Cyberduck Mountain Duck CLI

#8175 closed defect (fixed)

Fingerprint on SFTP differs from SSH

Reported by: matthijs zwinderman Owned by: dkocher
Priority: normal Milestone: 4.5.2
Component: sftp Version: 4.5.1
Severity: normal Keywords: ssh fingerprint
Cc: Architecture: Intel
Platform: Mac OS X 10.9

Description

When connecting to my server over a local connection I get a different fingerprint using Cyberduck than from the regular "SSH" or "SFTP" or "SCP" command in Terminal.

The fingerprint I get from Cyberduck ends in :63, while the fingerprint from SSH ends in :66 These two should not differ.

Things I've tried:

  • I listed the fingerprints of all the keys on my server (with "ssh-keygen -lf"), even the ones that are not in use (DSA). None match Cyberduck's fingerprint.
  • I've used Wireshark to check that Cyberduck connects directly with the right server (both SSH and Cyberduck follow the same path)
  • Ive tried connecting through a router, still get the wrong fingerprint

The only thing I can imagine is Cyberduck calculating the fingerprint in a different way than SSH.

Change History (5)

comment:1 Changed on Aug 14, 2014 at 12:22:45 PM by dkocher

  • Milestone set to 4.5.2
  • Resolution set to fixed
  • Status changed from new to closed

Duplicate for #8173. Fix in r14986.

comment:2 Changed on Aug 14, 2014 at 12:22:55 PM by dkocher

Please update to the latest snapshot build available.

comment:3 follow-up: Changed on Aug 14, 2014 at 12:41:36 PM by matthijs zwinderman

Thanks dkocher for your fast reply. The new snapshot indeed gives me the correct fingerprint.

Also, apologies for the duplicate, there was some time between searching the tickets and filing one myself...

Also, can Cyberduck automatically use the key in .ssh for logging in with a key? (Transmit does this, it's quite nice)

comment:4 in reply to: ↑ 3 ; follow-up: Changed on Aug 14, 2014 at 12:46:26 PM by dkocher

Replying to matthijs zwinderman:

Also, can Cyberduck automatically use the key in .ssh for logging in with a key? (Transmit does this, it's quite nice)

You can set the hidden setting ssh.authentication.publickey.default.enable to true to enable the use of ~/.ssh/id_rsa or ~/.ssh/id_dsa (in that order) if the keys exist.

comment:5 in reply to: ↑ 4 Changed on Aug 14, 2014 at 12:51:56 PM by dkocher

Replying to dkocher:

Replying to matthijs zwinderman:

Also, can Cyberduck automatically use the key in .ssh for logging in with a key? (Transmit does this, it's quite nice)

You can set the hidden setting ssh.authentication.publickey.default.enable to true to enable the use of ~/.ssh/id_rsa or ~/.ssh/id_dsa (in that order) if the keys exist.

Documentation updated in Default Public Key Authentication Keys.

Note: See TracTickets for help on using tickets.
swiss made software