Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

InteXX

Very good, thank you.

I keep getting surprised by all that this tool can do.
martin

It's not about MD5. Note that even your GUI dialog shows both MD5 and SHA-1 for the same host key. It's about host key algorithm.

There's no option to configure preferred algorithm in WinSCP GUI.
But you can use Hostkey raw setting:
https://winscp.net/eng/docs/rawsettings

Or you can use PuTTY, which allows setting preferred algorithm and import PuTTY settings to WinSCP.
https://the.earth.li/~sgtatham/putty/latest/htmldoc/Chapter4.html#config-ssh-hostkey
https://winscp.net/eng/docs/ui_import
See also https://stackoverflow.com/q/44786663/850848
InteXX

Is there a way to force the older MD5 in the GUI? I've poked through the Advanced Site Settings dialog, but nothing's jumping right out at me.

I need this because I'm supporting a customer who's still on MD5. The multi-key server at my site is an Ubuntu Server running in my Dev environment, but the customer requirement in Prod ripples down to Dev, both GUI and Automation.
martin

Well, I expected a log file from ScanFingerprint method.

What I can tell you so far, based on these logs, is that the server has multiple host keys.

.NET uses an RSA host key, because you've told it so (SshHostKeyFingerprint = "ssh-rsa ...").

While GUI defaults to an ECDSA/nistp256, because it's a more secure host key than RSA.
InteXX

OK, got it. Here you go.

Thanks for all that you do.
martin

Opening of a session is logged too, naturally.
InteXX

Hm, now you've got me confused.

How can there be session logs if all of this occurs before any session becomes active?
martin

Re: Server Key Mismatch

Please attach session log file both from GUI and .NET assembly.
InteXX

Server Key Mismatch

I have found that the automation module returns a different MD5 key than does the UI, using the Session.ScanFingerprint() method. In this case, the key returned from the SDK is the correct one.

SDK: 78:b7:60:ec:c9:51:7b:a8:a5:55:2e:76:ab:08:c2:89
UI: c4:38:c2:a9:c5:87:16:d7:27:67:1d:85:e8:37:d9:9c

1. I'm using v5.13.3
2. I don't believe this was occurring under v5.11.2 (but I could be mistaken)
3. I'm running my app on Win10; the server is Ubuntu Server running in a VM
4. SFTP
5. Automation/GUI (both)
6. No error message (except in my app, due to a key mismatch)
7. N/A
8. N/A (problem manifests prior to session start)
9. Code:

Dim oSessionOptions As New SessionOptions

   
oSessionOptions.Protocol = Protocol.Sftp,
oSessionOptions.HostName = Utils.Registry.ImportHostName,
oSessionOptions.UserName = Utils.Registry.ImportUsername,
oSessionOptions.Password = ImportPassword.Decrypt(Utils.Entropy)

Using oSession As New Session
  Return oSession.ScanFingerprint(oSessionOptions, "MD5")
End Using

[img][/img]