New plugin available: SFTP

Support for Android version of Total Commander

Moderators: white, Hacker, petermad, Stefan2

obmana
Junior Member
Junior Member
Posts: 53
Joined: 2013-08-28, 15:35 UTC

Post by *obmana »

As said I successfully connected previously when pub key was not needed. I can connect to the same machine through LAN (TC plugin)

From log.txt:

Code: Select all

2016-06-27 17:12:08 LAN:SMB:anon@192.168.100.3/pdf/
2016-06-27 17:12:22 LAN:SMB:anon@192.168.100.3/pdf/scripts/
And I can connect with same keys from my desktop through TC SFTP plugin
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

But the log file clearly shows that no connection could be established. Could you temporarily allow password login again to check this?
Author of Total Commander
https://www.ghisler.com
obmana
Junior Member
Junior Member
Posts: 53
Joined: 2013-08-28, 15:35 UTC

Post by *obmana »

You were right - as I could not connect just with password login, I temporary disabled firewall for private networks, and now it works, thanks :)

Long story short - I overlooked that I was previously using Bitvise SSH Server and now I use sshd from WSL Bash shell
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

Nice to see that you could resolve it, thanks for your feedback!
Author of Total Commander
https://www.ghisler.com
pwd4361
New Member
New Member
Posts: 1
Joined: 2016-07-10, 16:53 UTC

Post by *pwd4361 »

I've just started using the sftp plugin, and I apologise in advance if I'm missing something obvious.

I'm trying to get some images from a machine which runs an ssh service. I can connect to it using the sftp plugin and see the directories and files - but when I select one, the only two options I get are "Download+open" and "Download+edit". The file gets downloaded to a temporary directory, and deleted when I've finished using it.

How do I save the file permanently?
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

You seem to be refering to the Android plugin - this thread is about the Windows plugin. But the same applies to both plugins: Do not try to open the file, it will be downloaded only temporarily. Instead, select it (or multiple files) and copy it to the other panel with the copy button (Total Commander is a 2 panel file manager).
Author of Total Commander
https://www.ghisler.com
bvsmdjktgc
Junior Member
Junior Member
Posts: 6
Joined: 2016-12-18, 14:56 UTC

Post by *bvsmdjktgc »

Can I connect to a ssh server with an ed25519 key?
You use the sshj library which supports ed25519.

But as there is no pem file for ed25519, I am wondering how to connect via the SFTP plugin!?
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

You need to pass both the public key and private key to the SFTP plugin. The pem file has to contain the private key, and the pub the public key. The plugin then calls
libssh2_userauth_publickey_fromfile.

There must be some kind of private key for ed25519 too, otherwise there would be no secret if there were only a public key.
Author of Total Commander
https://www.ghisler.com
bvsmdjktgc
Junior Member
Junior Member
Posts: 6
Joined: 2016-12-18, 14:56 UTC

Post by *bvsmdjktgc »

Thank you for your quick reply.

When I manually put the 'private' and 'public' part together and save it as pem, then I get the error:

Code: Select all

UserAuthException: Exhausted available authentication methods
I searched for a non manual method, but there doesn't seem to exist one:

Code: Select all

ssh-keeygen -f id_ed25519 -e -m pem
do_convert_to_pem: unsupported key type ED25519

Code: Select all

-o
Causes ssh-keeygen to save private keys using the new OpenSSH format
rather than the more compatible PEM format. The new format has
increased resistance to brute-force password cracking but is not
supported by versions of OpenSSH prior to 6.5. Ed25519 keys always
use the new private key format.
But on supposedly sshj can handle Ed25519, see the github page of sshj README section supported-algorithms (sry I cannot post links).
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

Sorry, I thought that this was about the Windows plugin, since this thread is for the Windows SFTP plugin.

The Android plugin uses an older sshj version which doesn't support Ed25519 yet.

According to the log, ed-25519 was only added recently:
SSHJ 0.19.0 (2016-11-25)
Fixed #276: Add support for ed-25519 and new OpenSSH key format
I will try to use the new library, but I doubt that I can find a server which supports it.

Would you be willing to test a pre-release version?
Author of Total Commander
https://www.ghisler.com
bvsmdjktgc
Junior Member
Junior Member
Posts: 6
Joined: 2016-12-18, 14:56 UTC

Post by *bvsmdjktgc »

ghisler(Author) wrote:Sorry, I thought that this was about the Windows plugin, since this thread is for the Windows SFTP plugin.
After checking the first post in this thread I thought this thread is about the Android plugin though.
ghisler(Author) wrote: Would you be willing to test a pre-release version?
Sure I am happy to test it!
GPEX
Junior Member
Junior Member
Posts: 5
Joined: 2017-01-29, 22:48 UTC

Post by *GPEX »

Great! Exactly what I need, because my main system is Linux
bvsmdjktgc
Junior Member
Junior Member
Posts: 6
Joined: 2016-12-18, 14:56 UTC

Post by *bvsmdjktgc »

ghisler(Author) wrote:
The Android plugin uses an older sshj version which doesn't support Ed25519 yet.

According to the log, ed-25519 was only added recently:
SSHJ 0.19.0 (2016-11-25)
Fixed #276: Add support for ed-25519 and new OpenSSH key format
I will try to use the new library, but I doubt that I can find a server which supports it.
Just needed to access that very same server with the ed25519 certificate.
So I remembered this topic.

Now I tried it again, and now I get following error:

Code: Select all

UserAuthException: Exhausted available authentication methods

IOException: Unsupported cipher aes256-ctr for key pair.
Which version of sshj do you use?
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

Is this about the Android or Windows version of the plugin? I ask because the thread is about the Windows plugin, but you mention Android too.
Author of Total Commander
https://www.ghisler.com
bvsmdjktgc
Junior Member
Junior Member
Posts: 6
Joined: 2016-12-18, 14:56 UTC

Re: New plugin available: SFTP

Post by *bvsmdjktgc »

ghisler(Author) wrote:A new plugin is now available:

SFTP (Secure FTP over SSH).

To download and install it, you need to tap on the green "+" sign (Add plugins) in the TC home folder. Direct link.

The plugin uses the sshj library because there is no OpenSSH on Android. I have modified the library a bit so it supports all Android versions since Android 1.5 (instead of >=2.3).

There are two versions of this plugin:
1. A smaller version which supports login via user name and password only. This version relies on built-in Android crypto functions. Use this if you can.

2. A large (1 MByte) version which also supports login with a client certificate. The certificate must be in PEM format (just like for the desktop version of TC), which may be password protected (recommended). If you enter a password AND specify a PEM file, TC will assume that the password is for decrypting the PEM.

Unfortunately user certificate authentication only works on Android 2.0 and later versions. The plugin is that large because it contains the entire BouncyCastle crypto library (with renamed classes to replace the incomplete Android library).

Please test it and send me feedback!
Currently this plugin is only available as a direct download. I will put the smaller version on Google Play once the beta test is over.
This is a quote of the first post of this thread. I read 7x the word Android in the opening post of this thread. So I assume that this is the Android version!? Or am I terribly wrong?
Post Reply