Topic "SSH Host Key fingerprint does not patch pattern - c#"

Author Message
tsnik
[View user's profile]

Joined: 2014-05-08
Posts: 2
Location: UK
Hi,

I am trying to connect to an FTP site running explicit FTP over TLS, but the script trips over the Host Key fingerprint:

SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpSecure = FtpSecure.ExplicitTls,
HostName = "xxxxxxxxxxxxxxxxx",
UserName = "xxxxxxxx",
Password = "xxxxxxxx",
SshHostKeyFingerprint = "ssh-rsa 2048 bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18"
};

This is the information from the FTP site:

Remote system = UNIX Type: L8
File transfer protocol = FTP
Cryptographic protocol = TLS Explicit encryption, TLSv1
Encryption algorithm = TLSv1/SSLv3: IDEA-CBC-SHA, 2048 bit RSA
Compression = No
------------------------------------------------------------
Certificate fingerprint
bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18
------------------------------------------------------------
Can change permissions = Yes
Can change owner/group = No
Can execute arbitrary command = Protocol commands only
Can create symlink/hardlink = No/No
Can lookup user groups = No
Can duplicate remote files = No
Can check available space = No
Can calculate file checksum = No
Native text (ASCII) mode transfers = No
------------------------------------------------------------

The additional information shows Fingerprint (SHA1): bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18

On attempting to connect I get the following error:
"SSH host key fingerprint \"ssh-rsa 2048 bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18\" does not match pattern /(ssh-rsa |ssh-dss )?\\d+ ([0-9a-f]{2}Smile{15}[0-9a-f]{2}(;(ssh-rsa |ssh-dss )?\\d+ ([0-9a-f]{2}Smile{15}[0-9a-f]{2})*/"

Can anyone point me in the right direction?
tsnik
[View user's profile]

Joined: 2014-05-08
Posts: 2
Location: UK
I have located the problem. It was to do with the length of the Host Key, which I compared with another site that is working. I shortened the key and after a few more tests (I had a Peer certificate rejected), I got it to work.

Here is the amended section:

SessionOptions sessionOptions = new SessionOptions
{
Protocol = Protocol.Ftp,
FtpSecure = FtpSecure.ExplicitSsl,
HostName = "xxxxxxxxxxxxxxxxxxx",
UserName = "xxxxxxxx",
Password = "xxxxxxxx",
GiveUpSecurityAndAcceptAnyTlsHostCertificate = true
};
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
The SessionOptions.SshHostKeyFingerprint is for SSH sessions, not for FTP over TLS/SSL. That also explains why the fingerprint have a different length.
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License