File Mover Blog

October 12, 2024

SFTP Fingerprint option added to Limagito file mover

Q: I have a question related to SFTP fingerprints. When I create a new rule and add new Source -> SFTP, where can I configure the fingerprints of the Source host’s fingerprint? I would like to be sure that the server is valid.

A: We allow the fingerprint of the sftp server you added as source automatically. At this moment there is no option to add fingerprints of the host manually.

Q: Thanks for the very quick answer. Hopefully it will be possible on the next version. There is a possibility for MiTM attack.

A: In version v2024.10.12.0 we added the Fingerprint option for SFTP as Source and Destination.

The goal of the fingerprint is to verify the authenticity and integrity of the SFTP server you’re connecting to. This is a short, unique representation (a hash) of the server’s public key. The purpose of this fingerprint is to help you confirm that you’re connecting to the correct server and not a malicious or imposter server. This is optional and by default we allow any fingerprint.

E.g.

The default Hash Algorithm is MD5

68:ff:d1:4e:6c:ff:d7:b0:d6:58:73:85:07:bc:2e:d5

Please add one if the following prefixes to adjust the default Hash Algorithm:

SHA256:
SHA384:
SHA512:
SHA1:
SHA3-224:
SHA3-256:
SHA3-384:
SHA3-512:

limagito file mover sftp fingerprint option

  • In case you receive an error message regarding the Fingerprint Compare, please increase the RunTime Log Level to ‘Debug’:

Limagito file mover Logging option

limagito file mover runtime log setup

  • RunTime Log example:
    • If the the fingerprint in your SFTP setup is not correct, the following error message will appear
    • Increasing the log level of the RunTime log will show you the Fingerprint the SFTP server is sending
    • You can compare this to the one in your setup, in the example below we used the SHA256 hash algorithm

limagito file mover runtime log sftp fingerprint

If you need any help with this request, please let us know.

Best Regards,

Limagito Team

#sftp #managedfiletransfer #filetransfer #filemanagement

By Limagito-Team SFTP , Share:
SEARCH