NppFTP password + Multi factor - only good for 1 connect.

[ChuckOCo]

Description of the Issue

Use a single persistent SFTP connection so Two Factor Authentication won't fail.

I have to enter a password+two factor code every time a connection is made using NppFTP. I sign on, it asks for password, I enter both password and TFA code. But when I download a file, authentication fails - NppFTP is creating a new connection, which fails because it doesn't have a password+ NEW tfa.
The tfa part has expired.

The password+tfa code is good for one connection. The tfa part cannot be reused.

Is there a way to tell NppFTP to keep and reuse a single connection? I'm one of only 3 people who access this computer for SFTP and I don't care if that connection remains in use all day.

I used NppFTP for a long time, then TFA came along and forced me to use FileZilla. FileZilla has a setting that tells it to keep and reuse a single connection.

Is there a way to do this with NppFTP? Can it be added, please? NppFTP is wonderful and I would love to resume using it!

Thanks!

Steps to Reproduce the Issue

1. Sign in to a device that requires a TFA password using NppFTP with a one-time-use TFA code.
2. Try to transfer a file using SFTP. Authentication fails.

Expected Behavior

I expected the file to transfer into the editor.

Actual Behavior

NppFTP tries to reuse the password+TFA code and it fails because the TFA code has expired. No transfer happens.

Debug Information

Notepad++ v7.5.3 (32-bit) Build time : Dec 5 2017 - 10:45:46 Path : C:\Program_Files (x86)\Notepad++\notepad++.exe Admin mode : OFF Local Conf mode : OFF OS : Windows 10 (64-bit) Plugins : ComparePlugin.dll DSpellCheck.dll LightExplorer.dll mimeTools.dll NppConverter.dll NppExec.dll NppExport.dll NppFTP.dll NppJavaScript.dll NppNetNote.dll NppScripting.dll NppTextFX.dll PluginManager.dll PythonScript.dll SpellChecker.dll

Notepad++ v7.5.3

SFTP

password+ 6 digit two factor code.

[chcg]

For sftp connections https://www.libssh.org/ subsystem https://api.libssh.org/stable/libssh_tutor_sftp.html#sftp_subsystem is used. So if that one is supporting it then also NppFTP probably could do. First search doesn't reveil such an option. Not sure if automatically multiple connections are created internally by libssh. At least NppFTP is just creating on session, relevant code is at https://github.com/ashkulz/NppFTP/blob/master/src/FTPClientWrapperSSH.cpp .

From Filezilla: https://forum.filezilla-project.org/viewtopic.php?f=1&t=51399&p=170918&hilit=two+factor+sftp#p170918 and https://forum.filezilla-project.org/viewtopic.php?f=2&t=37078&p=161159&hilit=two+factor+sftp#p161159

@ChuckOCo Have you tried to use the active connection mode and restrict the ports which could be used? See

[chcg]

@ChuckOCo Which version of NppFtp do you use?

[ChuckOCo]

@chcg - I'm using NppFTP 0.27.2 Unicode, zlib 1.2.11, libssh 0.7.5, and OpenSSL 1.0.2m 2 Nov 2017.

I have not yet tried the active connection mode. Would the port to specify for sftp be 22 in min and max?

Thanks!

[ChuckOCo]

I just tried using 'active connection mode'.
No luck, it comes back: '[SFTP] Password authentication denied.', '[SFTP] Unable to authenticate'.

[ChuckOCo]

I set min and max as you showed - 11111 and 11111