Windows Terminal SSH – add an option to send the SSH public key

Advertisement

fischer
Donor
Joined:
Posts:
17

Windows Terminal SSH – add an option to send the SSH public key

If you use key authentication and store the key in WinSCP, it can't be sent to the Windows terminal. You have to edit the ssh config file to tell the Windows Terminal where to look for the key.
wt.exe ssh.exe !U@!@  -t "cd !/ \; /bin/bash --login"

It would be nice if we could send the key argument, perhaps like this
wt.exe ssh.exe -i !K@ !U@!@  -t "cd !/ \; /bin/bash --login"
Last edited by fischer on 2022-08-27 07:58; edited 1 time in total

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,454
Location:
Prague, Czechia

Re: Windows Terminal SSH – add an option to send the SSH public key

Problem is that ssh cannot use .ppk keys that WinSCP does. WinSCP would have create a new file with converted copy of the key.

Reply with quote

fischer
Donor
Joined:
Posts:
17

Is it possible to try and look for .pem and .pub files in the .ssh folder and send those to Windows Terminal? All users have pem and pub my default and only convert to ppk when asked to.

Now in my .ssh folder, I have foo.ppk and foo.pem.

All other software, MySQL Workbench, Bitvise, MobaXterm, Royal TS, etc, all of them support pem and pub files.

I always wondered what the guy who invented ppk was thinking! Taking a hugely popular file format and deciding to convert it to something else. It's in the top 1000 most useless software inventions ever.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
41,454
Location:
Prague, Czechia

Do you mean to look for a file with .pem extension and the same name and location as the .ppk file? Or for the default id_* key file in .ssh folder?
And if they do not exist?

Also if there's no key (either because there's no .pem equivalent or there's no key in that session at all), what would the !K@ resolve to? I believe that the -i with no argument would break ssh.

Reply with quote

fischer
Donor
Joined:
Posts:
17

Yes, that's what I mean, that's correct.

We can do 2c things:
  1. add a "pem" or "pub" input field here, and send the file if it exist.

  2. Or we can check if the "pem" or "pub" file exists in the folder, if yes then, send it to ssh. like something like
    if (file_exist(file.pem) || file_exist(file.pub)){
       ssh_command = "ssh -i filename user@host"; 
    }
    else {
       ssh_command = "ssh user@host";
    }

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,454
Location:
Prague, Czechia

But that logic is way beyond what current pattern replacement mechanism of WinSCP is capable of. We are drifting way off the original "add an option to send the SSH public key".
Though you could write a wrapper script that would do it for you.
So I'm adding your original requirement to WinSCP tracker:
Issue 2107 – Private key pattern in PuTTY command-line
You can vote for it there. The rest is on you :)

Btw, .pub file (public key) cannot be used for authentication. You need the private key.

Reply with quote

fischer
Donor
Joined:
Posts:
17

I'm willing to write a wrapper script for that, that's what I initially wanted to do, but the problem is, I don't know how to read a public key from WinSCP.

!U@ will return the username
!P@ will return the password.

How to return the key? I don't see anything here
https://winscp.net/eng/docs/integration_putty

If I know how to return the key stored within WinSCP, then I can write a script to do what I want.

Reply with quote

martin
Site Admin
martin avatar

There's no way to return the key – yet. That's what the feature request in the tracker is for!

Btw, it's !U and !P. Not !U@ and !P@.

Reply with quote

Advertisement

martin
Site Admin
martin avatar

I'm sending you an email with a development version of WinSCP to the address you have used to register on this forum.

The new pattern is !K.

Reply with quote

Advertisement

You can post new topics in this forum