Description
I am using a Yubikey (Neo) to hold by GPG keys. This works great with QtPass on Windows 10.
However public-key is also the only supported authentication method for my git server. That key is stored on the Yubikey. When I have QtPass perform a pull, it apparently only tries keyboard-interactive. This prevents me from easily syncing my password stores and I must do it manually with WinSCP instead.
PuTTy successfully authenticates via my Yubikey; QtPass successfully decrypts via my Yubikey.
That seems to indicate all necessary "infrastructure" exists, so I'm hoping that means this isn't a big ask.
This may need redirected to Git for Windows. Their Git GUI also fails to try anything other than keyboard-interactive for a password...
Platform Information
QtPass: 1.1.5
Git4Win: Installer: Git-2.10.1-64-bit.exe
GPG4Win: Installer: gpg4win-2.3.3.exe
OS: Windows 10 Home, version 1604 (OS Build 14393.447)
From Git Bash:
REDACTED@REDACTED MINGW64 ~
$ bash --version
GNU bash, version 4.3.46(2)-release (x86_64-pc-msys)
...
REDACTED@REDACTED MINGW64 ~
$ mintty.exe --version
mintty 2.5.0 (x86_64-pc-msys)
...
REDACTED@REDACTED MINGW64 ~
$ gpg --version
gpg (GnuPG) 1.4.20
...
$ gpg-connect-agent.exe --version
gpg-connect-agent (GnuPG) 2.0.30 (Gpg4win 2.3.3)
...
Server's auth.log of failed auth after clicking "Pull":
Nov 20 11:15:08 REDACTED sshd[8172]: SSH: Server;Ltype: Version;Remote: 192.168.1.151-56973;Protocol: 2.0;Client: OpenSSH_7.3
Nov 20 11:15:08 REDACTED sshd[8172]: SSH: Server;Ltype: Kex;Remote: 192.168.1.151-56973;Enc: chacha20-poly1305@openssh.com;MAC: <implicit>;Comp: none [preauth]
Nov 20 11:15:08 REDACTED sshd[8176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.151 user=REDACTED
Nov 20 11:15:09 REDACTED sshd[8172]: error: PAM: Authentication failure for REDACTED from 192.168.1.151
Nov 20 11:15:09 REDACTED sshd[8172]: Postponed keyboard-interactive for REDACTED from 192.168.1.151 port 56973 ssh2 [preauth]
Nov 20 11:15:09 REDACTED sshd[8177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.151 user=REDACTED
Nov 20 11:15:11 REDACTED sshd[8172]: error: PAM: Authentication failure for REDACTED from 192.168.1.151
Nov 20 11:15:11 REDACTED sshd[8172]: Failed keyboard-interactive/pam for REDACTED from 192.168.1.151 port 56973 ssh2
Nov 20 11:15:12 REDACTED sshd[8172]: Postponed keyboard-interactive for REDACTED from 192.168.1.151 port 56973 ssh2 [preauth]
Nov 20 11:15:12 REDACTED sshd[8179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.151 user=REDACTED
Nov 20 11:15:13 REDACTED sshd[8172]: error: PAM: Authentication failure for REDACTED from 192.168.1.151
Nov 20 11:15:13 REDACTED sshd[8172]: Failed keyboard-interactive/pam for REDACTED from 192.168.1.151 port 56973 ssh2
Nov 20 11:15:13 REDACTED sshd[8172]: error: maximum authentication attempts exceeded for REDACTED from 192.168.1.151 port 56973 ssh2 [preauth]
Nov 20 11:15:13 REDACTED sshd[8172]: Disconnecting: Too many authentication failures [preauth]
Server's SSHD Config:
PermitRootLogin no
MaxAuthTries 3
MaxSessions 3
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
UsePAM yes
X11Forwarding yes
PrintMotd no
PrintLastLog no
UsePrivilegeSeparation sandbox # Default for new installations.
UseDNS no
Subsystem sftp /usr/lib64/misc/sftp-server
AcceptEnv LANG LC_*
Activity