[JayO]

I’m trying to upload via sftp, on a Debian desktop to a linux server. Publii (v.0.38.2 (build 14204)) can connect if I give it a password-protected ssh key.

Making the very same key passwordless however, results in “An error occured during connecting to the server. Please check your server settings or try again” and in the log: No SFTP connection available” The password field in the settings is empty.

I can login fine using “sftp -i publiikey username@hostname”.

The deployment-errors.log is below but doesn’t tell me much. The other logs are empty.

(node:59287) UnhandledPromiseRejectionWarning: Error: end: No SFTP connection available
at fmtError (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/utils.js:53:18)
at haveConnection (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/utils.js:190:20)
at /opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/index.js:1077:11
at new Promise (<anonymous>)
at SftpClient.end (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/index.js:1069:12)
at /opt/Publii/resources/app.asar/back-end/modules/deploy/sftp.js:93:29
at processTicksAndRejections (internal/process/task_queues.js:97:5)
(node:59287) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 5)
(node:59287) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

 

[JayO]

(the title should have been “passwordless ssh key”)

[Tomasz Dziuda]

Hi,

I suppose that ssh key without password is a not great idea due security reasons, but anyway I will try to diagnose this issue and fix it in Publii v.0.38.3 or v.0.39.

Thank you for your feedback 🙂

--
Do you appreciate the support you've received today? If so, consider donating to the Publii team by clicking here; we'll be sure to use your donation to make Publii even better!

[JayO]

Tomasz Dziuda wrote:

I suppose that ssh key without password is a not great idea due security reasons

It’s not less secure than storing that key’s password, or any password in the Publii config 😉
But there is the concept of an SSH-Agent (ssh-agent on linux systems, peagent in the putty suite) which loads the encrypted ssh key into memory, where it is available for use without password – all 100% transparent.

I’m not sure which ssh library is used for what, https://github.com/theophilusx/ssh2-sftp-client refers to <span class=”pl-c1″>agent</span>: <span class=”pl-s1″>process</span><span class=”pl-kos”>.</span><span class=”pl-c1″>env</span><span class=”pl-kos”>.</span><span class=”pl-c1″>SSH_AGENT</span><span class=”pl-kos”>,</span> <span class=”pl-c”>// string – Path to ssh-agent’s UNIX socket</span>

Let me know if I can help, I have quite a bit of experience of ssh and sftp.

[Tomasz Dziuda]

It’s not less secure than storing that key’s password, or any password in the Publii config 😉

But do you know that Publii does not store your key’s password and any other passwords in their config? It is stored using system password storage system using node-keytar 🙂

Anyway – as I wrote – I will try to diagnose this issue in my free time 🙂

--
Do you appreciate the support you've received today? If so, consider donating to the Publii team by clicking here; we'll be sure to use your donation to make Publii even better!

[Author]

Posts