c#之在 SSH.NET 中使用 PPK key 进行身份验证

third_qq_4accc0ab0fa5b582 2025年05月04日编程语言 137 0

我正在创建一个用于从 SFTP 服务器下载文件的窗口服务。为此，我使用 Renci.SshNet , Renci.SshNet.Common和 Renci.SshNet.Sftp .

我有这个代码:

String Host = "HostName"; 
int Port = 22; 
String RemoteFileDirectory = 
    Convert.ToString(ConfigurationManager.AppSettings["SourcePath"]); 
String Username = "UserName"; 
String Password = "*******"; 
 
var KeybasedMethod = new KeyboardInteractiveAuthenticationMethod(Username); 
KeybasedMethod.AuthenticationPrompt += 
    (sender, e) => { e.Prompts.First().Response = password; }; 
 
AuthenticationMethod[] methods = new AuthenticationMethod[]  
{ 
    new PrivateKeyAuthenticationMethod(Username, new PrivateKeyFile(@"Z:\SFTP SETUP\CJ22")), 
    KeybasedMethod 
}; 
ConnectionInfo connectionInfo = new ConnectionInfo(hostname, username, methods); 
 
using (var sftp = new SftpClient(connectionInfo)) 
{ 
    sftp.Connect(); 
    // ... 
}

我得到异常(exception)。

Invalid private key file.

