I try to connect to an SSH server with nsoftware's IP*Works components without password. The only information about the components' capability is described in the following document:
http://www.nsoftware.com/kb/help/BWN1-A/Type_Certificate.rst
I have created keys with Putty, which is a PPK file as:
PuTTY-User-Key-File-2: ssh-rsa
Encryption: aes256-cbc
Comment: rsa-key-20130329
Public-Lines: 4
...
Private-Lines: 8
...
Private-MAC: ...
However any tries to open this file with nsoftware.IPWorksSSH.Certificate fails. Does anybody have an experience with the Certificate object of Ip*works?
Indeed, IP*Works does not use the same key format as PuTTY. You will need to convert the key. This is documented here:
Are .ppk files supported?
Related
When trying to create a PrivateKeyFile object I get the following error:
Access to the path is denied.
Here is the code:
PrivateKeyFile pk = new PrivateKeyFile(keyfile);
I have tried to tweak the Windows security settings (to the point where I set Full Access to Everyone) and that still hasn't solved my issue.
There is no pass phrase for the key.
Anyone run into this? If so do you have a solution?
Thanks.
I appear to have found my problem. The original key was generated on an AIX server. I did check it with PuttyGen, which acknowledged it as an OpenSSL private key.
However, I decided to run the Conversion to OpenSSL anyway. Once I did that and tried again, it worked and allowed me to connect to the server.
So that seems to be the problem.
I can send notifications to my iPhone device succeffully using Push Sharp via sandbox APNS server but I am having a problem.
I have generated .cer and .p12 files and then installed them on my windows 8 development machine successfully.
I used this tutorial to install the certificates on my windows 8 machine.
Yesterday things were working fine and I was sending the notification successfully. I shutdown my system and then next day when I try to run the code I was getting following exception:
the message was unexpected or badly formatted pushsharp
I tried different solution available on Google but nothing helped. Then I delete the certificates from my machine and then re-install them and things started to work again.
In order to make the service fool proof I shutdown the system to check if notification sending fails or not, and yes it fail again with the same exception.
I again deleted the certificates and re-install them to correct the issue. I do not know whats the actuall problem? what makes PUSHSharp to stop sending notification after shutdown.
Note: Windows firwall is disabled.
Any idea?
I have been working with PushSharp for the past few weeks and have not had this problem. My environment is Windows 7 however. After you've created the appropriate Push Notification Certificate in iPhone Developer Program Portal you should have downloaded a file named something like apn_developer_identity.cer. If you have not done so already, you should open/import this file into Keychain, into your login section.
Finally, if you filter Keychain to show your login container's Certificates, you should see your Certificate listed. Expand the certificate, and there should be a Key underneath/attached to it.
Right Click or Ctrl+Click on the appropriate Certificate and choose Export. Keychain will ask you to choose a password to export to. Pick one and remember it. You should end up with a .p12 file. You will need this file and the password you picked to use the Notification and Feedback Libraries here.
OpenSSL
Here is how to create a PKCS12 format file using open ssl, you will need your developer private key (which can be exported from the keychain) and the CertificateSigningRequest??.certSigningRequest
Convert apn_developer_identity.cer (der format) to pem:
openssl x509 -in apn_developer_identity.cer -inform DER -out apn_developer_identity.pem -outform PEM}
Next, Convert p12 private key to pem (requires the input of a minimum 4 char password):
openssl pkcs12 -nocerts -out private_dev_key.pem -in private_dev_key.p12
(Optional): If you want to remove password from the private key:
openssl rsa -out private_key_noenc.pem -in private_key.pem
Take the certificate and the key (with or without password) and create a PKCS#12 format file:
openssl pkcs12 -export -in apn_developer_identity.pem -inkey private_key_noenc.pem -certfile CertificateSigningRequest??.certSigningRequest -name "apn_developer_identity" -out apn_developer_identity.p12
Once you generate the p12 file using these steps you will not really need to snap it to your console. You will just need to make changes in your code as follows:
var appleCert = File.ReadAllBytes("C:/Certificate/aps_dev_identity.p12");
Hope this helps.
I have been working on MOON APNS since 2012 and it's working fine but from last few days i am getting below error message
Error Message : System.Security.Authentication.AuthenticationException: A Call to SSPI failed, see inner exception.
System.ComponentModel.Win32Exception: The message received was
unexpected or badly formatted
Solution : in PushNotification.cs file replace
_apnsStream.AuthenticateAsClient(host, certificates, System.Security.Authentication.SslProtocols.Ssl3, false);
with
_apnsStream.AuthenticateAsClient(host, certificates, System.Security.Authentication.SslProtocols.Tls, false);
As, I didn't find any confirmation from apple side but from github.com I found solution for this and it's work for us.
