Secure web communications
Communications errors
Unable to connect to SFTP host
Secure File Transfer Protocol, SFTP, uses SSH to build a secure connection to a host in order to transfer files. Occasionally we find that we cannot connect to a SFTP host previously available, even though the server is responding on the same port, usually 22, to ping or telnet requests.
The most common problem is that the host has updated its authentication keys, and the local computer is storing an outdated key. The solution to this problem is to delete the old key. On Mac OS X or *nix systems, one can remove the old key with a terminal command, substituting the host address for ftphostname:
ssh-keygen -R ftphostname
This command removes from the file known_hosts , stored in ~/.ssh/ , any line that has that host address, allowing your ssh or SFTP software to generate a new line for the new key. A version of the file before the removal is created called known_hosts.old , in case you need the old key for any reason.
For example, if I have trouble making a previously working connection to ftp.google.org, I open Terminal and type the following command:
ssh-keygen -R ftp.google.org
And I see the following response:
# Host ftp.google.org found: line 22 type RSA /Users/shawn/.ssh/known_hosts updated. Original contents retained as /Users/shawn/.ssh/known_hosts.old
Dreamweaver keeps its own known_hosts file at ~/Library/Application Support/Adobe/Dreamweaver CS#/en_US/Configuration (replace the #-sign with your version). You can remove entries from it with the -f flag like so:
ssh-keygen -R ftp.your-server.com -f /Users/yourusername/Library/Application\ Support/Adobe/Dreamweaver\ CS6/en_US/Configuration/ssh_hosts
That action, however may not result in a fix, so I have resorted to deleting Dreamweaver's ssh_hosts file.
References
- Rackspace article explaining how to get correct keys from their server
- http://www.rackspace.com/knowledge_center/article/rackspace-cloud-essentials-checking-a-server’s-ssh-host-fingerprint-with-the-web-console
