Step-by-Step
If you are using the Fetch application to connect to a server, and receive the following error "SFTP connection to "server_name" could not be opened because the SFTP server rejected your authentication information. Contact the server administrator to verify that you have the correct hostname password, and authentication method" follow the steps below to resolve this. This typically happens when a file is updated on the server to which you are trying to connect.
Option 1:
This is a simple fix, but may not be ideal for people that connect to multiple servers with Fetch. Doing this will remove all of the cached host keys and prompt you to save the new key on the next connection attempt for each server to which you connect.
- With Finder as the active application, click Go then Go to Folder.
- In the Go to the folder field enter ~/.ssh and click Go.
- Delete the file known_hosts found in that folder.
- Using Fetch, connect to the server you normally do, and accept the new host key when prompted.
Option 2:
Alternatively, you can edit the known_hosts file to remove just the key for the server that gave you the error - although this process is a little involved.
- With Finder as the active application, click Go then Go to Folder.
- In the Go to the folder field enter ~/.ssh and click Go.
- Double click the file known_hosts found in that folder to open it in TextEdit.
- Delete the line in this file that starts with server name that gives you the error (e.g. <servername>,<IP Address> ecdsa-sha2-nistp256 AAAAE2Vj ... 18/tf/G1u0=). Be sure not to delete any other lines or parts of lines.
- From the menu bar, click File then Save.
- Close TextEdit and start Fetch. Connect to the server you normally do and accept the new host key when prompted.
Details
The SFTP protocol that is used to make the secure connection to the server includes a mechanism to prevent a user from being tricked into connecting to a malicious server by caching a key on your computer. This key is installed automatically the first time you connect to the server. On subsequent connections this key is checked to make sure that the current key presented by the server matches the version on your computer. Occasionally, a server's host key will be legitimately changed (e.g. server reinstallation ) and the host key will no longer match the key on your computer. Most applications will prompt the user with a warning indicating that this is the case, and present a dialog that explains how to remedy the situation.