Page 1 of 1

WingFTP Key is changing every night

Posted: Wed Jul 15, 2020 12:46 pm
by ehokanson
Is there A setting or something that I am missing. When I try to connect to my WingFTP server from another server that is using WINSCP it works for one day and then the next day I get this message. I not sure where to go from here.



Image

Re: WingFTP Key is changing every night

Posted: Tue Jul 21, 2020 3:10 pm
by jhoag
I'm getting the same issue and am using WingFTP server version 6.4.0 to push files to it using WinSCP version 5.17.6 and a script that has the WingFTP SSH Key hard coded into the script and an "Open" command like so:

Code: Select all

open sftp://username:password@ourwingftpserver.com/" -hostkey="ssh-rsa 2048 OurWingFTPKey"
However, everyday when the script runs...WinSCP will produce the following error in the Log File:

7/21/2020 7:05:57 AM Host key fingerprint is:
7/21/2020 7:05:57 AM ssh-rsa 1024 ADifferentFTPKey
7/21/2020 7:05:57 AM Host key does not match cached key
7/21/2020 7:05:57 AM Host key does not match configured key fingerprint ssh-rsa 2048 OurWingFTPKey
7/21/2020 7:05:57 AM Host key fingerprint is ssh-rsa 1024 ADifferentFTPKey

What would cause WingFTP to return an ssh-rsa 1024 key, when what's being sent to connect to WingFTP, is a ssh-rsa 2048 key? This makes no sense.

So specifically, under what circumstances would a connection made to WingFTP that explicitly specifies the key to use, would WingFTP reply and say that the key is now different? This makes no sense, given that the device we're connecting TO the WingFTP server...always comes in on the exact same port and IP.

What makes WingFTP give out a new SSH key that's less strong in this case (1024) than what was sent/requested in the connection that's attempted by WinSCP? For example, could a firewall rule actually be suppressing the higher encryption, which then forces WingFTP to issue a less strong key instead...which then produces the "Host key does not match configured key fingerprint" error?

Looking for some knowledge on this topic. It seems really strange to have this be the case. Thanks!

Re: WingFTP Key is changing every night

Posted: Wed Jul 29, 2020 2:16 pm
by jhoag
According to WinSCP, they are suggesting that there is a bug in the WingFTP server in terms of how it is issuing keys:
https://winscp.net/forum/viewtopic.php?p=101019#101019

The latest response from them is at the bottom of the post above. Can you provide feedback on the possibility that we're experiencing a bug?

Re: WingFTP Key is changing every night

Posted: Wed Jul 29, 2020 2:32 pm
by FTP
OK, we will look into this issue.