SFTP Unsupported Private Key Exception

Question

I am attempting to make a connection to a coreftp SFTP server w/ private key authentication.

Here are the steps I took: 1) From coreftp I generated a self signed certificate. 2) Also from coreftp I generated a key pair for a user.

I then executed the following code:

Sftp client = new Sftp();
        client.LogWriter = new Rebex.FileLogWriter(@"c:\tobegreensftp\log.txt", Rebex.LogLevel.Debug);
        client.Connect(server);

        SshPrivateKey privateKey = new SshPrivateKey(@"c:\tobegreensftp\priv", pword);

        client.Login(user, privateKey);

        client.PutFile(file.InputStream, file.FileName);
        client.Disconnect();

At the line:

SshPrivateKey privateKey = new SshPrivateKey(@"c:\tobegreensftp\priv", pword);

I got the following exception: Unsupported private key encryption.

This is what was written to the log file:

2012-05-07 21:26:33.181 DEBUG Sftp(1)[4] SSH: Server is 'SSH-2.0-CoreFTP-0.3.1'.
2012-05-07 21:26:33.181 INFO Sftp(1)[4] SSH: Negotiation started.
2012-05-07 21:26:33.212 DEBUG Sftp(1)[4] SSH: Negotiating key.
2012-05-07 21:26:34.119 DEBUG Sftp(1)[4] SSH: Validating signature.
2012-05-07 21:26:34.134 INFO Sftp(1)[4] SSH: Negotiation finished.
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Server: SSH-2.0-CoreFTP-0.3.1
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Fingerprint: b4:ed:25:2f:be:78:a2:79:e6:e3:d7:4e:4f:8b:f7:4b
2012-05-07 21:26:34.134 INFO Sftp(1)[4] Info: Cipher info: SSH 2.0, Diffie-Hellman-Group14-SHA1, RSA, aes256-ctr/aes256-ctr, SHA1/SHA1

Answer 1

It looks like the private key is encrypted using an unsupported algortihm (even though the key format is supported). As a workaround, please download the PuTTYgen utility and use it to convert the private key you have into PuTTY '.ppk' format. You should then be able to connect using the converted .ppk private key.

Comments

Tomas, thank you for this reply. Do you know of any other encryption algorithms not supported?

Is there a link with this information?

---

Thanks for the heads up on this. I was trying to use a Linux private key and was getting this error.

---

For a list of supported formats and algorithms, please check out this answer to this question.

Answer 2

Current version of Rebex SFTP and Rebex SSH supports loading the following private key formats:

• PKCS #8 format (PBKDF1, PBKDF2, PKCS #12 key generation, DES, 3DES, RC2, RC4, AES encryption)
• OpenSSH/OpenSSL SSLeay format (we only support TripleDES encryption)
• PuTTY PPKv2 format (it only uses AES)

In addition to encryption algorithms listed, keys with no encryption are supported as well.

If you run into a key in PKCS #8 or SSLeay format that uses an unsupported encryption algorithm, please mail a sample of this key to us (no password needed) and we will add support for it. Alternatively, for SSLeay keys, open the key file using a simple text editor (such as Notepad) and mail us the line that starts with "DEK-Info:". Thanks!