Hello back!
After the web host provider only offers SHA256 fingerprints and WinSCP can not handle this, and there are no other portable SFTP clients for Windows, I used FileZilla again after many many years. I can not believe it myself.
The first oddity happened when checking the fingerprint. There, a "=" and the MD5 fingerprint are added to the SHA256 fingerprint. The line break now looks as if the "=" belongs to the SHA256 fingerprint. That irritates.
As a second oddity, which I would interpret as erroneous programming, it is necessary at the first server connection to enter the password. The password already at the first server connection to enter I think wrong, because at this time the password is already transferred before the fingerprint could be checked. This is not in the sense of the security effort of a SHA256 fingerprint. Since you can let that be the same. If the fingerprint is wrong, then you can put the password immediately on the Internet. I mean here the first server connection. If you do not save the fingerprint, then you have to do a server connection without password and then with password each time.
The third is a question: which SSH client do you use? So far, I've used puTTY, but it's not SHA256 either. Now I am also looking for a new one that should be portable.
First use queerness and questions
Moderator: Project members
Re: First use queerness and questions
The password is not transmitted prior to accepting the fingerprint. You can check the source code to verify this.
The = belongs to the base64-encoded SHA256 hash, it's a padding character to ensure that the string is an exact multiple of 4 characters in size. That's how base64 works.
The = belongs to the base64-encoded SHA256 hash, it's a padding character to ensure that the string is an exact multiple of 4 characters in size. That's how base64 works.