This is our old Q&A Site. Please post any new questions and answers at

Is there a way to determine a bad public key presented to an SFTP server configured for public key authentication? I am comparing two pcap files next to each other one is a success and the other I know is failure with client presenting wrong key for public key authentication attempt. They look very similar except the successfull connection obviously has more encrypted packets back/forth. Is there any tell tail sign of a wrong client certificate presented like an ssl session? In the SSL session we can see an unecnrypted "Bad Cert" message. I can't find a similar one in an SSH/SFTP session captured.

asked 31 Dec '13, 13:24

bonds3212000's gravatar image

accept rate: 0%

are you using 'plain' public key authentication (AuthorizedKeysFile) or certificate authentication (AuthorizedPrincipalsFile)?

BTW: What is your SSH software? OpenSSH or a commercial product?

(12 Jan '14, 15:13) Kurt Knochner ♦
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 31 Dec '13, 13:24

question was seen: 1,912 times

last updated: 12 Jan '14, 15:13

p​o​w​e​r​e​d by O​S​Q​A