• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

sftp rsa key auth

E

evilmoe2

Not needed
Hello,

Would you please add the feature to use sftp with a rsy auth key + password (security reason).
I normally dont allow sftp connection with just a password on my servers, but unfortunately I have to atm with chevereto.


Sven
 
Last edited:
When you mention security you say it because the password is stored in the Chevereto database?
 
Not only because of the clean text password saved in the db. I care more about the security of my servers. I have to enable password login on the server. Which is a security risk.
 
I think that it could be added, can you test it?

app/lib/classes/class.sftp.php

This:
PHP: 
if(!$this->resource->login($args['user'], $args['password'])) {

Should be this:
PHP: 
if(!$this->resource->_privatekey_login($args['user'], $args['password'])) {

(taken from here: http://phpseclib.bantux.org/api/master/)
 
I get a internal server error then. In my auth.log I just see "Connection closed by 127.0.0.1 [preauth]".

EDIT: I have installed the php-seclib package.
 
I haven't test it. As you may notice is not a popular request.
 
You must log in or register to reply here.
Back
Top