You are right on all counts. I was using sftp. The certificate was not the issue. Once I added the changed host key into the known_hosts file it all started working again. (I used ssh-keyscan.)The "Connection refused" errors you got between when it was working and not, suggest that the provider at least updated and more likely changed some software.This doesn't explain why the certificate was working fine until two days ago and then suddenly caused the curl failure.Does $host expand to something that specifies what protocol to use? That is important information, especially given that the error is "SSL peer certificate or SSH remote key was not OK".curl -s -S -u myname: \
--connect-timeout 25 --max-time 40 --retry 3 \
--pubkey ~/.ssh/id_rsa.pub \
-T $file $host >> $log 2>&1
I think you are attempting SFTP, which is part of SSH, not to be confused with FTPS. SSH does not use TLS (SSL) certificates, it uses SSH host keys.
Host keys or algorithms are likely to change if a server is reinstalled, and you need to interactively accept them into ~/.ssh/known_hosts on the next connection, and possibly manually delete the old ones. I do not know how doing that in ssh/sftp interacts with curl. Can you use:Code:
echo "put $file" |sftp user@host
(Thank you for showing me that there's always something to learn.)
What troubles me is that I kept asking them if they had made any changes to their servers and their consistent reply was:
There have been no recent changes to the server configuration that should impact FTP/SFTP connections. The server is configured correctly for secure file transfers.
Statistics: Posted by Ratsima — Sat Jun 22, 2024 12:24 am