• Welcome to the Chevereto User Community!

    Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.

    Please keep in mind:

    • This community is user-driven. Always be polite and respectful to others.
    • Support development by purchasing a Chevereto license, which also gives you priority support.
    • Go further by joining the Community Subscription for even faster response times and to help sustain this space

sftp rsa key auth

E

evilmoe2

Not needed
Hello,

Would you please add the feature to use sftp with a rsy auth key + password (security reason).
I normally dont allow sftp connection with just a password on my servers, but unfortunately I have to atm with chevereto.


Sven
 
Last edited:
When you mention security you say it because the password is stored in the Chevereto database?
 
Not only because of the clean text password saved in the db. I care more about the security of my servers. I have to enable password login on the server. Which is a security risk.
 
I think that it could be added, can you test it?

app/lib/classes/class.sftp.php

This:
PHP: 
if(!$this->resource->login($args['user'], $args['password'])) {

Should be this:
PHP: 
if(!$this->resource->_privatekey_login($args['user'], $args['password'])) {

(taken from here: http://phpseclib.bantux.org/api/master/)
 
I get a internal server error then. In my auth.log I just see "Connection closed by 127.0.0.1 [preauth]".

EDIT: I have installed the php-seclib package.
 
I haven't test it. As you may notice is not a popular request.
 
You must log in or register to reply here.
Back
Top