1

I've put together an ETL process with Python where I move some files from an SFTP server to a local sever. I'm following the directions from here: http://pysftp.readthedocs.io/en/release_0.2.9/cookbook.html

I was having a hard time getting the key encryption to work so I followed the directions to set it up so it doesn't check for a host key. It explicitly says that's a bad idea so I only did it for testing with full intention of using a host key later.

When it came time to put our public key on the server, the provider said that that wasn't something that they did. Plot twist, we don't own the server so I can't put it there myself.

Even without the key, the connection is still encrypted right? The reason I'm confused is because I use tools like WinSCP and that doesn't require that I use an encryption key.

What are my risk if I DON'T use an encryption key?

Sharing code per request. The values of the parameters are pulled in via a yaml format config file.

import pysftp

cnopts = pysftp.CnOpts()
cnopts.hostkeys = None

with pysftp.Connection(host, username=username, password=password, cnopts=cnopts) as sftp:
Tobi Nary
  • 14,352
  • 8
  • 44
  • 58
Bob Wakefield
  • 113
  • 1
  • 1
  • 4
  • Verifying the host key is a matter of checking the fingerprint of the server, and isn't something you would manually copy onto a server. Can you show the part of your code that you disabled key encryption in so we can verify that we're talking about the same thing? – Xiong Chiamiov Dec 01 '17 at 00:05
  • It sounds like you may be confusing the host keys with SSH public/private keys that are used to authenticate the client. – multithr3at3d Dec 01 '17 at 00:46
  • Code shared. If I'm using a password then why do I need to authenticate twice? – Bob Wakefield Dec 01 '17 at 01:29
  • "Host Key checking is enabled by default. It will use ~/.ssh/known_hosts by default. If you wish to disable host key checking (NOT ADVISED) you will need to modify the default CnOpts and set the .hostkeys to None." I think you might be right about my confusion.... – Bob Wakefield Dec 01 '17 at 01:30

1 Answers1

1

You confuse your account public key, that you use for authentication, with a host/server public key, that you should use to verify the server.

These are unrelated, while serving a similar purpose, just in an opposite direction. The server uses your public key to verify your identity. While you should use the server public key to verify server's identity.

See my article on understanding SSH keys.


Even if you use a simple password authentication, you still have to verify the host key. The host key verification protects you from man-in-the-middle attacks.


See my answer to Verify host key with pysftp to learn how to verify the hostkey with pysftp library.


Note that neither of the two above mentioned public keys are encryption keys. That's just another thing. See How does SFTP function without a manually generated public/private key pair.

Martin Prikryl
  • 493
  • 5
  • 21