WinSCP连接到CoreFTP -服务器的主机密钥无效
WinSCP连接到CoreFTP -服务器的主机密钥无效
提问于 2019-05-21 15:07:03
我使用PuttyGen创建了一个密钥,如下所示(并保存了私钥和公钥文件):
然后,我在CoreFTP设置中使用了该键:
我停止/重新启动了CoreFTP。
我可以从客户端机器将Telnet转到端口22。
我在WinSCP中的Advanced: SSH/Authentication“私钥文件”上使用了私钥。
当我尝试连接时,WinSCP说“服务器的主机密钥无效”。CoreFTP只显示两行:
connected
disconnected() 而且,我无法从CoreFTP中创建任何日志文件,即使我打开了所有的日志并给它取了一个文件名。
在WinSCP中,我还做了一个工具/清理,并检查了"Cahed主机键“和”临时文件夹“。我做了一个新的安装FileZilla客户端,并给出了同样的erorr“服务器的主机密钥无效”。因此,这表明问题在服务器上,而不是客户机上。
正在读取此帖子,但我在CoreFTP中找不到指定主机私钥/公钥对的位置。不过,它确实有一个存放证书的地方。
我发现这可能是问题的根源,但不确定如何纠正:
它是用SHA和2048位自产生的.
客户日志:
WinSCP
. 2019-05-22 09:34:56.009 Looking up host "x.x.x.x" for SSH connection
. 2019-05-22 09:34:56.009 Connecting to x.x.x.x port 22
. 2019-05-22 09:34:56.013 We claim version: SSH-2.0-WinSCP_release_5.15.1
. 2019-05-22 09:34:56.026 Server version: SSH-2.0-CoreFTP-0.3.3
. 2019-05-22 09:34:56.026 Using SSH protocol version 2
. 2019-05-22 09:34:56.030 Doing Diffie-Hellman group exchange
. 2019-05-22 09:34:56.033 Doing Diffie-Hellman key exchange with hash SHA-256
. 2019-05-22 09:34:56.724 Server's host key is invalid
* 2019-05-22 09:34:56.770 (EFatal) Server's host key is invalid
SmartFTP
2019-05-22T14:28:47Z Resolving host name "x.x.x.x"
2019-05-22T14:28:47Z Connecting to x.x.x.x Port: 22
2019-05-22T14:28:47Z Connected to x.x.x.x.
2019-05-22T14:28:47Z SSH protocol version reply. Client Id: SSH-2.0-SmartFTP
2019-05-22T14:28:47Z SSH-2.0-CoreFTP-0.3.3
2019-05-22T14:28:47Z Starting SSH session. Remote Id: "SSH-2.0-CoreFTP-0.3.3"
2019-05-22T14:28:47Z Server Algorithm Suite
Key Exchange: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
Server Host Key: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp521
Client to Server Encryption: aes128-ctr,aes192-ctr,aes256-ctr
Server to Client Encryption: aes128-ctr,aes192-ctr,aes256-ctr
Client to Server HMAC: hmac-sha2-256,hmac-sha2-512,hmac-sha2-384,hmac-sha1
Server to Client HMAC: hmac-sha2-256,hmac-sha2-512,hmac-sha2-384,hmac-sha1
Client to Server Compression: none,none
Server to Client Compression: none,none
2019-05-22T14:28:47Z Selected Algorithm Suite
Key Exchange: diffie-hellman-group-exchange-sha256
Server Host Key: ecdsa-sha2-nistp521
Client to Server Encryption: aes128-ctr
Server to Client Encryption: aes128-ctr
Client to Server HMAC: hmac-sha1
Server to Client HMAC: hmac-sha1
Client to Server Compression: none
Server to Client Compression: none
2019-05-22T14:28:47Z Client Algorithm Suite
Key Exchange: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,ext-info-c
Server Host Key: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,x509v3-rsa2048-sha256,x509v3-ssh-rsa
Client to Server Encryption: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
Server to Client Encryption: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
Client to Server HMAC: hmac-sha1,hmac-sha2-256,hmac-sha2-512
Server to Client HMAC: hmac-sha1,hmac-sha2-256,hmac-sha2-512
Client to Server Compression: zlib@openssh.com,none
Server to Client Compression: zlib@openssh.com,none
2019-05-22T14:28:47Z Key Exchange Algorithm: diffie-hellman-group-exchange-sha256
2019-05-22T14:28:47Z Invalid host key.
2019-05-22T14:28:47Z Exception. Error=0x80072745回答 1
Server Fault用户
发布于 2019-05-21 17:19:06
这是一种建立在SFTP和SSH中以防止中间人攻击的防故障机制。在安全传输开始之前,必须验证和接受服务器的证书。
如果您使用的是WinSCP命令行实用工具,可以使用/hostkey参数指定CoreFTP服务器的指纹,这样它就可以在不提示的情况下自动启动传输。
另一个选项是以运行脚本的用户身份登录,然后使用winscp命令行建立连接。它应该提示您接受服务器的密钥,并将其保存在用户设置中。
如果您更改了服务器,您将不得不记住重新信任,或更新客户端的/hostkey设置。
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/968242
复制相关文章
相似问题
腾讯云开发者
