SSL host certificate fingerprint Does Not Match

Advertisement

nuronce
Joined:
Posts:
3
Location:
FL

SSL host certificate fingerprint Does Not Match

C#.NET 4.0 WinSCP 5.1

When I use the GUI in the registry it creates:
FSProtocol 5
Ftps 1
PortNumber 990
FtpsCertificates: e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d
And works fine

When I run in code I get:
SSL host certificate fingerprint "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d" does not match pattern /([0-9a-f]{2}:){19}[0-9a-f]{2}/
for:
SessionOptions sessionOptions = new SessionOptions
                {
                    Protocol = WinSCP.Protocol.Ftp,
                    FtpMode = FtpMode.Passive,
                    FtpSecure = FtpSecure.Implicit,
                    PortNumber = 990,
                    UserName = "--------",
                    Password = "--------",
                    HostName = "ftp.----.com",
                    SslHostCertificateFingerprint = "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
                };

I get:
SSH host key fingerprint "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d" does not match pattern /(ssh-rsa |ssh-dss )?\d+ ([0-9a-f]{2}:){15}[0-9a-f]{2}/

for:
SessionOptions sessionOptions = new SessionOptions
                {
                    Protocol = WinSCP.Protocol.Ftp,
                    FtpMode = FtpMode.Passive,
                    FtpSecure = FtpSecure.Implicit,
                    PortNumber = 990,
                    UserName = "--------",
                    Password = "--------",
                    HostName = "ftp.----.com",
                    SshHostKeyFingerprint = "ssh-rsa 1024 e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
                };

What am I doing wrong? I could not find anything in the docs.

Reply with quote

Advertisement

nuronce
Joined:
Posts:
3
Location:
FL

How to connect FTP Passive Implicit with Certificate

SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpMode = FtpMode.Passive,
FtpSecure = FtpSecure.Implicit,
PortNumber = 990,
UserName = "----",
Password = "----",
HostName = "ftp.-----.com",
SslHostCertificateFingerprint = "e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
};

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,542
Location:
Prague, Czechia

Re: SSL host certificate fingerprint Does Not Match

The code in the second post looks good. What's wrong with that? Or was that a resolution?

Reply with quote

Themistocles
Guest

Also getting regex exception

Hey Prikryl,

For me adding the "ssh-rsa 2048" to the beginning of the string I assign to SshHostKeyFingerprint doesn't make the regex exception go away.

I can connect to the host with the UI, and also had some initial success using the scripting engine. I haven't been able to connect after that first time.

Now I am using the .Net library (Version 1.2.8.5316) in a .Net 4 console app. My OS is Win7 Pro.

Here is my SessionOptions:

SessionOptions sessionOptions = new SessionOptions
{
   Protocol = WinSCP.Protocol.Ftp,
   FtpMode = WinSCP.FtpMode.Passive,
   PortNumber = 21,
   FtpSecure = FtpSecure.Explicit,
   HostName = "162.253.127.64",
   UserName = "--------",
   Password = "--------",
   SshHostKeyFingerprint = "ssh-rsa 2048 e7:d5:b0:a4:6f:24:7f:15:5c:c1:ae:b9:43:c1:86:95:7e:97:35:85"
};

When I run it, I get:
System.ArgumentException was caught
HResult=-2147024809
Message=SSH host key fingerprint "ssh-rsa 2048 e7:d5:b0:a4:6f:24:7f:15:5c:c1:ae:b9:43:c1:86:95:7e:97:35:85" does not match pattern /((ssh-rsa|ssh-dss)( |-))?(\d+ )?([0-9a-f]{2}(:|-)){15}[0-9a-f]{2}(;((ssh-rsa|ssh-dss)( |-))?(\d+ )?([0-9a-f]{2}(:|-)){15}[0-9a-f]{2})*/
Source=WinSCPnet
StackTrace:
at WinSCP.SessionOptions.SetSshHostKeyFingerprint(String s)
at WinSCP.SessionOptions.set_SshHostKeyFingerprint(String value)
at Program.Main(String[] args) in C:\Users\Me\Documents\Visual Studio 2010\Projects\WinScpTool\Program.cs:line 16


I am confused about the regex above. Both my fingerprint and the original question have 20 pairs of hex numbers, but the regex only matches 15. I am surprised that this is expected to work.

Can you comment on the regex? Am I reading it wrong?

thanks
SD

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
28,542
Location:
Prague, Czechia

Re: Also getting regex exception

Themistocles wrote:

I am confused about the regex above. Both my fingerprint and the original question have 20 pairs of hex numbers, but the regex only matches 15. I am surprised that this is expected to work.
You are setting SshHostKeyFingerprint, but you are using FTP over TLS, not SSH. You need to set TlsHostCertificateFingerprint.

Reply with quote

Guest

Re: How to connect FTP Passive Implicit with Certificate

How did this work if there is no property for SslHostCertificateFingerprint?

nuronce wrote:

SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpMode = FtpMode.Passive,
FtpSecure = FtpSecure.Implicit,
PortNumber = 990,
UserName = "----",
Password = "----",
HostName = "ftp.-----.com",
SslHostCertificateFingerprint = "e6:a3:7a:56:5b:e3:bb:0d:1c:34:58:bd:47:94:79:75:32:2b:70:4d"
};

Reply with quote

Advertisement

You can post new topics in this forum