T
And yes, it is immensely frustrating.
Picture the scene – you’ve been good and decided to use key based SSH for securely transferring files between your servers and local machines. You’ve disabled password access to shore up security even more. You’re used to using passwords – but keyfiles are no biggie.
Until…
“Too many authentication failures”
Panic can certainly start to set in, particularly as Filezilla continues to try and connect when it’s clearly not going to work no matter how many times it tries! You’re asking yourself why oh why it would attempt such a futile task. But really, the only question you want answering is why its not working properly.
And usually, the solution is fairly simple.
Keys saved in Pageant
Pageant, or the PuTTy authentication agent, is a handy key repository used by not only the PuTTy SSH/Bash client but also other third party software – including Filezilla.
You load up your first key, go to Filezilla and all is OK. For Now. Maybe.
But you add a few more keys and bang, the sh*t has hit the fan.
What’s Up?
Or more like, what’s down? And the answer to that question will be access to your server from your IP as you do your best imitation of a brute force attack. Don’t panic though, there’s a fairly reasonable way around it.
Yes Pageant plays nicely with a few keys. But Filezilla will try each one in order and any reasonably configured server will only allow a few attempts before it decides you are trying to brute force your way.
Fortunately, the answer is fairly simple…
Unfortunately, it means not using Pageant for Filezilla.
Filezilla Key Configuration
Although when you used Pageant and only had a couple of keys you didn’t have to do this and life seemed so much easier, for server / website admins with more than a few sites to manage, it’s more heartache than it’s worth.
You’ve probably got a site configured currently that looks a bit like this:
Head over to the Logon Type dropdown and you’ll notice a Keyfile option – give that a press:
Your password input box will disappear to be replaced by a key file input box:
Go ahead, click on ‘Browse…’ and select your key file. Job done.
Next time you try to connect to your server, it’ll only try the appropriate key file preventing any pesky brute force look-a-like ‘attacks’ as you try to login. Enter your key password and boom, you’re in!