我无法弄清楚我的代码中缺少什么。

以下是我使用 FileZilla 从客户端计算机登录服务器时获取的日志文件。

2017-04-03 16:25:19 8120 3 Status: Connecting to abc.domainname.com...  
2017-04-03 16:25:19 8120 3 Trace: Going to execute "C:\Program Files\FileZilla FTP Client\fzsftp.exe"  
2017-04-03 16:25:19 8120 3 Response: fzSftp started  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectSend()  
2017-04-03 16:25:19 8120 3 Command: keyfile "Z:\SFTP SETUP\CJ21_PVT.ppk"  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectParseResponse()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectSend()  
2017-04-03 16:25:19 8120 3 Command: keyfile "Z:\SFTP SETUP\CJ22_PVT.ppk"  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectParseResponse()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectSend()  
2017-04-03 16:25:19 8120 3 Command: keyfile "Z:\SFTP SETUP\CJ24_PVT.ppk"  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectParseResponse()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectSend()  
2017-04-03 16:25:19 8120 3 Command: keyfile "Z:\SFTP SETUP\CJ90_PVT.ppk"  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectParseResponse()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:19 8120 3 Trace: CSftpControlSocket::ConnectSend()  
2017-04-03 16:25:19 8120 3 Command: open "CJ22@abc.domainname.com" 22  
2017-04-03 16:25:19 8120 3 Trace: Looking up host "abc.domainname.com"  
2017-04-03 16:25:19 8120 3 Trace: Connecting to xxx.xxx.163.74 port 22  
2017-04-03 16:25:23 8120 3 Trace: Server version: SSH-2.0-1.82_sshlib Globalscape  
2017-04-03 16:25:23 8120 3 Trace: Using SSH protocol version 2  
2017-04-03 16:25:23 8120 3 Trace: We claim version: SSH-2.0-PuTTY_Local:_Mar_28_2014_10:34:48  
2017-04-03 16:25:24 8120 3 Trace: Doing Diffie-Hellman group exchange  
2017-04-03 16:25:24 8120 3 Trace: Doing Diffie-Hellman key exchange with hash SHA-1  
2017-04-03 16:25:25 8120 3 Trace: Host key fingerprint is:  
2017-04-03 16:25:25 8120 3 Trace: ssh-rsa 2048 6b:80:2c:5e:af:3f:2c:c7:f7:ef:4b:dd:85:55:32:fe  
2017-04-03 16:25:25 8120 3 Trace: Initialised AES-256 SDCTR client->server encryption  
2017-04-03 16:25:25 8120 3 Trace: Initialised HMAC-SHA1 client->server MAC algorithm  
2017-04-03 16:25:25 8120 3 Trace: Initialised AES-256 SDCTR server->client encryption  
2017-04-03 16:25:25 8120 3 Trace: Initialised HMAC-SHA1 server->client MAC algorithm  
2017-04-03 16:25:25 8120 3 Trace: Successfully loaded 4 key pairs from file  
2017-04-03 16:25:26 8120 3 Trace: Offered public key from "Z:\SFTP SETUP\CJ21_PVT.ppk"  
2017-04-03 16:25:26 8120 3 Trace: Server refused public key  
2017-04-03 16:25:26 8120 3 Trace: Offered public key from "Z:\SFTP SETUP\CJ22_PVT.ppk"  
2017-04-03 16:25:26 8120 3 Trace: Offer of public key accepted, trying to authenticate using it.  
2017-04-03 16:25:29 8120 3 Trace: Further authentication required  
2017-04-03 16:25:30 8120 3 Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 1  
2017-04-03 16:25:30 8120 3 Command: Pass: *********  
2017-04-03 16:25:30 8120 3 Trace: Access granted  
2017-04-03 16:25:30 8120 3 Trace: Opened channel for session  
2017-04-03 16:25:31 8120 3 Trace: Started a shell/command  
2017-04-03 16:25:31 8120 3 Status: Connected to abc.domainname.com  
2017-04-03 16:25:33 8120 3 Trace: CSftpControlSocket::ConnectParseResponse()  
2017-04-03 16:25:33 8120 3 Trace: CSftpControlSocket::ResetOperation(0)  
2017-04-03 16:25:33 8120 3 Trace: CControlSocket::ResetOperation(0)  
2017-04-03 16:25:33 8120 3 Trace: CFileZillaEnginePrivate::ResetOperation(0)  
2017-04-03 16:25:33 8120 3 Status: Retrieving directory listing...  
2017-04-03 16:25:33 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:33 8120 3 Trace: CSftpControlSocket::ChangeDirSend()  
2017-04-03 16:25:33 8120 3 Command: cd "/"  
2017-04-03 16:25:34 8120 3 Response: New directory is: "/"  
2017-04-03 16:25:34 8120 3 Trace: CSftpControlSocket::ResetOperation(0)  
2017-04-03 16:25:34 8120 3 Trace: CControlSocket::ResetOperation(0)  
2017-04-03 16:25:34 8120 3 Trace: CSftpControlSocket::ParseSubcommandResult(0)  
2017-04-03 16:25:34 8120 3 Trace: CSftpControlSocket::ListSubcommandResult()  
2017-04-03 16:25:34 8120 3 Trace: state = 1  
2017-04-03 16:25:34 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:34 8120 3 Trace: CSftpControlSocket::ListSend()  
2017-04-03 16:25:34 8120 3 Trace: state = 2  
2017-04-03 16:25:34 8120 3 Command: ls  
2017-04-03 16:25:34 8120 3 Status: Listing directory /  
2017-04-03 16:25:36 8120 3 Listing: drwxrw-rw- 1 user group 0 Mar 24 2015 JKOB1  
2017-04-03 16:25:36 8120 3 Listing: drwxrw-rw- 1 user group 0 Apr 3 10:40 JKOB  
2017-04-03 16:25:36 8120 3 Trace: CSftpControlSocket::ListParseResponse()  
2017-04-03 16:25:36 8120 3 Trace: CSftpControlSocket::SendNextCommand()  
2017-04-03 16:25:36 8120 3 Trace: CSftpControlSocket::ListSend()  
2017-04-03 16:25:36 8120 3 Trace: state = 3  
2017-04-03 16:25:36 8120 3 Status: Calculating timezone offset of server...  
2017-04-03 16:25:36 8120 3 Command: mtime "JKOB"  
2017-04-03 16:25:37 8120 3 Response: 1491216040  
2017-04-03 16:25:37 8120 3 Trace: CSftpControlSocket::ListParseResponse(1491216040)  
2017-04-03 16:25:37 8120 3 Status: Timezone offsets: Server: 0 seconds. Local: 19800 seconds. Difference: 19800 seconds.  
2017-04-03 16:25:37 8120 3 Trace: CSftpControlSocket::ResetOperation(0)  
2017-04-03 16:25:37 8120 3 Trace: CControlSocket::ResetOperation(0)  
2017-04-03 16:25:37 8120 3 Status: Directory listing successful  
2017-04-03 16:25:37 8120 3 Trace: CFileZillaEnginePrivate::ResetOperation(0)  
2017-04-03 16:27:24 8120 3 Status: Disconnected from server  
2017-04-03 16:27:24 8120 3 Trace: CControlSocket::DoClose(64)  
2017-04-03 16:27:24 8120 3 Trace: CSftpControlSocket::ResetOperation(66)  
2017-04-03 16:27:24 8120 3 Trace: CControlSocket::ResetOperation(66)  
2017-04-03 16:27:24 8120 3 Trace: CFileZillaEnginePrivate::ResetOperation(66)  
2017-04-03 16:27:24 8120 3 Trace: CControlSocket::DoClose(64)  
2017-04-03 16:27:24 8120 3 Trace: CControlSocket::DoClose(64)  
2017-04-03 16:27:24 8120 3 Trace: CFileZillaEnginePrivate::ResetOperation(0)

