Thanks for looking. I excerpted the log a little in my original post, will attach the complete one this time.
I did subsequently find the Session.AddRawConfiguration method, and tried several variations like this (tried with $true, $false, 0, 1, "0", "1" as parameters):
#$session.AddRawConfiguration("AuthKIPassword", $true)
#$session.AddRawConfiguration("[Sessions\blahblah\AuthKIPassword]", $true)
But no luck getting the login to work. Using WinSCP from Powershell a script.
Here's a complete sanitized log of a failed session:
. 2025-04-01 14:01:47.217 --------------------------------------------------------------------------
. 2025-04-01 14:01:47.217 WinSCP Version 6.3.3 (Build 14916 2024-04-16) (OS 6.3.9600 – Windows Server 2012 R2 Standard)
. 2025-04-01 14:01:47.217 Configuration: nul
. 2025-04-01 14:01:47.217 Log level: Normal
. 2025-04-01 14:01:47.217 Local account: blah/lakkal
. 2025-04-01 14:01:47.217 Working directory: C:\blah\Scripts
. 2025-04-01 14:01:47.217 Process ID: 8652
. 2025-04-01 14:01:47.217 Ancestor processes: ...
. 2025-04-01 14:01:47.217 Command-line: "C:\blah\Scripts\winscp.exe" /xmllog="C:\Users\lakkal\AppData\Local\Temp\3\wscp225C.01BDACE5.tmp" /xmlgroups /xmllogrequired /nointeractiveinput /stdout /stdin /dotnet=6.3.3 /ini=nul /log=".\MapSFTP.log" /console /consoleinstance=_8796_56668334_549
. 2025-04-01 14:01:47.217 Time zone: Current: GMT-4, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/9/2025, DST End: 11/2/2025
. 2025-04-01 14:01:47.217 Login time: Tuesday, April 1, 2025 2:01:47 PM
. 2025-04-01 14:01:47.217 --------------------------------------------------------------------------
. 2025-04-01 14:01:47.217 Script: Retrospectively logging previous script records:
> 2025-04-01 14:01:47.217 Script: option batch on
< 2025-04-01 14:01:47.217 Script: batch on
< 2025-04-01 14:01:47.217 Script: reconnecttime 120
> 2025-04-01 14:01:47.217 Script: option confirm off
< 2025-04-01 14:01:47.217 Script: confirm off
> 2025-04-01 14:01:47.217 Script: option reconnecttime 120
< 2025-04-01 14:01:47.217 Script: reconnecttime 120
> 2025-04-01 14:01:47.217 Script: open sftp://username@sftp.something.com:22 -hostkey="ecdsa-sha2-nistp256 256 blahblah" -privatekey="C:\SFTPKey\prod.ppk" -timeout=300 -passphrase=***
. 2025-04-01 14:01:47.217 --------------------------------------------------------------------------
. 2025-04-01 14:01:47.217 Session name: username@sftp.something.com (Ad-Hoc site)
. 2025-04-01 14:01:47.217 Host name: sftp.something.com (Port: 22)
. 2025-04-01 14:01:47.217 User name: username (Password: No, Key file: Yes, Passphrase: Yes)
. 2025-04-01 14:01:47.217 Tunnel: No
. 2025-04-01 14:01:47.217 Transfer Protocol: SFTP
. 2025-04-01 14:01:47.217 Ping type: Off, Ping interval: 30 sec; Timeout: 300 sec
. 2025-04-01 14:01:47.217 Disable Nagle: No
. 2025-04-01 14:01:47.217 Proxy: None
. 2025-04-01 14:01:47.217 Send buffer: 262144
. 2025-04-01 14:01:47.217 Compression: No
. 2025-04-01 14:01:47.217 Bypass authentication: No
. 2025-04-01 14:01:47.217 Try agent: Yes; Agent forwarding: No; KI: Yes; GSSAPI: Yes
. 2025-04-01 14:01:47.217 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom:
. 2025-04-01 14:01:47.217 Ciphers: aes,chacha20,aesgcm,3des,WARN,des,blowfish,arcfour; Ssh2DES: No
. 2025-04-01 14:01:47.217 KEX: ntru-curve25519,ecdh,dh-gex-sha1,dh-group18-sha512,dh-group17-sha512,dh-group16-sha512,dh-group15-sha512,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2025-04-01 14:01:47.217 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2025-04-01 14:01:47.217 Simple channel: Yes
. 2025-04-01 14:01:47.217 Return code variable: Autodetect; Lookup user groups: Auto
. 2025-04-01 14:01:47.217 Shell: default
. 2025-04-01 14:01:47.217 EOL: LF, UTF: Auto
. 2025-04-01 14:01:47.217 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2025-04-01 14:01:47.217 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2025-04-01 14:01:47.217 SFTP Bugs: Auto,Auto
. 2025-04-01 14:01:47.217 SFTP Server: default
