Your best friend for file transfer.

Fetch application logoFetch

Host key change (18 posts)

  • Started 3 years ago by Dick Atlee
  • Latest reply 2 years ago from Jim Matthews
  • Dick Atlee Member

    There was an upgrade to the SFTP server I use, and apparently the host-key was changed. When I connected with WinSCP on the Windows side of my Mac, I was notified of that fact and was able to accept the new key. With Fetch, however, I get "the conenction to the SFTP server could not be established or was lost."

    The Fetch help on site keys says: "If there is a more serious problem with the SFTP connection — for instance, the SSH host key you have stored for a server does not match the key the server is now using, or the IP address of a server has
    changed but the key has not — Fetch will refuse the connection to the server."

    There is no apparent way to force a key change. I could delete all my shortcut connections to that server, but it would be a pain to rebuild them, and I doubt that this would remove the server and key from wherever it is stored.

    Any ideas how to deal with this? Thanks for any help.

    Posted 3 years ago #

  • Scott McGuire Administrator

    Hi,

    There's no need to delete all your shortcut connections to the server.

    Please do the following to clear your SSH keys:

    * In Fetch, choose Fetch Help from the Help menu.
    * In the help window, search for "known hosts".
    * Double-click on the "RSA host key differs warning" help topic (it should be the one at the top of the list).
    * A help topic opens in the help window.
    * Scroll down to the "Delete the known_hosts file for me" link.
    * Click the link, and follow the instructions.

    Once that's done, try connecting to your server using SFTP again. If you're warned that "the authenticity of the host can't be established" (you may or may not be), that is normal and you should continue.

    Please let us know if you have further questions or problems.

    Thanks,

    Scott McGuire
    Fetch Softworks

    Posted 3 years ago #

  • Charles Noble Member

    I tried to find this help item and it did not show up - is there a link address to it?

    Posted 2 years ago #

  • Dick Atlee Member

    It's funny -- I don't remember receiving any notification that my year-old inquiry had been replied to almost immediately. I think I ended up just biting the bullet and continuing with the connection, since I was confident of it.

    In any case, the instructions work in my version of Fetch 5.5.2. When Scott says to search for "known hosts," I assume he means to put those two words (without quotes) in the magnifying-glass field at the upper right of the Help window. When I did that, and hit RETURN, it did indeed give me a list, the first item of which was "RSA host key differs warning," and double-clicking on it gave a well-written full page on the subject, with the link to delete the known-hosts file (which I didn't try).

    I wonder if this is connected to Lobster Barbie...

    Posted 2 years ago #

  • Jim Matthews Administrator

    Hi Charles,

    The "RSA host key differs" help topic has been removed from Fetch Help because Fetch now (as of Fetch 5.7) automatically handles this situation. If you connect to a server and there's a host key mismatch, you should see a dialog explaining the situation, and asking you how you would like to proceed.

    Thanks,

    Posted 2 years ago #

  • Thomas Member

    Jim,

    I've got 5.7.2...

    Having issues with this still. I get the following message:

    "could not... because connection was refused."

    I see no way to resolve this, nor do I see an "RSA host key differs" option.

    Help!
    T

    Posted 2 years ago #

  • Jim Matthews Administrator

    Hi,

    Thomas, could you submit a transcript at http://fetchsoftworks.com/fetch/feedback ? We'll take a look and see what we can figure out.

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

  • litlnemo Member

    "Fetch now (as of Fetch 5.7) automatically handles this situation. If you connect to a server and there's a host key mismatch, you should see a dialog explaining the situation, and asking you how you would like to proceed."

    This is not happening for me, and I'm running 5.7.3. I'm just getting the 24010 error, with no explanation and no asking how I would like to proceed. But the logs say " WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" etc.

    The transcript says;

    "Connecting to [address here] port 22 (10/30/12 4:01 PM)
    SSH2_FXP_INIT 3
    SFTP connection to “[hostname here]” could not be opened because an error has occurred. (Mac OS error 24010.)"

    Edited 2 years ago #

  • Jim Matthews Administrator

    Hi,

    There's been a change to some SFTP servers that keeps Fetch 5.7's automatic detection of host key change errors from working; instead you get that unhelpful 24010 error message. We are working to fix this for a future release.

    In the meantime, the fix is to edit your ~/.ssh/known_hosts file to remove the line for the server you are trying to connect to.

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

  • David Dodman Member

    Hello,

    I'm experiencing the same problem: my web host decided to change its host key last week, and my SFTP attempts through Fetch have been stymied ever since. Like others here, I'm getting the "Mac OS error 24010" message.

    Jim, forgive a question from a newbie, but how do I "edit (the) ~/.ssh/known_hosts file", as you suggest? Where is this file? I've searched my Mac and can't seem to find it. Sorry if I missed something...

    Thanks very much,

    David

    Posted 2 years ago #

  • litlnemo Member

    I just deleted the known hosts file and I could use Fetch again.

    David, the .ssh folder is a hidden folder, and so you can't see it. I made changes to my system some time ago that made all hidden files visible. But I don't remember how I did it. It sure helps when troubleshooting, though. Maybe someone else here can suggest how to make your .ssg folder visible.

    Posted 2 years ago #

  • David Dodman Member

    Good to know, thanks! Appreciate it.

    Posted 2 years ago #

  • Dick Atlee Member

    I started showing hidden files a long time ago, and also can't remember, but one of these should help:

    Lion/Mountain Lion: http://www.mikesel.info/show-hidden-files-mac-os-x-10-7-lion/

    earlier?: http://osxdaily.com/2009/02/25/show-hidden-files-in-os-x/

    The file will be in the .ssh folder in your home directory.

    Posted 2 years ago #

  • Jim Matthews Administrator

    Hi,

    Another way to open the hidden .ssh folder is to choose "Go to Folder…" from the Go menu in the Finder, and type:

    ~/.ssh

    and click Go.

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

  • David Dodman Member

    litlnemo, Dick, and Jim, thanks: deleting the known_hosts file worked like a charm. Back up and running!

    Posted 2 years ago #

  • Jim Matthews Administrator

    Glad to hear it!

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

  • Lauren Member

    I tried quitting Fetch and deleting my known_hosts file but I'm still having the same issue since changing my SFTP password. Any other suggestions?

    Posted 2 years ago #

  • Jim Matthews Administrator

    Hi Lauren,

    Could you choose Fetch Transcript from the Window menu after you get the error message, and post the window contents here (or send them to us at http://fetchsoftworks.com/fetch/feedback)?

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 2 years ago #

Reply

  • Or nickname, if you prefer.
  • This will be kept confidential.
  • This is to ensure that you’re a person, not a spambot.