect, restarting timeout...
    
    spawn id(3): Does `'
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? No.
      pattern #9: -re `[#%\\$>]|\\:\\/\\s*$'? No.
    
    Enter passphrase for key '/home/user/Desktop/temp_key.ppk': 
    spawn id(3): Does `\r\nEnter passphrase for key \'/home/user/Desktop/temp_key.ppk\': '
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t]|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? YES!!
        Before match string: `\r\n'
        Match string: `Enter passphrase for key \'/home/user/Desktop/temp_key.ppk\': '
        After match string: `'
        Matchlist: (`Enter passphrase for key \'/home/user/Desktop/temp_key.ppk\'')
    Calling hook CODE(0x19e4e48)...
    [pac_conn(10995)][test][remote_machine]: CLOSE:PASSWORD:Provided username/password 'root/<<hidden_password>>' was rejected
    [pac_conn(10995)][test][remote_machine]: DISCONNECTING
    [pac_conn(10995)][test][remote_machine]: DISCONNECTED
    
     <-= DISCONNECTED (PRESS <ENTER> TO RECONNECT) (Tue Jan 24 15:29:03 2017)
    

    Thanks.

     
    • Serghei

      Serghei - 2017-02-03

      Hello there, any updates on this issue? Thanks.

       
  • Magnus Eriksson

    Magnus Eriksson - 2017-02-03

    Hello,
    It seems that PAC recognises the dialogue with the ssh client for entering passphrase, as opposed to the original problem in this thread.
    In your case the configured passphrase is actually sent (at "PASSWORD:Sent (not shown)"). Is it the correct password? If I read the trace correctly, it seems the ssh client asks for the password again, which indicates that the password is wrong.
    What happens if you try manually at a command prompt with this command?
    ssh -p 22 -i "/home/user/Desktop/temp_key.ppk" -X -l root x.x.x.x
    Does it behave as expected?

    I think that .ppk files are used by putty. If you've copied a putty file, I'm not sure these key files are compatible with the openssh client.

    hope this helps
    Magnus

     
  • Kenford Zou

    Kenford Zou - 2017-05-09

    Hi,

    We run into similar issue. We have no passphrass for the key. It's successful to run the following command in terminal.

    ssh -p 22 -i "/home/kenford/keys/id_rsa" -q -o "UserKnownHostsFile=/home/kenford/snap/pac-vs/common/ssh/known_hosts" -F "/home/kenford/snap/pac-vs/common/ssh/config" -X -l app play-108799501-5-113710071

    pp@play-108799501-5-113710071's password: 
    spawn id(3): Does `app@play-108799501-5-113710071\'s password: '
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t](\\s+for\\s+)*|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? YES!!
        Before match string: `app@play-108799501-5-113710071\'s '
        Match string: `password: '
        After match string: `'
        Matchlist: (`password',  `')
    Calling hook CODE(0x2e669f0)...
    Sending '\n' to spawn id(3)
     at /snap/pac-vs/1/usr/share/perl5/Expect.pm line 1265.
        Expect::print(Expect=GLOB(0x1fd22d0), "\x{a}") called at /snap/pac-vs/1/opt/pac/lib/pac_conn line 518
        main::send_slow(Expect=GLOB(0x1fd22d0), "\x{a}", "hide") called at /snap/pac-vs/1/opt/pac/lib/pac_conn line 1414
        main::__ANON__(Expect=GLOB(0x1fd22d0)) called at /snap/pac-vs/1/usr/share/perl5/Expect.pm line 761
        Expect::_multi_expect(40, ARRAY(0x2e66fd8), ARRAY(0x2e67848)) called at /snap/pac-vs/1/usr/share/perl5/Expect.pm line 566
        Expect::expect(Expect=GLOB(0x1fd22d0), 40, ARRAY(0x2e5d8d8), ARRAY(0x2e5db60), ARRAY(0x2e733b8), ARRAY(0x2e735c8), ARRAY(0x2e736b8), ARRAY(0x2e73ac0), ARRAY(0x2e73c28), ...) called at /snap/pac-vs/1/opt/pac/lib/pac_conn line 1545
    [pac_conn(18047)][play-108799501-5-113710071][play-108799501-5-113710071]: PASSWORD:Sent (not shown)
    Continuing expect, restarting timeout...
    
    spawn id(3): Does `\r\n'
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t](\\s+for\\s+)*|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? No.
      pattern #9: -re `[#%\\$>]|\\:\\/\\s*$'? No.
    
    app@play-108799501-5-113710071's password: 
    spawn id(3): Does `\r\napp@play-108799501-5-113710071\'s password: '
    match:
      pattern #2: -eof `'? No.
      pattern #3: -re `\\[__PAC__SUDO__PROMPT__\\]'? No.
      pattern #4: -re `^.+ontinue connecting \\((.+)\\/(.+)\\)\\?\\s*$'? No.
      pattern #5: -re `.*(any key to continue|tecla para continuar).*'? No.
      pattern #6: -re `.*ffending .*key in (.+?)\\:(\\d+).*'? No.
      pattern #7: -re `([l|L]ogin|[u|U]suario|([u|U]ser-?)*[n|N]ame.*|[u|U]ser)\\s*:\\s*$'? No.
      pattern #8: -re `([p|P]ass|[p|P]ass[w|W]or[d|t](\\s+for\\s+)*|[c|C]ontrase.a|Enter passphrase for key \'.+\')\\s*:\\s*$'? YES!!
        Before match string: `\r\napp@play-108799501-5-113710071\'s '
        Match string: `password: '
        After match string: `'
        Matchlist: (`password',  `')
    Calling hook CODE(0x2e669f0)...
    [pac_conn(18047)][play-108799501-5-113710071][play-108799501-5-113710071]: CLOSE:PASSWORD:Provided username/password 'app/<<hidden_password>>' was rejected
    [pac_conn(18047)][play-108799501-5-113710071][play-108799501-5-113710071]: DISCONNECTED
    
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks