Topic "SSL host certificate fingerprint Does Not Match"

Author Message
nuronce
[View user's profile]

Joined: 2012-10-23
Posts: 3
Location: FL
C#.NET 4.0 WinSCP 5.1

When I use the GUI in the registry it creates:
FSProtocol 5
Ftps 1
PortNumber 990
FtpsCertificates: e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d
And works fine

When I run in code I get:
SSL host certificate fingerprint "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d" does not match pattern /([0-9a-f]{2}Smile{19}[0-9a-f]{2}/
for:
Code:
SessionOptions sessionOptions = new SessionOptions
                {
                    Protocol = WinSCP.Protocol.Ftp,
                    FtpMode = FtpMode.Passive,
                    FtpSecure = FtpSecure.Implicit,
                    PortNumber = 990,
                    UserName = "--------",
                    Password = "--------",
                    HostName = "ftp.----.com",
                    SslHostCertificateFingerprint = "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
                };


I get:
SSH host key fingerprint "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d" does not match pattern /(ssh-rsa |ssh-dss )?\d+ ([0-9a-f]{2}Smile{15}[0-9a-f]{2}/

for:
Code:
SessionOptions sessionOptions = new SessionOptions
                {
                    Protocol = WinSCP.Protocol.Ftp,
                    FtpMode = FtpMode.Passive,
                    FtpSecure = FtpSecure.Implicit,
                    PortNumber = 990,
                    UserName = "--------",
                    Password = "--------",
                    HostName = "ftp.----.com",
                    SshHostKeyFingerprint = "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
                };


What am I doing wrong? I could not find anything in the docs.
Advertisements
nuronce
[View user's profile]

Joined: 2012-10-23
Posts: 3
Location: FL
SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpMode = FtpMode.Passive,
FtpSecure = FtpSecure.Implicit,
PortNumber = 990,
UserName = "----",
Password = "----",
HostName = "ftp.-----.com",
SslHostCertificateFingerprint = "e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
};
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
The code in the second post looks good. What's wrong with that? Or was that a resolution?
nuronce
[View user's profile]

Joined: 2012-10-23
Posts: 3
Location: FL
Was Resolution Mr. Green
Themistocles

Guest


Hey Prikryl,

For me adding the "ssh-rsa 2048" to the beginning of the string I assign to SshHostKeyFingerprint doesn't make the regex exception go away.

I can connect to the host with the UI, and also had some initial success using the scripting engine. I haven't been able to connect after that first time.

Now I am using the .Net library (Version 1.2.8.5316) in a .Net 4 console app. My OS is Win7 Pro.

Here is my SessionOptions:

Code:
SessionOptions sessionOptions = new SessionOptions
{
   Protocol = WinSCP.Protocol.Ftp,
   FtpMode = WinSCP.FtpMode.Passive,
   PortNumber = 21,
   FtpSecure = FtpSecure.Explicit,
   HostName = "162.253.127.64",
   UserName = "--------",
   Password = "--------",
   SshHostKeyFingerprint = "ssh-rsa 2048 e7:d5:b0:a4:6f:24:7f:15:5c:c1:ae:b9:43:c1:86:95:7e:97:35:85"
};


When I run it, I get:
System.ArgumentException was caught
HResult=-2147024809
Message=SSH host key fingerprint "ssh-rsa 2048 e7:d5:b0:a4:6f:24:7f:15:5c:c1:ae:b9:43:c1:86:95:7e:97:35:85" does not match pattern /((ssh-rsa|ssh-dss)( |-))?(\d+ )?([0-9a-f]{2}(Neutral-)){15}[0-9a-f]{2}(;((ssh-rsa|ssh-dss)( |-))?(\d+ )?([0-9a-f]{2}(Neutral-)){15}[0-9a-f]{2})*/
Source=WinSCPnet
StackTrace:
at WinSCP.SessionOptions.SetSshHostKeyFingerprint(String s)
at WinSCP.SessionOptions.set_SshHostKeyFingerprint(String value)
at Program.Main(String[] args) in C:\Users\Me\Documents\Visual Studio 2010\Projects\WinScpTool\Program.cs:line 16


I am confused about the regex above. Both my fingerprint and the original question have 20 pairs of hex numbers, but the regex only matches 15. I am surprised that this is expected to work.

Can you comment on the regex? Am I reading it wrong?

thanks
SD
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
Themistocles wrote:
I am confused about the regex above. Both my fingerprint and the original question have 20 pairs of hex numbers, but the regex only matches 15. I am surprised that this is expected to work.

You are setting SshHostKeyFingerprint, but you are using FTP over TLS, not SSH. You need to set TlsHostCertificateFingerprint.
Guest




How did this work if there is no property for SslHostCertificateFingerprint?

nuronce wrote:
SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpMode = FtpMode.Passive,
FtpSecure = FtpSecure.Implicit,
PortNumber = 990,
UserName = "----",
Password = "----",
HostName = "ftp.-----.com",
SslHostCertificateFingerprint = "e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
};
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
Anonymous wrote:
How did this work if there is no property for SslHostCertificateFingerprint?

The SslHostCertificateFingerprint was renamed to TlsHostCertificateFingerprint.
See http://winscp.net/eng/docs/library_sessionoptions
Code_Mechanic

Guest


That makes sense thanks for the update.

prikryl wrote:
Anonymous wrote:
How did this work if there is no property for SslHostCertificateFingerprint?

The SslHostCertificateFingerprint was renamed to TlsHostCertificateFingerprint.
See http://winscp.net/eng/docs/library_sessionoptions
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License