pysftp AuthenticationException while connecting to server with private key

Question

I am trying to connect to SFTP server. I have a private key along with a password. I have tried to read related questions on SO, but have been unable to successfully connect.

This is what I have tried:

pysftp.Connection(host=<hostname>, username=<username>,
                  password=<password>, private_key=<path to .ppk file>)

AuthenticationException: Authentication failed

pysftp.Connection(host=<hostname>, username=<username>,
                  private_key_pass=<password>, private_key=<path to .ppk file>)

SSHException: not a valid DSA private key file

However, I can use the same credentials and connect with FileZilla. FileZilla asked for password and converted the .ppk file into an unprotected file.

I tried to use the same host name, username and key file as used in FileZilla, but I continue getting errors. Also tried connecting using Paramiko.

score 17 · Accepted Answer · edited Jun 27 '19 at 08:00

17

I could finally connect.

Converted the file to a .pem file using PuTTY. Passed this .pem file and kept the rest of the parameters the same as before.

pysftp.Connection(host='hostname', username='username',
                   password='password', private_key='path to .pem file')

Hope this helps someone having similar issues.

edited Jun 27 '19 at 08:00

Martin Prikryl

188,800
56
490
992

answered Dec 04 '15 at 21:10

heathensoul

291
1
2
7

So you still have to use the password parameter even though you are using the PEM key? I am currently having the same issue. – kidbrax Feb 29 '16 at 17:43
3

Here is a decent instruction for converting .ppk to .pem and vice versa: https://aws.amazon.com/premiumsupport/knowledge-center/convert-pem-file-into-ppk/ – Sergey Makhonin Aug 20 '19 at 13:45
1

As Martin Prikryl pointed out you can't use password with private_key. This likely should be `private_key_pass=` as in the original code example – General4077 Aug 21 '19 at 14:17

score 0 · Answer 2 · answered May 28 '18 at 15:49

0

I solved this problem by downgrading from pysftp0.2.9 to pysftp 0.2.8

pip install pysftp==0.2.8

I used private key with private key password in the connection string like this:

import pysftp as sftp
import sys
srver = sftp.Connection(host='xx.xxx.xx.xx',username='xxxxx',password='xxx',port=9999,private_key='C:\\Users\xxxx\xxx\id_rsa.ppk',private_key_pass='xxxxxx')

Remember that port is actually a number not a string. This solution will work for all those who want to connect using private key and private key password with host name, username and user password.

answered May 28 '18 at 15:49

Hamid

35
8

It would be helpful to know why you needed to downgrade in order to solve the issue. – Nicholas Flees Sep 23 '20 at 21:45
I wanted to try that, though that version of pysftp is only compatible with `python[version='2.7.*|3.4.*|3.5.*']` – BCArg Jan 27 '21 at 13:33

l001d · Answer 3 · 2021-02-01T17:51:20.363

I had the same problem on a Linux environment and I was trying to follow the solution from the accepted answer. The first problem I had was converting the .ppk file to a .pem file. I find on a Debian environment, we can convert the .ppk file to a .pem file using PuTTY tools

$ sudo apt-get install putty-tools
$ puttygen abc.ppk -O private-openssh -o abc.pem

The second problem I had with trying out the accepted answer was an Authentication Error, I used private_key_pass instead of password and I was able to make the connection.

cnopts = pysftp.CnOpts()

cnopts = modify_cnopts_as_you_wish(cnopts)

srv = pysftp.Connection(host="hostname", username="user",
                        private_key='path_to_abc.pem',
                        private_key_pass="password", 
                        cnopts=cnopts)

score -2 · Answer 4 · answered Sep 01 '19 at 10:17

-2

You could directly use the option -m PEM when you add the key with ssh-keygen from your linux console instead of using Putty.

ssh-keygen -t rsa -m PEM

answered Sep 01 '19 at 10:17

Bischiz

1

Without more information, this is a mere comment to @heathensoul answer, rather than a standalone answer. – Martin Prikryl Sep 01 '19 at 15:36

score -3 · Answer 5 · edited Sep 18 '19 at 16:28

-3

I was able to solve same issue with

ssh-keygen -t rsa -m PEM" command and 
pysftp.Connection(host='hostname', username='username',
                   private_key_pass='password', private_key='path to .pem file')

edited Sep 18 '19 at 16:28

tituszban

4,797
2
19
30

answered Sep 18 '19 at 15:30

user3632065

1

I do not see how does this answer the question. You have shown how to generate a new key. The question about problems with using an existing key. – Martin Prikryl Sep 18 '19 at 15:41
In my case problem was with my private key, the how I was generating that key was not support by pysftp and I was able to solve with new key that I have generated in this way. – user3632065 Oct 11 '19 at 10:26
But you cannot just generate a new key. You have to put its public key on the server, what your answer does not even mention. And why doing it this way, if you can simply convert the existing key to the format that pysftp supports. – Martin Prikryl Oct 11 '19 at 10:44

pysftp AuthenticationException while connecting to server with private key

5 Answers5

Linked