We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initially reported in https://bugzilla.redhat.com/show_bug.cgi?id=1824926
When the server uses an ECDSA key, curl fails to verify it's entry in the known hosts file when accessing using SFTP.
Using RSA, ED25519, or DSA keys no error is generated and the download is successful.
In Fedora 32, using curl-7.69.1-1.fc32.x86_64
# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ echo 'localhost $(cat "/etc/ssh/ssh_host_ecdsa_key.pub")' >> ~/.ssh/known_hosts
$ dd if=/dev/zero of=~/testfile bs=1M count=1
$ systemctl restart sshd
$ curl -o ./sftp_file -u testuser: --key ~/.ssh/id_rsa \ --pubkey ~/.ssh/id_rsa.pub sftp://localhost/home/$(whoami)/testfile
Then I get the following error:
curl: (60) SSL peer certificate or SSH remote key was not OK
No errors and the file is successfully downloaded
[curl -V output]
curl 7.69.1 (x86_64-redhat-linux-gnu) libcurl/7.69.1 OpenSSL/1.1.1d-fips zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 Release-Date: 2020-03-11 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets
Linux fedora32 5.6.2-301.fc32.x86_64 #1 SMP Tue Apr 7 18:23:18 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered:
14bf7eb
Successfully merging a pull request may close this issue.
Initially reported in https://bugzilla.redhat.com/show_bug.cgi?id=1824926
When the server uses an ECDSA key, curl fails to verify it's entry in the known hosts file when accessing using SFTP.
Using RSA, ED25519, or DSA keys no error is generated and the download is successful.
I did this
In Fedora 32, using curl-7.69.1-1.fc32.x86_64
Then I get the following error:
I expected the following
No errors and the file is successfully downloaded
curl/libcurl version
[curl -V output]
operating system
The text was updated successfully, but these errors were encountered: