[Cyberduck-trac] [Cyberduck] #8705: SFTP bookmark always switches to public key authentication, ignoring stored password

Cyberduck trac at trac.cyberduck.io
Thu Mar 26 21:31:25 UTC 2015 

#8705: SFTP bookmark always switches to public key authentication, ignoring stored
password
--------------------+----------------------
 Reporter:  ujay68  |         Owner:
     Type:  defect  |        Status:  new
 Priority:  normal  |     Milestone:
Component:  core    |       Version:  4.6.5
 Severity:  normal  |    Resolution:
 Keywords:          |  Architecture:  Intel
 Platform:          |
--------------------+----------------------
Description changed by ujay68:

Old description:

> How to reproduce:
>
> 1. Create a bookmark with an SFTP connection, Username and Password
> (don't check "Use Public Key Authentication"), and check the "Add to
> Keychain" checkbox.
> 2. Open the connection and exit Cyberduck. (The password is now stored in
> the OS X Keychain.)
> 3. Open Cyberduck again and go to that bookmark. The dialog "Login
> failed" pops up, prompting for the "Private Key Passphrase", with the
> "Use Public Key Authentication" checkbox automatically checked,
> ~/.ssh/id_dsa shown beneath. (The site I use allows SFTP connections with
> username/password, but no PKA.)
>
> If I move away my ~/.ssh folder (which contains PKs for other sites)
> temporarily, Cyberduck uses the stored password and logs into the SFTP
> site without error.
>
> The bookmark should probably memorise the preferred authentication method
> for the site and not switch to PKA only because a ~/.ssh/id_dsa file is
> present.

New description:

 How to reproduce:

 1. Create a bookmark with an SFTP connection, Username and Password (don't
 check "Use Public Key Authentication"), and check the "Add to Keychain"
 checkbox.
 2. Open the connection and exit Cyberduck. (The password is now stored in
 the OS X Keychain.)
 3. Open Cyberduck again and go to that bookmark. The "Login failed" dialog
 pops up ("Exhausted available authentication methods. Please contact your
 web hosting service provider for assistance."), prompting for the "Private
 Key Passphrase", with the "Use Public Key Authentication" checkbox
 automatically checked, ~/.ssh/id_dsa shown beneath. (The site I use allows
 SFTP connections with username/password, but no PKA.)

 If I move away my ~/.ssh folder (which contains PKs for other sites)
 temporarily, Cyberduck uses the stored password and logs into the SFTP
 site without error.

 The bookmark should probably memorise the preferred authentication method
 for the site and not switch to PKA only because a ~/.ssh/id_dsa file is
 present.

--

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/8705#comment:1>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list