FileZilla Unknown Host Key.

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
rh205
500 Command not understood
Posts: 4
Joined: 2018-12-29 01:35

FileZilla Unknown Host Key.

#1 Post by rh205 » 2018-12-29 02:11

Hi,

I am running Filezilla 3.39.0 on a Windows 10 Pro Version 10.0.17134 Build 17134 Laptop and have hit a problem when trying to connect using SFTP.

I am getting the message 'Unknown Host Key'. Having read botgs reply on the post viewtopic.php?t=30234 before proceeding any further I took a screenshot and asked my host to confirm the servers keys. My host came back and said the keys displayed were incorrect so I made sure the checkbox was unticked and selected cancel. They have sent me the correct keys so I tried connecting using OpenSSH on the same machine and it came back with the correct keys. I tried both SHA256 and MD5 in OpenSSH as Filezilla displayed these and both came back correct. Therefore am I right to assume there isn't a MITM as I have been given the correct keys by OpenSSH.

I detail below the steps I have taken to try and solve this problem:

1) Clear the host key cache by removing key from HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys. Entry not present in registry. Attempt to connect again but Filezilla still displaying the same keys. viewtopic.php?t=23184

2) Clear all private data from Filezilla, restart program, recreate SFTP site manager entry and reconnect. Still displaying incorrect keys.

3) Run MalwareBytes to check for any Malware that may be present. None found. Filezilla still displaying wrong keys.

4) Run CCleaner. Filezilla still displaying wrong keys.

5) Uninstall Filezilla, restart computer and re-run CCleaner to clear up any junk left by Filezilla. Filezilla still displaying wrong keys.

As you can see apart from wiping the whole HDD I have done quite a lot to try and get it to work but am still getting the 'Unknown Host Key' message and wrong keys displayed.

My host has simply suggested that something must be cached somewhere but I'm at a loss as to where and would be very grateful for any assistance with this issue.

User avatar
botg
Site Admin
Posts: 35508
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileZilla Unknown Host Key.

#2 Post by botg » 2018-12-29 18:50

What exactly is the host key fingerprint as displayed by OpenSSH and what exactly is the host key fingerprint as displayed by FileZilla?

rh205
500 Command not understood
Posts: 4
Joined: 2018-12-29 01:35

Re: FileZilla Unknown Host Key.

#3 Post by rh205 » 2019-01-01 10:34

botg wrote:
2018-12-29 18:50
What exactly is the host key fingerprint as displayed by OpenSSH and what exactly is the host key fingerprint as displayed by FileZilla?
Hi,

Thanks for your reply. Please see the attached screenshots for the host key fingerprints as displayed in OpenSSH and Filezilla.
Attachments
2019-01-01.png
2019-01-01.png (150.57 KiB) Viewed 7943 times
Screenshot (2).png
Screenshot (2).png (89.98 KiB) Viewed 7943 times

User avatar
botg
Site Admin
Posts: 35508
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileZilla Unknown Host Key.

#4 Post by botg » 2019-01-01 11:45

The difference is in the used host-key algorithm. The host key algorithm preferred by FileZilla is both faster and more secure. Please contact your hosting provider to inquire about the server host key for all supported host key algorithms.

With the OpenSSH client, try -oHostKeyAlgorithms=ssh-ed25519

rh205
500 Command not understood
Posts: 4
Joined: 2018-12-29 01:35

Re: FileZilla Unknown Host Key.

#5 Post by rh205 » 2019-01-04 17:10

botg wrote:
2019-01-01 11:45
The difference is in the used host-key algorithm. The host key algorithm preferred by FileZilla is both faster and more secure. Please contact your hosting provider to inquire about the server host key for all supported host key algorithms.

With the OpenSSH client, try -oHostKeyAlgorithms=ssh-ed25519
I have now run that command in OpenSSH and it comes back with a key that matches Filezilla. Should I get back on to my host and ask them to confirm the ssh-ed25519 key?

User avatar
botg
Site Admin
Posts: 35508
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileZilla Unknown Host Key.

#6 Post by botg » 2019-01-04 19:16

Yes.

rh205
500 Command not understood
Posts: 4
Joined: 2018-12-29 01:35

Re: FileZilla Unknown Host Key.

#7 Post by rh205 » 2019-01-16 19:47

Hi,

I have now had my host confirm that they are the correct key. Many Thanks for your help.

Post Reply