Update the List of Supported Algorithms
After you enable a new algorithm to encrypt files in File Server, you must make some quick and easy updates to the
known_hosts
file. Otherwise, your connection to File Server closes and a warning appears.
Who needs to update the known_hosts file
The warning appears if any of the following statements are true:
- You've connected to File Server before and then enable an additional algorithm.
- You've never saved changes on the File Server Settings page before and File Server introduces an algorithm in a functional release.
The warning doesn't appear under any of the following circumstances:
- An integration uses the FTP adapter to connect to File Server.
- You enable an additional algorithm and have never connected to File Server before.
- You enable an additional algorithm but want to continue using your previously selected algorithm.
Warning text and why it occurs
If you remove the algorithm that you previously used, or if you pass an argument for using the new algorithm when connecting to File Server, the connection closes. Additionally, warning text that is similar to the following message appears in your SFTP client.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
<fingerprint>.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Offending RSA key in ~/.ssh/known_hosts:<line_no>
Host key for [<fileserver-ip>]:<fileserver-port> has changed and you have requested strict checking.
Host key verification failed.
Connection closed.
Connection closed
The warning text appears because your known_hosts
file recognizes only the algorithm you previously used to connect to File Server. When you try to connect using a new
algorithm, or if the algorithm that you previously used is no longer enabled, File Server appropriately recognizes that the
connection attempt could be an attack and prevents you from making the
connection.
Why an update is needed
To connect File Server again and keep working, you must
update your known_hosts
file so that File Server knows that it's safe to transmit files using the new
algorithm.
To update the list of supported algorithms and the known_hosts file: