SFTP connections using PAGEANT.exe (from putty) to manage key

SFTP connections using PAGEANT.exe (from putty) to manage key

3
NewbieNewbie
3

    Nov 04, 2015#1

    Hi,

    Is it possible to have UltraEdit use PAGEANT.exe agent (from putty team) to manage private keys for SFTP connections in UltraEdit / UltraCompare ?

    My private key has a passphrase and I have to type it once per session in UltraEdit / UltraCompare. When working on tens or hundreds of different servers, you can become mad in no time.

    For Putty (and also FileZilla), I rely only on PAGEANT.exe for which I have to enter my passphrase only once when my computer boots.

    Thanks for your feedback.

    6,688587
    Grand MasterGrand Master
    6,688587

      Nov 05, 2015#2

      I tried to find out what PAGEANT is and how it works by reading How to use Pageant and Putty. But as the author of this page wrote, it is really difficult to understand how this tool works.

      It is possible to use shared FTP accounts for UltraCompare and UltraEdit to avoid the need to define all FTP / SFTP accounts twice as you might already know, see option Share FTP accounts at Advanced - Configuration - FTP in UltraEdit and Options - Configuration - FTP in UltraCompare.

      It is further possible to save password / passphrase in the settings of an FTP / SFTP account which of course is saved strongly encrypted by UC / UE using AES.

      So I think, there is no need for a third-party tool at all.

      But the PAGEANT process works with a key file according to the referenced webpage. And a key file can be configured also on tab SSH/SSL in FTP Account Manager of UC / UE for each SFTP account. So it could be possible to use PAGEANT by configuring this key file for each SFTP account. But I have not evaluated that by myself.
      Best regards from an UC/UE/UES for Windows user from Austria

      3
      NewbieNewbie
      3

        Nov 05, 2015#3

        Hi,

        thanks for your reply.

        About shared accounts between UE and UC, I tried that some time ago (1-2 years), and I remember I had to revert back to split configuration because of some issue I encountered (but can't remember exactly what ...). I'll give it a new try, this may have changed (but won't solve them main issue though).

        Can you tell me more about "It is further possible to save password / passphrase in the settings of an FTP / SFTP account"? I know how to store the password for a user account, but I can't find anything for the passphrase of the SSH key.

        About your last suggestion, yes, PAGEANT loads the private key(s) that you want and will pass key(s) (along with the passphrase(s) I guess) to the tools that can work with PAGEANT.exe. This is the case for Putty, FileZilla, Sublime Text, NotePad++ (using plugin NppFTP) and probably many others. I tried to configure the private key in "PAGEANT format" in a test SFTP connection but PAGEANT.exe did not seem to "catch" the key and be able to "send" the passphrase to UE/UC because UE/UC asked me for the passphrase anyway.

        I had a look at the link you posted (Howto use Pageant and Putty). Real life is simpler than what this page describes : run pageant.exe at windows boot with private key(s) file names as parameters, enter once the passphrase(s) when prompted to (after windows boot) and that's pretty much over : Putty, FileZilla, etc. will never again ask for a password and use the private key instead (without typing the passphrase).

        6,688587
        Grand MasterGrand Master
        6,688587

          Nov 07, 2015#4

          schampy wrote:I know how to store the password for a user account, but I can't find anything for the passphrase of the SSH key.
          I could not find much about passphrase management by UC/UE, too. Therefore I have just sent an email to IDM support for clarification. I have added also a link to this forum topic.

          I use only one SFTP account which uses just a password for authentication and a public key I need to accept. Therefore I'm not able to play myself with PAGEANT. Let's wait what IDM support replies.

          Of course you could ask also IDM support by email for help on your request if you don't want to wait until another forum member with more experiences in using SFTP connections with private SSH keys and passphrases than I contributes here something useful regarding this topic.
          Best regards from an UC/UE/UES for Windows user from Austria

          3
          NewbieNewbie
          3

            Nov 09, 2015#5

            Hi Mofi,

            thanks for your help.
            I had already opened a ticket at IDM support (almost simultaneously to this forum thread), and it appears that there is not much about passphrase management in UE/UC, from PAGEANT.exe support (which would be ideal) to the simple possibility to store the passphrase "somewhere" inside the products.

            Let's hope at least a quick solution can come (storing the passphrase, it should not be too difficult). But for the PAGEANT.exe support, the bad news is that the whole FTP component in UE/UC is a third party piece of code from WeOnlyDo, so it may be very difficult to have a solution.

            Fingers crossed ...

            6,688587
            Grand MasterGrand Master
            6,688587

              Nov 09, 2015#6

              I have received the reply from IDM support today, too. Saving a passphrase automatically passed to the server after connecting with the public/private keys is indeed not possible yet in UE v22.20.0.36 and UC v15.10.0.20.
              Best regards from an UC/UE/UES for Windows user from Austria

              2
              NewbieNewbie
              2

                Nov 20, 2015#7

                Mofi wrote:I have received the reply from IDM support today, too. Saving a passphrase automatically passed to the server after connecting with the public/private keys is indeed not possible yet in UE v22.20.0.36 and UC v15.10.0.20.
                Did IDM give any estimate of when they are planning to include this?
                Would it maybe help when I (and all that want this functionality) also create a ticket with them so they have a higher request count for this feature?

