Make curl use password auth instead of public key authentication

Question

I use curl --insecure --user user1:password1 -T test.txt sftp://company1.com/incoming/ -vvv to send my file to SFTP.

In the output I see

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying xxx.xxx.xxx.xxx...
  0     0    0     0    0     0      0      0 --:--:--  0:00:02 --:--:--     0* Connected to transfer.dotz.com.br (xxx.xxx.xxx.xxx) port 22 (#0)
  0     0    0     0    0     0      0      0 --:--:--  0:00:03 --:--:--     0* SSH MD5 fingerprint: 1954076a7e4299f00df823fa1ca2d30e
  0     0    0     0    0     0      0      0 --:--:--  0:00:04 --:--:--     0* SSH authentication methods available: password,publickey
* Using SSH public key file '(nil)'
* Using SSH private key file '/home/ec2-user/.ssh/id_rsa'
* SSH public key authentication failed: Username/PublicKey combination invalid
* Failure connecting to agent
* Authentication failure
  0     0    0     0    0     0      0      0 --:--:--  0:00:04 --:--:--     0
* Closing connection 0
curl: (67) Authentication failure

I don't understand why it complains on "SSH public key authentication failed" while I explicitly indicated --user argument. Apparently my password is not used...

Could you help?

score 1 · Answer 1 · edited May 23 '17 at 12:15

1

Why don't you use direct sftp command? It also tries the keys, but in a quite way so you don't even know it.

It does this because it is default behaviour of ssh to use keys that are in default location (see manual page for sshd_config(5)).

There are few things that you can do to avoid this:

Remove the key from default location to remove the warning
Try to modify your client config to disable pubkey authentication: PubkeyAuthentication no in ~/.ssh/config (it might not be honoured)
Disable pubkey authentication on server with the same option in /etc/sshd_config and restart server (but this is usually not what you want to do).

But anyway, here is better solution from another question:

curl -v --insecure sftp://user1:password1@company1.com

edited May 23 '17 at 12:15

Community

1
1

answered Dec 02 '15 at 22:54

Jakuje

24,773
12
69
75

I tried, sftp://user1:password1@company1.com fails with same result – snowindy Dec 03 '15 at 06:20
Did you find a solution for this? – jannej Jul 15 '18 at 14:43
Use `sftp`. That is much less pain. – Jakuje Jul 15 '18 at 18:40
sftp is only for unix. curl is available in all env. – e-Fungus May 28 '20 at 20:14
@FrankChen can you name some env where sftp is not available? – Jakuje May 28 '20 at 20:16
In Windows sftp is not available on OEM images. if your not admin on the server, you're stuck with options available to you. But maybe it might be easier to get an Admin to install WinSCP than fighting with curl to work. – e-Fungus May 28 '20 at 20:27
@Jakuje In Windows sftp is not available on OEM image, but it seems that there is a power tool available. so it might be easier to convince an admin to update his master image. – e-Fungus May 29 '20 at 16:49

Make curl use password auth instead of public key authentication

1 Answers1