Topic "Removing a Cached HostKey via API"

Author Message
InteXX
[View user's profile]

Joined: 2009-05-17
Posts: 21
Location: Fairbanks, Alaska
My app handles its own SFTP HostKey management; if the WinSCP application is installed on the same computer and the user elects to cache a HostKey, this can cause problems for my app. The user understands that the app's HostKey management takes precedence over WinSCP's.

Thus I've gone to extra measures to make sure that on startup the app clears the HostKey from the registry and also deletes any existing WinScp.ini files in the execution directory from previous sessions. I'm including my registry access code below to demonstrate.

My ad-hoc solution works for now, but my concern is that it's a bit brittle. In other words, it's relying on undocumented architecture. If this architecture should change in the future it could break my design.

It would be helpful if the .NET API could include a method to accomplish the task if desired. This way it would be documented, stable and more reliable.

Thanks,
Jeff Bowman
Fairbanks, Alaska



Code:
Private Sub RemoveCachedHostKey(HostName As String)
  Dim _
    oHostsResult,
    oAppResult As Action(Of String)

  Dim _
    oHostsQuery,
    oAppQuery As Func(Of String, Boolean)

  Dim _
    oHostsKey,
    oAppKey As RegistryKey

  oHostsKey = Nothing
  oAppKey = Nothing

  oHostsResult = Sub(ValueName As String) oHostsKey.DeleteValue(ValueName)
  oHostsQuery = Function(ValueName As String) ValueName.ToLower.EndsWith(HostName.ToLower)
  oAppResult = Sub(KeyName As String)
                 oHostsKey = oAppKey.OpenSubKey(KeyName, True).OpenSubKey("SshHostKeys", True)

                 If oHostsKey IsNot Nothing Then
                   oHostsKey.GetValueNames.Where(oHostsQuery).ToList.ForEach(oHostsResult)

                   If oHostsKey.ValueCount = 0 Then
                     oAppKey.OpenSubKey(KeyName, True).DeleteSubKey(oHostsKey.Name)
                   End If
                 End If
               End Sub

  oAppQuery = Function(KeyName As String) KeyName.StartsWith("WinSCP")

  With RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Registry32).OpenSubKey("Software", True)
    oAppKey = .OpenSubKey("Martin Prikryl", True)

    If oAppKey IsNot Nothing Then
      oAppKey.GetSubKeyNames.Where(oAppQuery).ToList.ForEach(oAppResult)
    End If
  End With

  File.Delete(My.Resources.INI_FILE)
End Sub
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
1) Use WinSCP .NET assembly. It is completely stateless. So among other, it does not use the host key cache.
http://winscp.net/eng/docs/library

2) With scripting, use /ini=nul command-line parameter to isolate the script run from any configuration stored on the machine. Or use /ini= to point to your application-specific configuration file:
http://winscp.net/eng/docs/scripting#configuration
InteXX
[View user's profile]

Joined: 2009-05-17
Posts: 21
Location: Fairbanks, Alaska
prikryl wrote:
1) Use WinSCP .NET assembly. It is completely stateless. So among other, it does not use the host key cache.
http://winscp.net/eng/docs/library

2) With scripting, use /ini=nul command-line parameter to isolate the script run from any configuration stored on the machine. Or use /ini= to point to your application-specific configuration file:
http://winscp.net/eng/docs/scripting#configuration


Perfect. You've anticipated this need well. I can delete my registry access code.

Keep up the good work.

Thanks,
Jeff Bowman
Fairbanks, Alaska
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License