I've been using curl (by means of git-ftp) for a while, and passing only username and an sftp URL.
Authentication would always work implicitely through publickey.
Suddenly curl will not connect through SSH anymore – apparently because it does not get a host key and therefore rejects the connection:
Trying {IP}...
* Connected to host.example.com ({IP}) port 22 (#0)
* SSH MD5 fingerprint: {Fingerprint}
* SSH host check: 2, key:
* Closing connection 0
Why can't curl get the key?
Connections with ssh -v work and do give me 2 host keys, also curl --insecure will work.
Answer
libssh2 does not support some later keys like ecdsa-sha2-nistp256 and ssh-ed25519.
So if you already have one of these keys in your .ssh/known_hosts, libssh2 will fail. But you can add another key that libssh2 supports, like RSA:
To fix it, retrieve the RSA public key from the remote host and add it to your known_hosts file:
ssh-keyscan hostname.example.com >> ~/.ssh/known_hosts
The exact format and file location might vary by system.
No comments:
Post a Comment