                I'm dealing with the same situation and need to work in several UEStudio instances simultaneously on a minimum of 4 servers and each time I need to type my password again, however when using Putty, I only need to enter the password when the PC starts (and pageant is started automatically) and as long as I don't log out my PC, the login goes without any password.
                Micha Brans

                6,688587
                Grand MasterGrand Master
                6,688587

                  Nov 20, 2015#8

                  MichaBrans wrote:Did IDM give any estimate of when they are planning to include this?
                  I just asked if saving passphrase is possible at all. I did not request such a feature nor support for pageant as I don't need such an enhancement for my usage of UE and UES.
                  MichaBrans wrote:Would it maybe help when I (and all that want this functionality) also create a ticket with them so they have a higher request count for this feature?
                  That would be definitely good as IDM Computer Solutions, Inc. adds features depending on customer requests. The more users request a feature the higher becomes the priority for implementation. IDM Computer Solutions, Inc. calls this User Driven Development.
                  Best regards from an UC/UE/UES for Windows user from Austria

                  2
                  NewbieNewbie
                  2

                    Nov 23, 2015#9

                    Mofi wrote:
                    MichaBrans wrote:Would it maybe help when I (and all that want this functionality) also create a ticket with them so they have a higher request count for this feature?
                    That would be definitely good as IDM Computer Solutions, Inc. adds features depending on customer requests. The more users request a feature the higher becomes the priority for implementation. IDM Computer Solutions, Inc. calls this User Driven Development.
                    I did just check the ultraedit.com website and could only find a form for technical support. Is that where I can submit this feature request or is there a better form for this?
                    Micha Brans

                    6,688587
                    Grand MasterGrand Master
                    6,688587

                      Nov 23, 2015#10

                      Yes, you can use the form, or you click at top of this page on email us directly which is a mailto link.
                      Best regards from an UC/UE/UES for Windows user from Austria

                      115
                      Power UserPower User
                      115

                        Nov 23, 2015#11

                        While I can understand why many users would like to use this feature, if it does become part of UE our IT department will never allow us to again upgrade UE unless they have the ability to disable it. It is one of the reasons they won't let us use the current version of PuTTY or any other software that tries to avoid their authentication rules.

                        8

                          Apr 05, 2021#12

                          This is a rather old thread and I want to push this feature request once again.

                          I guess the basic idea behind a pageant agent is clear and various tools out there, including Keepass are acting as a ssh key agent for 3rd party software. This means Keepass is safe-keeping the ssh keys and while other software inquires such a key, Keepass is cabpable of handing the appropriate key over. This now even works for the brand new Windows 10 terminal console!

                          So, I wonder if UE will be capable of requesting its keys from an agent anytime soon? Of course I can point any of the UE SSH accounts to my private key stored somewhere in file system, however, this is not as convenient as using such an agent that is already managing my keys for various logins.

                          Would it be best to send the authors of UE such a FC or are there already plans to support SSH key agents or maybe the authors already fed up with request like this 🙄?

                          Michael

                          6,688587
                          Grand MasterGrand Master
                          6,688587

                            Apr 05, 2021#13

                            I have not read anything about support for SSH key managers/agents on any public released information about future enhancements of UltraEdit in year 2021. My advice is requesting such an enhancement with as much details as possible with an email to IDM support. The more users request a feature the higher becomes the priority for implementation of the feature.
                            Best regards from an UC/UE/UES for Windows user from Austria

                            8

                              Apr 06, 2021#14

                              Mofi wrote: ↑
                              Apr 05, 2021
                              My advice is requesting such an enhancement with as much details as possible with an email to IDM support. The more users request a feature the higher becomes the priority for implementation of the feature.
                              Thanks for your reply! I filed a feature request to IDM and Ben already answered.

                              Michael

                              1
                              NewbieNewbie
                              1

                                Jul 12, 2021#15

                                Hi Michael,

                                Late even for the resumption of this old thread, but if you're still around, care to share the gist of the response.

                                I'm after the same kind of solution, but for hardware keys (e.g. Yubikey) rather than Keepass. So gpg-agent standing in for pageant, which works well for WinSCP, Filezilla et al.

                                I looked into this briefly several years ago, though didn't pursue it, and back then IDM were using a 3rd party SSH library that could support pageant protocol but didn't in their implementation, but things have moved on now.

                                Thanks,
                                Phil.

                                EDIT: 2021-07-30 Contacted IDM myself, and it transpires it is being considered, but the SSH library they currently use (as of 2021-07) doesn't support pageant, so implementation is non trivial.