New plugin available: SFTP

Support for Android version of Total Commander

Moderators: white, sheep, Hacker, Stefan2

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2013-09-06, 19:56 UTC

/mnt/sdcard is probably a link, not a real folder, so it appears as a file if the sftp server doesn't handle it correctly. Try using the directory history in Total Commander to return to /mnt/sdcard.
Author of Total Commander
http://www.ghisler.com

charly_35
Junior Member
Junior Member
Posts: 20
Joined: 2010-03-26, 17:14 UTC
Location: France Rennes 35

Post by *charly_35 » 2013-09-06, 20:53 UTC

Yes this is the pb. In fact, the sdcard is now mounted on /storage and not on /mnt
That was my mistake.
Thanks.
Charly_35
Cdlt Charles.

Andy8
Junior Member
Junior Member
Posts: 6
Joined: 2014-09-05, 10:59 UTC

android sftp connect

Post by *Andy8 » 2014-09-05, 11:28 UTC

I am not able to connect with user name and password:
always get the message:
sftp exhausted available authentication...

how to solve this?

ftp connection works well!

User avatar
Hacker
Moderator
Moderator
Posts: 11025
Joined: 2003-02-06, 14:56 UTC
Location: Bratislava, Slovakia

Post by *Hacker » 2014-09-05, 16:41 UTC

Andy8,
Can you connect with other SFTP clients? If yes, please post a log of the connection.

Roman
Mal angenommen, du drückst Strg+F, wählst die FTP-Verbindung (mit gespeichertem Passwort), klickst aber nicht auf Verbinden, sondern fällst tot um.

Andy8
Junior Member
Junior Member
Posts: 6
Joined: 2014-09-05, 10:59 UTC

Post by *Andy8 » 2014-09-06, 14:43 UTC

yes I can connect with Linux Mint 17:
Open Thunar Location Bar and type: sftp://192.168.1.xxx:22/

Then a window opens and asks for user and password,
and then it is ok...
I don't have log data of the connection available.

If I use the same data with Android TC, with the same user,
(or at least In try to use the same username...)
the window also opens and asks for the password,
but then with no success, and the message:
sftp exhausted available authentication...

The password is simple ascii with no special characters.

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2014-09-07, 08:30 UTC

The message:
sftp exhausted available authentication...
means that the server was configured to use login methods not supported by the SFTP plugin. There are multiple login types:
1. Password: The client sends user name and password in clear text (but the connection itself is of course encrypted)
2. Keyboard interactive: The server asks for user name and password separately, and the client provides them when asked
3. GSSapi: This is some kind of challenge-response method where client and server exchange encrypted messages to authenticate
4. Kerberos: Similar to GSSapi
5. Public key: The user provides a client certificate to log in. This is configured in the plugin via "User certificate (PEM file)".

The sshj library used by TC supports methods 1,2 and 5.

If you have access to the server, look at the file /etc/sshd/sshd_config to find out which methods are enabled. To log in with user name and password, at least one of the following methods needs to be enabled with one of these lines:
ChallengeResponseAuthentication yes
or
PasswordAuthentication yes

If you don't have access to the server, you can install Total Commander for Windows and my SFTP plugin. Then enable FTP logging, and try to log in. The following line will appear in the log:

Supported authentication methods: publickey,password,keyboard-interactive

These 3 are supported by TC for Windows and TC for Android. If none of the 3 is showing up here, you will not be able to log in.
Author of Total Commander
http://www.ghisler.com

Andy8
Junior Member
Junior Member
Posts: 6
Joined: 2014-09-05, 10:59 UTC

Post by *Andy8 » 2014-09-07, 10:33 UTC

many thanks for answering and for your patience!

I am using method 2 with TC and with Linux.
But sorry to say, I did not notice:
the "new connection" is asking for username and pw
but this is hidden under the keyboard... :?

now with complete input: IT IS WORKING :lol: FTP and SFTP !!

I have one more question: will open a new tobic

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2014-09-08, 09:10 UTC

2Andy8
That's odd, the input dialog should always appear above the keyboard! What device are you using? Screen resolution?
Author of Total Commander
http://www.ghisler.com

Andy8
Junior Member
Junior Member
Posts: 6
Joined: 2014-09-05, 10:59 UTC

Post by *Andy8 » 2014-09-08, 14:32 UTC

I use an Nexus 7, and the screen resolution is not
the problem.
IMHO this is system immanent: because the keyboard
always pops up if an input is required.
I was just not careful enough to check it out... :oops:
Anyway, thank you for your help!

ulicky
New Member
New Member
Posts: 1
Joined: 2014-12-08, 20:06 UTC

Post by *ulicky » 2014-12-08, 22:23 UTC

I am not able to connect with user name and password AND certificate:
always get the message:
sftp exhausted available authentication...

My SFTP needs valid user certificate AND username/password auth.
I see when cert is in use, this plugin is not using password as password for user, but as password for certificate. Can this be altered to way to support username, password + certificate and its password? Ideally include certificate not as point to file, but paste to some textbox? Thanks

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2014-12-11, 10:54 UTC

Sorry, this isn't supported. If you enter a password, it will be used to decrypt the user certificate.
Author of Total Commander
http://www.ghisler.com

obmana
Junior Member
Junior Member
Posts: 52
Joined: 2013-08-28, 15:35 UTC

Post by *obmana » 2016-06-26, 10:02 UTC

ghisler(Author) wrote:About the large version: If your client certificate file (*.pem) doesn't contain the public key, you need to put the public key (*.key) in the same directory and give it the same name as the .pem file.
Through desktop TC, I successfully connect to a linux server, which grants access to my pub key. So I use the following keys on my desktop TC:

id_rsa
id_rsa.pub

IIUC, .pem is just an OpenSSH private key with pem extension. So I copied id_rsa to id_rsa.pem and id_rsa.pub to id_rsa.key, and uploaded to my tablet. However I cannot make connection by using id_rsa.pem on my tablet as it times out.

What am I doing wrong?

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2016-06-27, 12:51 UTC

Please create a log file of the login process:

1. Switch to the internal SD card by going to the home folder, and then going to "SD-Card"
2. Create a new folder named
.TotalCommander
including the dot at the beginning (if it doesn't exist yet)
3. You may need to enable the display of hidden files in the TC configuration if you cannot see that folder.
4. Go inside this folder .TotalCommander
5. Create a new file named log.txt by holding down a finger on the first line (..)
6. Close Total Commander via "X" button and restart it

Please replace any sensitive names by other things before posting, but please do not delete any lines.
Author of Total Commander
http://www.ghisler.com

obmana
Junior Member
Junior Member
Posts: 52
Joined: 2013-08-28, 15:35 UTC

Post by *obmana » 2016-06-27, 15:20 UTC

There in not much info:

Code: Select all

2016-06-27 17:09:33 SFTP:refresh list
2016-06-27 17:09:38 SFTP:Connecting...
2016-06-27 17:10:41 SFTP:ConnectException: failed to connect to /192.168.100.3 (port 22): connect failed: ETIMEDOUT (Connection timed out)
Previously, when server was not restricted to allowed keys, but just with password I was connecting successfully.

User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 36439
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) » 2016-06-27, 15:25 UTC

This means that your device couldn't reach the IP address given. It didn't even come to the point where it could send login information like client certificate. Maybe it's blocked by a firewall, or in wrong subnet?

Can you ping the IP address from Android?
Author of Total Commander
http://www.ghisler.com

Post Reply