SFTP Unsupported Private Key Exception

0 votes
asked May 8, 2012 by Bill May (130 points)
edited Dec 18, 2014

I am attempting to make a connection to a coreftp SFTP server w/ private key authentication.

Here are the steps I took: 1) From coreftp I generated a self signed certificate. 2) Also from coreftp I generated a key pair for a user.

I then executed the following code:

Sftp client = new Sftp();
        client.LogWriter = new Rebex.FileLogWriter(@"c:\tobegreensftp\log.txt", Rebex.LogLevel.Debug);
        client.Connect(server);

        SshPrivateKey privateKey = new SshPrivateKey(@"c:\tobegreensftp\priv", pword);

        client.Login(user, privateKey);

        client.PutFile(file.InputStream, file.FileName);
        client.Disconnect();

At the line:

SshPrivateKey privateKey = new SshPrivateKey(@"c:\tobegreensftp\priv", pword);

I got the following exception: Unsupported private key encryption.

This is what was written to the log file:

2012-05-07 21:26:33.181 DEBUG Sftp(1)[4] SSH: Server is 'SSH-2.0-CoreFTP-0.3.1'.
2012-05-07 21:26:33.181 INFO Sftp(1)[4] SSH: Negotiation started.
2012-05-07 21:26:33.212 DEBUG Sftp(1)[4] SSH: Negotiating key.
2012-05-07 21:26:34.119 DEBUG Sftp(1)[4] SSH: Validating signature.
2012-05-07 21:26:34.134 INFO Sftp(1)[4] SSH: Negotiation finished.
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Server: SSH-2.0-CoreFTP-0.3.1
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Fingerprint: b4:ed:25:2f:be:78:a2:79:e6:e3:d7:4e:4f:8b:f7:4b
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Cipher info: SSH 2.0, Diffie-Hellman-Group14-SHA1, RSA, aes256-ctr/aes256-ctr, SHA1/SHA1

2 Answers

+2 votes
answered May 8, 2012 by Tomas Knopp (58,890 points)
edited Sep 10, 2012

It looks like the private key is encrypted using an unsupported algortihm (even though the key format is supported). As a workaround, please download the PuTTYgen utility and use it to convert the private key you have into PuTTY '.ppk' format. You should then be able to connect using the converted .ppk private key.

commented May 9, 2012 by Bill May (130 points)
edited May 9, 2012

Tomas, thank you for this reply. Do you know of any other encryption algorithms not supported?

Is there a link with this information?

commented Aug 9, 2012 by abusbin (110 points)
edited Aug 9, 2012

Thanks for the heads up on this. I was trying to use a Linux private key and was getting this error.

commented Sep 10, 2012 by Lukas Pokorny (94,670 points)
edited Sep 10, 2012

For a list of supported formats and algorithms, please check out this answer to this question.

0 votes
answered Sep 10, 2012 by Lukas Pokorny (94,670 points)
edited Nov 5, 2012

Current version of Rebex SFTP and Rebex SSH supports loading the following private key formats:

  • PKCS #8 format (PBKDF1, PBKDF2, PKCS #12 key generation, DES, 3DES, RC2, RC4, AES encryption)
  • OpenSSH/OpenSSL SSLeay format (we only support TripleDES encryption)
  • PuTTY PPKv2 format (it only uses AES)

In addition to encryption algorithms listed, keys with no encryption are supported as well.

If you run into a key in PKCS #8 or SSLeay format that uses an unsupported encryption algorithm, please mail a sample of this key to us (no password needed) and we will add support for it. Alternatively, for SSLeay keys, open the key file using a simple text editor (such as Notepad) and mail us the line that starts with "DEK-Info:". Thanks!

...