"--ssh-fingerprint" should ignore case of letters within hex numbers

First, thanks for providing Duplicati and its documentation - great software!

Creating a new backup job, I set up the advanced option “–ssh-fingerprint” to verify server identity.
The fingerprint I copied from some place looked like “ssh-rsa 2048 55:32:0D:AF:99:7C:…”.

Duplicati failed, logging an error like “server fingerprint ssh-rsa 2048 55:32:0d:af:99:7c:… does not match”. However, the server’s fingerprint did match exactly with the value I entered in the configuration.

Being a bit confused, I realised the only difference was the case of the letters contained in the hex numbers.
I don’t know if there is a convention to only use lower case, but I did certainly not convert my fingerprint to upper case, and so I guess this case is not completely hypothetic.

Therefore, I suggest to improve the code doing the fingerprint check so it does not compare mere strings, but execute a comparison of the actual hex values.


Verify host identify, in documentation for the SSHNET library Duplicati runs, suggests such an approach. however Duplicati seems to intend a case-insensitive comparison of the entire string, not just the hexits.

Maybe you can spot the problem. The lowercasing you mentioned looks like just the error message way, however there is more to the message (possibly you might need to get a better log) than the initial string.

Above code is beta, which should be the same as beta, but different from beta.
Perhaps by a look at above code and at the complete exception message, some answer can be found.