possible bug: keyless ssh key
- This topic has 3 replies, 2 voices, and was last updated 2 days, 11 hours ago by .
- June 7, 2021 at 10:29 am #5934JayO
I’m trying to upload via sftp, on a Debian desktop to a linux server. Publii (v.0.38.2 (build 14204)) can connect if I give it a password-protected ssh key.
Making the very same key passwordless however, results in “An error occured during connecting to the server. Please check your server settings or try again” and in the log: No SFTP connection available” The password field in the settings is empty.
I can login fine using “sftp -i publiikey username@hostname”.
The deployment-errors.log is below but doesn’t tell me much. The other logs are empty.
(node:59287) UnhandledPromiseRejectionWarning: Error: end: No SFTP connection available at fmtError (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/utils.js:53:18) at haveConnection (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/utils.js:190:20) at /opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/index.js:1077:11 at new Promise (<anonymous>) at SftpClient.end (/opt/Publii/resources/app.asar/node_modules/ssh2-sftp-client/src/index.js:1069:12) at /opt/Publii/resources/app.asar/back-end/modules/deploy/sftp.js:93:29 at processTicksAndRejections (internal/process/task_queues.js:97:5) (node:59287) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 5) (node:59287) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.June 7, 2021 at 3:02 pm #5936JayO
(the title should have been “passwordless ssh key”)June 12, 2021 at 9:57 am #5957Tomasz Dziuda
I suppose that ssh key without password is a not great idea due security reasons, but anyway I will try to diagnose this issue and fix it in Publii v.0.38.3 or v.0.39.
Thank you for your feedback 🙂
Do you appreciate the support you've received today? If so, consider donating to the Publii team by clicking here; we'll be sure to use your donation to make Publii even better!June 12, 2021 at 1:44 pm #5960JayO
I suppose that ssh key without password is a not great idea due security reasons
It’s not less secure than storing that key’s password, or any password in the Publii config 😉
But there is the concept of an SSH-Agent (ssh-agent on linux systems, peagent in the putty suite) which loads the encrypted ssh key into memory, where it is available for use without password – all 100% transparent.
I’m not sure which ssh library is used for what, https://github.com/theophilusx/ssh2-sftp-client refers to <span class=”pl-c1″>agent</span>: <span class=”pl-s1″>process</span><span class=”pl-kos”>.</span><span class=”pl-c1″>env</span><span class=”pl-kos”>.</span><span class=”pl-c1″>SSH_AGENT</span><span class=”pl-kos”>,</span> <span class=”pl-c”>// string – Path to ssh-agent’s UNIX socket</span>
Let me know if I can help, I have quite a bit of experience of ssh and sftp.
- You must be logged in to reply to this topic.