ghisler(Author) wrote: 2025-08-10, 08:13 UTC
It's the job of the server to verify the code. A client can't just bypass security. Therefore something must be misconfigured on your server.
Have you tried entering an empty code on any other SSH client? Web Portal doesn't use SSH.
Yes. I was able to replicate it on my personal instance and same issue.
sftp -P user@server 2022 asks for a password and won't accept an empty TOTP token. It won't accept an incorrect one either, same with WinSCP. I'm using the out of the box SFTPGo config for SFTP, so maybe a key exchange algorithm that allows this bypass or something?
Does SFTPPlug have some kind of verbose logs we could look at?
ghisler(Author) wrote: 2025-08-11, 08:58 UTC
Did you set a client certificate in the plugin? Some servers only require 2 factors, e.g. password+TOTP or password+client certificate.
Nope, no client certificate. So, about those SFTPPlug logs?
You can enable FTP logging in Configuration - Options - FTP to also log file system plugins like SFTP. But it will not save more than what you get in the little 2 line connection log window.
The SFTP plugin is open source, so you can modify it to your needs.
ghisler(Author) wrote: 2025-08-12, 07:52 UTC
You can enable FTP logging in Configuration - Options - FTP to also log file system plugins like SFTP. But it will not save more than what you get in the little 2 line connection log window.
The SFTP plugin is open source, so you can modify it to your needs.
If you are really sure it's an issue with SFTPGo I will move to their issues page, I just want to make sure.
According to the log, TC first tries with keyboard-interactive method, where it first sends the password and then the authentication code. This fails with error "Authentication failed (keyboard-interactive)".
Then TC tries authentication via password method, which doesn't ask for the second factor.
The server should not support the "password" method if it requires a second factor. Only keyboard-interactive should be enabled. Password authentication only asks for a password, no other factors are possible.
According to the log, TC first tries with keyboard-interactive method, where it first sends the password and then the authentication code. This fails with error "Authentication failed (keyboard-interactive)".
Then TC tries authentication via password method, which doesn't ask for the second factor.
The server should not support the "password" method if it requires a second factor. Only keyboard-interactive should be enabled. Password authentication only asks for a password, no other factors are possible.
Understood, looks to me like SFTPGo is falling back to just the valid password even when it shouldn't. I will move this to SFTPGo issues then. Thanks!
Can I just ask for one more small thing? Could you please pin the current latest version of the 3.10 beta 9 to Page 1 so it's easier to find?
Thanks.
I did search for a solution and experimented my self a little bit, but it's time to ask the experts!
Situation: I often need to modify multiple identical php files. For this purpose I use Find files -> search in: i:\domains; k:\domains; m:\domains
The drive letters are network drives from webdrive. But performance with it is very bad.
I've got the sftp plugin working and connect with it to three servers. My only problem is that a search in: \\\Secure FTP\Server-1\home\admin\domains\; \\\Secure FTP\Server-2\home\admin\domains\; \\\Secure FTP\Server-3\home\admin\domains\
do not work!
It only searches in \\Secure FTP\Server-1\home\admin\domains\ and ignores the other two servers. I don't have this problem with i:\domains; k:\domains; m:\domains
I made sure all three servers were connected (green lockpad)
For me it is essential to find multiple files on multiple servers in one search.
How to make a search in: \\\Secure FTP\Server-1\home\admin\domains\; \\\Secure FTP\Server-2\home\admin\domains\; \\\Secure FTP\Server-3\home\admin\domains\ possible?
Last edited by Karel-TC on 2025-08-22, 14:00 UTC, edited 1 time in total.
I have this SFTP host which sometimes (due to routing issues or whatever) drops, and then just need a reconnect to make things run smooth again. This, however, generates a "Connection failed; Continue?" dialog box with the SFTP plugin. First off, is there a way to "automat" the Continue! answering? And second, unfortunately, it seems that when I press Continue it does ignore the previously-failed-transfer file and jumps to the next, resulting in a missed file when the (perhaps long) transfer queue is finished. This is very unfortunate, am I missing out some option to retry-the-failed-file?
ghisler(Author) wrote: 2008-08-13, 16:02 UTC
Note: Only the XP version now needs the latest OpenSSL DLLs! The one for Vista and newer works without any extra dlls!
The XP version uses a different libssh2.dll which uses the OpenSSL DLLs internally for encryption functions.
The version for Vista and newer Windows version uses a libssh2.dll which uses Windows functions for encryption which are missing on XP.
