Your best friend for file transfer.Fetch
Connection problem: security certificate? (2 posts)
- Started 4 years ago by Jim
- Latest reply 4 years ago from Scott McGuire
I am having difficultly connecting to an FTP server. I've been developing a website using SFTP to upload files with no problem. My hosting service moved me (and my domain name) to a production server but now Fetch can't seem to connect. I CAN connect if I use the IP address of the new server AND I can ping the (actual) hostname "ftp.example.com" (placeholder name) from my computer. I suspect that the certificate associated with this server doesn't cover my domain - I sometimes see this with the browser, which has a list for exceptions. Does Fetch have such a list somewhere? Or a specific error for this kind of problem?
Scott McGuire Administrator
Each SFTP server has an "SSH host key" that enables secure transfers. When you connect to an SFTP server, Mac OS X stores that server's key for future use. If the server's key changes and no longer matches the one stored on your Macintosh, this could indicate a security problem. Some programs ignore the error; Fetch instead refuses to make the connection. (We hope to have a better error other than "can't connect" for this in the future.)
My guess is since your domain was moved to a new server, the host key has changed and that's the reason you can't connect. You should try clearing your Mac's store of SSH keys, so that you can get a fresh key from the server.
Please do the following to clear your SSH keys:
* In Fetch, choose Fetch Help from the Help menu.
* In the help window, search for "known hosts".
* Double-click on the "RSA host key differs warning" help topic (it should be the one at the top of the list).
* A help topic opens in the help window.
* Scroll down to the "Delete the known_hosts file for me" link.
* Click the link, and follow the instructions.
Once that's done, try connecting to your server using SFTP again. If you're warned that "the authenticity of the host can't be established" (you may or may not be), that is normal and you should continue.
Please let us know if this fixes the problem or not.
- Page 1