Trying to transfer file to remote server via SFTP using DSA fingerprint?

Question

Full disclosure, I'm a web developer and not a network admin, so this stuff is a little out of my wheelhouse.

I'm trying to use cURL to initiate a SFTP connection and transfer a simple text file to a remote host. When I run this cURL command:

curl -u username:password -T /path/to/file.txt sftp://host.com:22/file.txt

I'm getting this error: curl: (51) SSL peer certificate or SSH remote key was not OK

So I contacted the remote host's admins, and they responded with this message:

Please use our host key ssh-dss 1024 12:34:56:78:90:ab:cd:ef:12:34:56:78:90:ab:cd:ef

After some digging, I learned I can't generate a public key from the information they provided. I'm not sure what to do with this information. Any advice? I guess I thought I needed a public key file from them...is that correct?

Any and all insight would be greatly appreciated. Thank you!

Answer 1

-k, --insecure

(SSL) This option explicitly allows curl to perform "insecure" SSL connections > and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless -k, --insecure is used.

See this online resource for further details: http://curl.haxx.se/docs/sslcerts.html

from: https://serverfault.com/questions/469824/curl-disable-certificate-verification

Answer 2

I guess the easiest way to do that would be to manually connect using sftp

sftp host.com

It will prompt you to verify host key or comes with error that DSA is not allowed. In first case, verify you have the same one as provided from the admins and write "yes".

If your client does not accept DSA, add HostKeyAlgorithms +ssh-dss in your ~/.ssh/config.

After that you should be able to transfer files using your command.