Work with Putty Pagent for SCP operations

Notes, tips, and other usefull things on how to use LogMX

Moderator: admin

isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Work with Putty Pagent for SCP operations

Post by isheedm »

I use Putty on my Windows machine with Pagent. Can you extend LogMX to use Pagent to allow me to log into remote hosts without a password?
admin
Site Admin
Posts: 555
Joined: Sun Dec 17, 2006 10:30 pm

Post by admin »

Hello,

We don't currently plan to use Pageant, but it may be a good idea. Our dev team will analyze if it's possible, and we will let you know if such a feature will be implemented. Thanks for the idea.

Xavier.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Post by isheedm »

Thanks.

I see you are using the Jsch library. The webpage for Jsch says that it supports Userauth: publickey authentication.

Pagent is the program on Windows that allows publickey authentication to work with Putty. ssh-agent is the supporting application on UNIX for OpenSSH.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Post by isheedm »

Any update on this? I would love to have this feature.
admin
Site Admin
Posts: 555
Joined: Sun Dec 17, 2006 10:30 pm

Post by admin »

Hello,

Sorry for the slow answer.
After looking carefully at how Pageant works, it seems that applications must use Win32 APIs to get Private Keys stored by Pageant. Applications like PuTTY, WinSCP, WinCVS, TortoiseCVS, ... can use Pageant to get user Private keys because they are written in C/C++ and using Win32 APIs.
Pageant seems to use Win32 "Window Messages" (WM_*) to communicate with other applications (instead of sockets, which would be easier for Java applications like LogMX). In Pageant source file "winpgnt.c", see functions "answer_msg()" and "WndProc()", and "winpgntc.c" (from SVN repository "svn://svn.tartarus.org/sgt/putty/windows").

We could use native Java and a Win32 DLL, but we really want to keep LogMX small, independent and portable, so for now, we don't plan to implement such a feature.

Yet, you are right, we're using JSch which handles Public-key Authentication. So we are able to implement key-pair authentication for LogMX, which is more secure than password authentication (but you will still have to type your passphrase without the help of Pageant). This feature will surely be included in a next release.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Post by isheedm »

OK, thanks.

An acceptable workaround would be for LogMX to be able to load my private key file and ask me for the password to unlock it. From that point forward, it could handle the authentication using the private key.

FYI, I looked at the man page for ssh-agent on my Linux machine, and it uses sockets.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Post by isheedm »

Has the ability to use public key authentication been added to LogMX? I have the latest version 1.3.2.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Re: Work with Putty Pagent for SCP operations

Post by isheedm »

This example from the JSch website shows how to do it:

http://www.jcraft.com/jsch/examples/UserAuthPubKey.java
admin
Site Admin
Posts: 555
Joined: Sun Dec 17, 2006 10:30 pm

Re: Work with Putty Pagent for SCP operations

Post by admin »

Hello,

Sorry for this late response. Now LogMX v2.0.0 is released, we are currently studying this private key issue (at first sight, the PuTTY private key file is not directly compatible with JSch expected private key format, but we are trying to parse it and adapt it to JSch).
We will let you know or will get back to you if we have question for this new feature request :wink:

Xavier
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Re: Work with Putty Pagent for SCP operations

Post by isheedm »

Putty can export an OpenSSH private key file, so if that is easier to parse or use, that would be acceptable too.

Thanks for continuing to look into it.
allanlewis
Posts: 3
Joined: Mon Aug 01, 2011 2:19 pm

Re: Work with Putty Pagent for SCP operations

Post by allanlewis »

Any progress on this?
admin
Site Admin
Posts: 555
Joined: Sun Dec 17, 2006 10:30 pm

Re: Work with Putty Pagent for SCP operations

Post by admin »

Hello,

This feature request has currently a low level priority. We already have performed some analysis to implement it, but the implementation is not planned yet.

Yet, since there is one new request to implement such a feature, we now have increased its priority to medium (should be implemented in a few months, but not for the v3.0 release that will be available end of August).

Xavier.
allanlewis
Posts: 3
Joined: Mon Aug 01, 2011 2:19 pm

Re: Work with Putty Pagent for SCP operations

Post by allanlewis »

admin wrote: ...Yet, since there is one new request to implement such a feature, we now have increased its priority to medium (should be implemented in a few months, but not for the v3.0 release that will be available end of August).
Xavier,

Thanks for the reply - glad to know you're working on it! I don't mind whether you get LogMX working with PAgent, or just have LogMX keep its own key repository - either would work for me.

Allan.
isheedm
Posts: 109
Joined: Wed Sep 12, 2007 2:16 pm

Re: Work with Putty Pagent for SCP operations

Post by isheedm »

I'm using LogMX on Windows & Linux, so I prefer that you be able to load a public & private key pair in OpenSSH format. Putty can export OpenSSH formats so that isn't a problem.

I've got several programs that need to load the private/public keys independently (such as Eclipse), so this is probably the best route to take.
admin
Site Admin
Posts: 555
Joined: Sun Dec 17, 2006 10:30 pm

Re: Work with Putty Pagent for SCP operations

Post by admin »

OK, thank you for your input, we will work on this right away for the next major release (v3.1).

Xavier.
Post Reply