. 2025-04-01 14:01:47.217 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2025-04-01 14:01:47.217 Cache directory changes: Yes, Permanent: Yes
. 2025-04-01 14:01:47.217 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2025-04-01 14:01:47.217 DST mode: Unix
. 2025-04-01 14:01:47.217 --------------------------------------------------------------------------
< 2025-04-01 14:01:47.217 Script: Searching for host...
. 2025-04-01 14:01:47.232 Looking up host "sftp.something.com" for SSH connection
. 2025-04-01 14:01:47.232 Connecting to 0.0.0.0 port 22
. 2025-04-01 14:01:47.264 Connected to 0.0.0.0
< 2025-04-01 14:01:47.264 Script: Connecting to host...
. 2025-04-01 14:01:47.264 We claim version: SSH-2.0-WinSCP_release_6.3.3
. 2025-04-01 14:01:47.264 Connected to 0.0.0.0
. 2025-04-01 14:01:47.311 Remote version: SSH-2.0-MOVEit Transfer SFTP
. 2025-04-01 14:01:47.311 Using SSH protocol version 2
. 2025-04-01 14:01:47.311 Have a known host key of type ecdsa-sha2-nistp256
. 2025-04-01 14:01:47.342 Enabling strict key exchange semantics
. 2025-04-01 14:01:47.342 Doing ECDH key exchange with curve Curve25519, using hash SHA-256
. 2025-04-01 14:01:47.420 Host key fingerprint is:
. 2025-04-01 14:01:47.420 ecdsa-sha2-nistp256 256 blahblah
< 2025-04-01 14:01:47.420 Script: Authenticating...
. 2025-04-01 14:01:47.420 Host key matches configured key fingerprint
. 2025-04-01 14:01:47.420 Initialised AES-256 SDCTR (unaccelerated) [aes256-ctr] outbound encryption
. 2025-04-01 14:01:47.420 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2025-04-01 14:01:47.467 Initialised AES-256 SDCTR (unaccelerated) [aes256-ctr] inbound encryption
. 2025-04-01 14:01:47.467 Initialised HMAC-SHA-256 inbound MAC algorithm
. 2025-04-01 14:01:47.498 Reading key file "C:\SFTPKey\prod.ppk"
! 2025-04-01 14:01:47.498 Using username "username".
< 2025-04-01 14:01:47.498 Script: Using username "username".
. 2025-04-01 14:01:47.545 Server offered these authentication methods: publickey,password
. 2025-04-01 14:01:47.545 Offered public key
. 2025-04-01 14:01:47.607 Offer of public key accepted
! 2025-04-01 14:01:47.607 Authenticating with public key "rsa-key-20250124"
< 2025-04-01 14:01:47.607 Script: Authenticating with public key "rsa-key-20250124".
. 2025-04-01 14:01:47.654 Sent public key signature
! 2025-04-01 14:01:47.701 Further authentication required
< 2025-04-01 14:01:47.701 Script: Further authentication required
. 2025-04-01 14:01:47.701 Further authentication required
. 2025-04-01 14:01:47.701 Server offered these authentication methods: password
. 2025-04-01 14:01:47.701 Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2025-04-01 14:01:47.701 Prompting user for the credentials.
. 2025-04-01 14:01:47.701 Prompt cancelled.
. 2025-04-01 14:01:47.701 User aborted at password prompt
. 2025-04-01 14:01:47.701 Attempt to close connection due to fatal exception:
* 2025-04-01 14:01:47.701 **Credentials were not specified.**
. 2025-04-01 14:01:47.701 Closing connection.
< 2025-04-01 14:01:47.701 Script: Credentials were not specified.
< 2025-04-01 14:01:47.701 Authentication log (see session log for details):
< 2025-04-01 14:01:47.701 Using username "username".
< 2025-04-01 14:01:47.701 Authenticating with public key "rsa-key-20250124".
< 2025-04-01 14:01:47.701 Further authentication required
< 2025-04-01 14:01:47.701

< 2025-04-01 14:01:47.701 Authentication failed.

It looks like the script does not even include the credentials. Please double check. Otherwise, please post complete log.

I have a script that connects to an SFTP server. It works well with most servers, but with one server I get the following. My thought is that I need to do the equivalent to the 'Respond with password to the first prompt' that's available from the Site Manager setup windows. The other server offer 'publickey, password, keyboard-interactive' as authentication methods, but this one only offers 'publickey, password'. Is there something else we need to be doing here?