Check SHA256 remote sftp

Hey everyone,

I want to connect to SFTP and this is working fine.
But first I want to check on the SHA256 (ECDSA) so know I am connected to the right remote (the ip changes from time to time).

For example, I want to check this hash first (to make sure there will be no man in the middle attacks, or if the IP connected to another user, the backup is canceled)

Rclone doesn't currently check hashes of remote servers, ie in a known hosts scenario.

What would you think of rclone writing the hash to the config file on first connect? Would that be the kind of thing?

I don't actually know how that bit of the ssh protocol works, but I'm pretty sure there is support for it in the go libraries.

1 Like

Hey @ncw,

Thank you for the reply. I think that would be wonderful if there is a hash check in the config file since it make it make secure.

Can you please make a new issue on github about this? Maybe you'd like to help implement it?