SSH Host Key fingerprint does not patch pattern - c#

Advertisement

tsnik
Joined:
Posts:
2
Location:
UK

SSH Host Key fingerprint does not patch pattern - c#

Hi,

I am trying to connect to an FTP site running explicit FTP over TLS, but the script trips over the Host Key fingerprint:

SessionOptions sessionOptions = new SessionOptions
{
Protocol = WinSCP.Protocol.Ftp,
FtpSecure = FtpSecure.ExplicitTls,
HostName = "xxxxxxxxxxxxxxxxx",
UserName = "xxxxxxxx",
Password = "xxxxxxxx",
SshHostKeyFingerprint = "ssh-rsa 2048 bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18"
};

This is the information from the FTP site:

Remote system = UNIX Type: L8
File transfer protocol = FTP
Cryptographic protocol = TLS Explicit encryption, TLSv1
Encryption algorithm = TLSv1/SSLv3: IDEA-CBC-SHA, 2048 bit RSA
Compression = No
------------------------------------------------------------
Certificate fingerprint
bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18
------------------------------------------------------------
Can change permissions = Yes
Can change owner/group = No
Can execute arbitrary command = Protocol commands only
Can create symlink/hardlink = No/No
Can lookup user groups = No
Can duplicate remote files = No
Can check available space = No
Can calculate file checksum = No
Native text (ASCII) mode transfers = No
------------------------------------------------------------

The additional information shows Fingerprint (SHA1): bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18

On attempting to connect I get the following error:
"SSH host key fingerprint \"ssh-rsa 2048 bb:9c:4c:05:f8:25:2b:8f:80:a3:75:b7:94:5c:ea:9f:fc:b2:12:18\" does not match pattern /(ssh-rsa |ssh-dss )?\\d+ ([0-9a-f]{2}:){15}[0-9a-f]{2}(;(ssh-rsa |ssh-dss )?\\d+ ([0-9a-f]{2}:){15}[0-9a-f]{2})*/"

Can anyone point me in the right direction?

Reply with quote

Advertisement

tsnik
Joined:
Posts:
2
Location:
UK

SSH Host Key fingerprint does not patch pattern - c#

I have located the problem. It was to do with the length of the Host Key, which I compared with another site that is working. I shortened the key and after a few more tests (I had a Peer certificate rejected), I got it to work.

Here is the amended section:

SessionOptions sessionOptions = new SessionOptions
{
Protocol = Protocol.Ftp,
FtpSecure = FtpSecure.ExplicitSsl,
HostName = "xxxxxxxxxxxxxxxxxxx",
UserName = "xxxxxxxx",
Password = "xxxxxxxx",
GiveUpSecurityAndAcceptAnyTlsHostCertificate = true
};

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
29,070
Location:
Prague, Czechia

Re: SSH Host Key fingerprint does not patch pattern - c#

The SessionOptions.SshHostKeyFingerprint is for SSH sessions, not for FTP over TLS/SSL. That also explains why the fingerprint have a different length.
_________________
Martin Prikryl

Reply with quote

Advertisement

You can post new topics in this forum