5

The remote server requires a private key and passphrase for authentication. I'm trying to connect to the server as root (on that server) from Nautilus running on behalf of my non-root account on my local Ubuntu desktop. The private key that is needed for authentication is not located in ~/.ssh (I've already got other keys there) but I have it in another directory.

In addition to the obvious approach, I tried putting root@server in the "Server" field and leaving "User name" and "Password" fields blank, putting the passphrase in the "Password" field, but it still says "Permission denied" and it doesn't ask for the private key at any point.

I also tried ssh-add path/to/privatekey, but it says "Could not open a connection to your authentication agent.", however I'm not sure if ssh-add is even relevant here.

I can ssh into the server from the terminal just fine with

ssh -i <...>/id_rsa root@server

and answering the passphrase question that follows.

Desmond Hume
  • 666

4 Answers4

9

The short version (skip the script) of Marcin Kaminski's solution is

ssh-agent
ssh-add /path/to/your/private_key
nautilus sftp://user@server

. I think it's easier to start with, to test if the solution works. I had the same problem after setting PasswordAuthentication no in /etc/ssh/sshd_config and these three commands solved my problem.

Adriaan
  • 680
6

I don't see why key selection dialogue should appear at all. It's up to the server to offer authentication methods it's willing to accept and up to the client to provide the credentials.

One of the most common methods for providing those details is using the ssh-agent which you don't appear to be running. This is a little snippet I've put in my ~/.profile to make sure my ssh-agent is always running:

run_ssh_agent() {
  ssh-agent | grep -vi 'agent pid' > ~/.ssh-agent
  . ~/.ssh-agent
}

if [[ -f ~/.ssh-agent ]]; then
  . ~/.ssh-agent
  if [[ -n ${SSH_AGENT_PID} ]]; then
    if ! ps -p ${SSH_AGENT_PID} | grep 'ssh-agent' &>/dev/null; then
      run_ssh_agent
    fi
  fi
else
  run_ssh_agent
fi

Put the code there, log out of your X session, log back in, open a terminal and add your key to your agent:

ssh-add /path/to/your/private_key

Verify that it's added by running ssh-add -l and connect to the server using Nautilus without providing the password.

Marcin Kaminski
  • 4,941
1

I could connect to my server in Nautilus (Ubuntu 12.04) using a private key by doing the following:

  • In Nautilus, select menu: "File" -> "Connect to Server..."
  • Change "Type:" to "SSH"
  • Enter the address of the server in the "Server:" field (omitting username@)
  • Enter your user name after "User name:" but leave the password field empty.

When you hit "Connect" a dialog should appear telling you a password is needed to unlock the key. In my case the key was not the default "~/.ssh/id_rsa", so communication between the SSH client and server must have revealed to Nautilus what key should be used.

After entering the password, a new Nautilus window opened where I chould browse the files on my server. In the left pane I now have a shortcut "SFTP for user on server" which I can also use to u(n)mount the server file system.

jmidgren
  • 151
0

If I understand correctly, you are using public-key authentication but your private key requires a password to unlock, and the connection attempt is failing since you are apparently not prompted for the password protecting the key.

This question is slightly different, but the first answer seems to describe the same situation. However, it implies that the password dialog should just work. Perhaps it will provide a starting point though?

Since you say it works if you use ssh in a terminal, presumably it is not something like the remote host identity changing, which I think can cause silent failures in nautilus.

Community
  • 1
chronitis
  • 12,647