我已经从这里和其他来源尝试了多种解决方案，但都没有奏效。如果您有任何建议，那么非常欢迎。

请您参考如下方法:

SSH.NET 不支持 .ppk key 文件。您必须使用 PuTTYgen 将 .ppk key 转换为 OpenSSH 格式。

见 How to convert SSH keypairs generated using PuTTYgen (Windows) into key-pairs used by ssh-agent and Keychain (Linux) .

原始答案，在问题被编辑之前:

您在 FileZilla 中使用多因素私钥和键盘交互式身份验证:

2017-04-03 16:25:26 8120 3 Trace: Offered public key from "Z:\SFTP SETUP\CJ22_PVT.ppk"
2017-04-03 16:25:26 8120 3 Trace: Offer of public key accepted, trying to authenticate using it.
2017-04-03 16:25:29 8120 3 Trace: Further authentication required
2017-04-03 16:25:30 8120 3 Trace: Using keyboard-interactive authentication. inst_len: 0, num_prompts: 1
2017-04-03 16:25:30 8120 3 Command: Pass: *********
2017-04-03 16:25:30 8120 3 Trace: Access granted

同时，您在代码中使用简单的密码身份验证:

using (var sftp = new SftpClient(Host, Port, Username, Password))

你怎么能指望这行得通？

要实现多因素身份验证，您必须使用 ConnectionInfo .

var keybInterMethod = new KeyboardInteractiveAuthenticationMethod(username); 
keybInterMethod.AuthenticationPrompt += 
    (sender, e) => { e.Prompts.First().Response = password; }; 
 
AuthenticationMethod[] methods = new AuthenticationMethod[] { 
    new PrivateKeyAuthenticationMethod(username, new PrivateKeyFile(privateKey)), 
    keybInterMethod 
}; 
ConnectionInfo connectionInfo = new ConnectionInfo(hostname, username, methods); 
 
using (var sftp = new SftpClient(connectionInfo)) 
{ 
    sftp.Connect(); 
 
    // ... 
}

IT序号网 C#

微信公众号号：IT虾米（左侧二维码扫一扫）欢迎添加！

Q : 823053937

热贴推荐

c#之在 SSH.NET 中使用 PPK key 进行身份验证

Q : 823053937

热贴推荐

c#之在 SSH.NET 中使用 PPK key 进行身份验证

c#之无法使用 C# 和 SSH.NET 从 Windows 运行 Unix 服务器中的用户脚本

c#之Renci SSH.NET : can create symlink, 但删除符号链接(symbolic link)失败，为什么

c#之如何在C#中将密码字符串转换为Renci.SshNet.PrivateKeyFile

c#之在 C# 中使用 pscp 通过 post 请求在 Windows 和 Linux 之间传输文件

c#之在 C# 上使用 SSH 进行 NGit(JGit 端口)身份验证

c#之确保连接

c#之如何在.NET中通过SFTP/SSH执行 “double hop”

c#之过滤。 (此文件夹)和 ..(父文件夹)在 C# SSH.NET 中的 SFTP 目录列表中

c#之在 C# 应用程序中使用 Plink session 时逃避 SSH 主机验证

c#之在 SSH.NET 中进行多因素身份验证( key 和密码)时获取 'Permission denied (password).'

c#之无法在 Cisco WLC 上使用 SSH.NET 执行命令

c#之使用 SSH.NET 从 Ubuntu 服务器上的文件中删除行