Reputation: 3095
I'm not experienced with SFTP or OpenSSH. I am trying to connect to a client's SFTP to upload a file.
I am using the SSH.NET library – https://github.com/sshnet/SSH.NET
Within my C# code I have the private key in a string variable:
var key = @"-----BEGIN OPENSSH PRIVATE KEY-----
// snipped
-----END OPENSSH PRIVATE KEY-----
";
MemoryStream keyStream = new MemoryStream(Encoding.UTF32.GetBytes(key));
Renci.SshNet.ConnectionInfo conn = new Renci.SshNet.ConnectionInfo(
host,
port,
username,
new AuthenticationMethod[]
{
new PrivateKeyAuthenticationMethod(username, new PrivateKeyFile[]
{
new PrivateKeyFile(keyStream, ""),
}),
});
But I get an error:
invalid private key file.
My question is, I have seen other keys which begin BEGIN RSA
but my key begins BEGIN OPENSSH
– is this the issue?
Upvotes: 19
Views: 30421
Reputation: 202594
You have two problems with your code:
The PrivateKeyFile
class reads the key using StreamReader
, which defaults to UTF8
. Not UTF16
. That's why the reading fails with the vague
invalid private key file.
If you correct the Encoding.UTF32
to Encoding.UTF8
, it will still fail though. As you have rightly guesses that the SSH.NET does not support the OPENSSH
format.
The latest SSH.NET 2020.0.1 supports the OPENSSH
format for ssh-ed25519
keys only. It will say:
openssh key type: ssh-rsa is not supported
Older versions did not support this format at all, they will say:
Key 'OPENSSH' is not supported
These OPENSSH
keys are generated by recent versions of OpenSSH (7.8 and newer).
You can use ssh-keygen
to convert the key to the classic OpenSSH format:
ssh-keygen -p -f file -m pem -P passphrase -N passphrase
(if the key is not encrypted with a passphrase, use ""
instead of passphrase
)
For Windows users: Note that ssh-keygen.exe
is now built-in in Windows 10 and 11. And can be downloaded from Microsoft Win32-OpenSSH project for older versions of Windows.
On Windows, you can also use PuTTYgen (from PuTTY package):
If you are creating a new key with ssh-keygen
, just add -m PEM
to generate the new key in the classic format:
ssh-keygen -m PEM
This works:
var key = @"-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQEAjQtUVe5ewYro8utRXqftODAg9zpqkP3+kmpVoIIXe27ga3jy
rUzJtCItx1jqjdZypcPrxB+8j2nUJj108Bw5y088OquGz/GhBk0uTN+/kQ7K4vnE
y7X4VuKDOloAAXRcyUZ621RWzM/Xp5M/lU6kuR+TtlMd1lpWmeKSNXhfP4gYaPMT
p/4+u247ng+HIwW9CLl5PGIO/AXImt/XyVMKMqw8IgGRKaYBBL2R9wLPBAYVzgHe
svfSDYdeNyh3XG+gbLgq2lmCYcq3wF//Ms3G/cTIm1ipeaeL89bTR9fYhLwQFdlp
UPy8wii/7jlfY/V+8EHQENNGZc3w0wPzP7EdkwIBJQKCAQBIbZoCnQA534xhEQ4b
2bEqsO5VcQZKdJd7nmNSbFE/YnM+G4OJbJ7tzFyyecSOBlaMeV1ktlnox6RK/Pbc
KiuEE+5+/iKiIiJBgZRQ/UayRd3OgEJ2cjNq4wUd9t1oh9yetX1b3zN97jB4pY9a
glSWailB81SC1HGo986KKQ5RDcA9cNa19uBEkUcTdcaph8wLcUDkT2PsavJt1wUF
0d8E3mKejDFMJJBt+642PdnrSK2N+3TtkEx2DxMAoQ5gPfaDWeN4QwbxDeNllfFM
BHj7ezL2N+U037fp/jAMyWVDaqN2leAakXkqQ73pdnvIsYHlxIvNTq0rFD64ELkT
ABq9AoGBAPG63tfV7Bzkd/iX5uIrjJY1UtbxhWMaoaF6tEJ+wZyEpcVEYWcFu0v2
20aFsdFWYFTe2vqkVcJpm3QjUJqBg6D7LWUBmy46VFlXhpvkp9g7I4xeRLT9xWVY
iwCgofyKw3Wa+aZWyBxt3DR2e+WKU5y4/dqAoprgGy3ChgSjM4DLAoGBAJVe2i3o
+3qUzeEIrxSf3H6HOT7fGaXsk+M8zDqrBjSki0sHMNedHMQ3tM/EUc6SnvWyPTZA
AlJSOllIg0eYxCzdiuJ1SUai4g9fp+u6HTkOzETJY7zfBhFM45AHkrh2r6z/u+Yk
yH57QeO+k2BgSDYZgdfX9cYW3C365BpqBCVZAoGBAOSp2bdpfnwyEJ8MO0SlvFa8
0dI+aWuVu30TNOT0cfTsLht4CRxDsSwus79AMpWW5YC3IitdLod4p865n0YLz4px
D0Pe7L0Gvn4Gr8PmIjs+3HAGJVFDFKv5z5jPTR9S1JHXyY+ChfFhALwBYHFZVgL0
LmboYnbT/gixFv13yO9zAoGAcQmCg5uN4DlB2rp2p9LsDLlbwOAvFcfJ3GVcSBK4
lopbkrlVZOWZOosFXvVuVyLZKKKPL/kWg3x/Ls8XPRmpNrV9285g9y8nnO5xPMQx
ylBjOvlEju32wPvqetVMb+sdKPjhOIqJ4yzX6p4OqcxSUnQq6IfA6O60ddKex+GG
mM0CgYAqm3oISjWhyq+4iN4C2eQXtAdAjkA7c0ZaHRFFapOI+ZqPXEi+oyhuPj4Z
ZeUcZkS9cYKkgRGDG33p1ZiR+iY7I6Qv8Seyu/oh75/lL0imiq7yKTmizL2WIow7
lT1yYNZJI/YNEdWPKOZl6kYsHliW8TaUk0yvDC/LPADabjvjzg==
-----END RSA PRIVATE KEY-----
";
MemoryStream keyStream = new MemoryStream(Encoding.UTF8.GetBytes(key));
new PrivateKeyFile(keyStream);
A related question: "Renci.SshNet.Common.SshException: Invalid private key file" when loading SSH private key from configuration string using SSH.NET.
Upvotes: 40
Reputation: 1
Had this problem as well.
Be sure to set your stream to position 0 using seek method or setting position = 0.
Looked in the SSH.Net code. When I don't set the position, it reads the stream and generates an empty string -- which is an invalid key, cleary. A better error would be nice . . .
Upvotes: -1
Reputation: 11
Sorry to say that spend hour in this open ssh issue..final fixed it by upgrading my ssh.net lib from 2016 to 2020.. it was my mistake didn't tried it before
Upvotes: -2