Unknown fingerprint format display mismatch #15312
-
|
Cyberduck 8.6.0 on macOS 10.12.6 Sierra. After years of no issues connecting, getting an Unknown fingerprint message when attempting to connect via SSH to my web hosting company (Nearly Free Speech.net, abbreviated NFSN hereinafter). NFSN FAQ states: “We publish SSHFP records for our SSH servers that should automate validating the keys, but if you need or want to check them, the current keys are:” then goes on to list the keys for several servers, with Ed25519 (256 bit), ECDSA (256 bit), and RSA (4096 bit), with each of those keys shown as SHA256 and SHA1. Each of these is a continuous string of characters with no colons. Q1) Why is Cyberduck not automatically validating? Q2) Cyberduck’s Unknown fingerprint window displays an ssh-ed25519 fingerprint as a colon-separated hexadecimal number. This number does not match anything NFSN shows. They go on to state: “If your client is giving you key fingerprints in MD5 format, check your settings (e.g., FingerprintHash sha256) or update your ssh client”. If Cyberduck is unable to automatically validate the NFSN fingerprint, how do i get it to display something in one of the formats NFSN lists in their FAQ? I’ve gone through all the preferences and found nothing related to fingerprint formatting. Thanks. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
This has changed in 2015 when OpenSSH switched from MD5 fingerprints to SHA256 fingerprints. @dkocher |
Beta Was this translation helpful? Give feedback.
This has changed in 2015 when OpenSSH switched from MD5 fingerprints to SHA256 fingerprints. @dkocher
https://www.openssh.com/txt/release-6.8
#12944