1.  Home
  2. MIDRANGE-L
  3. April 2025

Re: sFTP User Name - does it need to match user name on the server

Hello Greg,

Am 29.04.2025 um 21:15 schrieb Greg Wilburn <gwilburn@xxxxxxxxxxxxxxxxxxxxxxx>:

If you want to log into a remote machine from a local one, and want to use a specific private (!) keyfile locally, > use the -i option. If said keyfile is named id_rsa or whatever crypto stuff was used, and it's contained in the
user's home directory, subdirectory .ssh, the ssh, sftp and scp commands find the file automatically.

This is what I want to do... I've tried to use the -i option to indicate the location of the keys, but I must not have the syntax correct.

I get "Host key verification failed"

This is a different issue. A host has a "personal" key to provide identification (in /etc/ssh/ssh_host_*). ("Trust on first use.") This is usually saved in /home/biz/.ssh/known_hosts — or whatever the home directory for the current user is, when you are asked if you want to accept the host key.

If the saved information (IP-Address, Hostname vs. pubkey) differs, you get "Host key verification failed", alerting you about a possible impersonation.

Usually this is because the other side has created new host keys, for whatever reason. You can safely delete said known_hosts file. It's created anew when you save new host keys: On first connect to another host, you'll be asked if you want to accept the remote's host key.

Note that a known_hosts file can contain more than one entry (line) for each host you've connected to.

So if the key is in /home/biz/.ssh and is called id_rsa, what is the correct syntax for the command line option?

sftp -I /home/biz/.ssh/id_rsa biz@xxxxxxxxxxxxxx did not work

Command line arguments are case sensitive in Unix. And hence ported applications from Unix have the same restrictions. You're supposed to use -i.

Otherwise you are correct.

I noticed the question in the email subject too late. Answer: No. As written, you can use another username for the remote machine: sftp username@remote

Also, if you are running sftp as user biz, you don't need to supply -i because sftp will look for id_rsa by itself. If you're using a different local user, consider to clean this up by providing a user specific .ssh directory instead of "grabbing" the key from another home directory. From a Unix perspective, this is bad style and at least confusing. Remember to use chown to give those files to the user in question.

Does that help?

:wq! PoC



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.