It's seems that apple depricate "unsafer" protocol SSL.
Check first if you can do the notifications with C# code like this one first, then worry about the installation. I had the same message when I was trying to execute the code, I didn't care about installation, and solved it by making sure that I use a certificate of type .p12 and not .pem and to make sure that the .p12 had a password. I can now send notifications to my iPhone from a console C# app in my pc.
I am using SharpSSH's Sftp class to upload files. Someone has requested that I enable RSA authentication. I can't find an info how how to do this. What do I need to do in order to support public key authentication in SharpSSH?
All I currently do is this
ftp = new Sftp(config.SftpServer, config.SftpUsername, config.SftpPassowrd);
ftp.Connect();
In order to connect with an RSA I needed to create an OpenSSH format key and save it to disk. PuttyGen worked well for this. Then I simply needed to call AddIdentityFile with that file like so
ftp = new Sftp(config.SftpServer, config.SftpUsername, config.SftpPassowrd);
ftp.AddIdentityFile("file");
ftp.Connect();
I am currently trying to convert a Java code into C# in order to establish a SSL LDAP connection.
In Java, I can specify the certificate's location with the following: System.setProperty("javax.net.ssl.trustStore", "D:\\xnet\\ldap\\cacerts");
What is the equivalent in C# ? How can I specify where the certificate is ? (LdapConnection.ClientCertificates being read-only)
Thank you very much
The ClientCertificates property is a CertificateCollection instance, you should be able to add a certificate to this collection:
connection.ClientCertificates.Add(myCert);
The X509Certificate would need to be loaded youself, normally from one of the Windows certificate stores, see this page on MSDN for details on how to load a certificate.
I want to be able to execute openssh with some custom arguments and then be able to automatically login to the server. I want that my script will enter the password if needed and inject 'yes' if I'm prompted to add the fingerprint to the known hosts.
I've found SharpSsh for C# that do that, but I also need to use -D parameter and use ProxyCommand that I define in SSH, and the library is quite lacking for that usage.
Another thing that I've found was pexcept for Python that should do the trick but I couldn't find where to download it, on the offical page I'm being redirectred from sourceforge to some broken link.
Any help would be appreciated,
Bill.
If you use OpenSSH and then have a script to inject password in clear (meaning, you have stored the password unencrypted) it is defeating the purpose of secure shell.
Please strongly consider using public key mechanisms which can be easily and securely automated.
I'll second the recommendation to use public key authentication. Rather than hack around with expect, you might want to consider Paramiko - it's a native SSH client for Python which would greatly simplify the communications process, particularly if you ever need to interact with the remote server and it has support for things like SFTP built-in.
i use pexpect for similar purpose and download also work?
http://sourceforge.net/project/downloading.php?group_id=59762&filename=pexpect-2.3.tar.gz
here is a portion fro my ssh automate script, you can customize it for you usage
it may not run out of the box
import os
import getpass
import pexpect
import glob
import logging
import shutil
import time
class UpdateError(Exception): pass
g_password = None
def runSshCommand(cmd):
global g_password
ssh_newkey = 'Are you sure you want to continue connecting'
# my ssh command line
p=pexpect.spawn(cmd)
i=p.expect([ssh_newkey,'password:',pexpect.EOF])
if i==0:
print "Saying yes to connection.."
p.sendline('yes')
i=p.expect([ssh_newkey,'password:',pexpect.EOF])
if i==1:
while True:
if g_password is None:
g_password = getpass.getpass("password:")
p.sendline(g_password)
i = p.expect(['password:',pexpect.EOF])
if i==0:
g_password = None
print "Wrong password"
else:
break
elif i==2:
raise UpdateError("Got key or connection timeout")
return p.before
There is some excellent documentation on using Putty with generated SSH key authentication. This is an easy and secure way to accomplish your goals. Putty has a great set of features, for a windows SSH app. Even better when you consider that you can get it on the free.
pexpect can't import on Windows. So, I use plink.exe with a Python subprocess to connect to the ssh server.
Another way is to to use openssh and establish a trusted key; if both client and the user account on the server have this key, then openssh does not request a password.
I have a script that automates setup of this - it works under cygwin,
http://mosermichael.github.io/cstuff/all/projects/2011/07/14/ssh-friends.html
I hope Net::SSH::Expect Perl module will be of help to you.