Topic "using required hostkey in winscp.com versus VB.net and dll"

Author Message
Master468
[View user's profile]

Joined: 2015-09-13
Posts: 4
I'm looking to retrieve a file via sftp from several remote systems (I've already connected to all the systems and the keys have been added to Putty's cache).

When using winscp.com I can use:

Code:
open sftp://username:password@10.22.49.14/ -hostkey="ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"


This works correctly for any IP I use.

When I try this using vb.net and the dll it doesn't.

Code:
.SshHostKeyFingerprint = "ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"


I get an error Error: System.ArgumentException: SSH host key fingerprint does not match pattern

The only way I have gotten this to work so far is to enter the specific key

Code:
.SshHostKeyFingerprint = "ssh-rsa 2048 9e:f1:1e:93:91:37:ed:dd:ee:51:4e:c4:66:6f:bb:68"


I have a lot of systems to connect to (and new ones will be added as well) and prefer not to hard code all the keys in my application. Is there a way to get this to work like winscp.com so I can just use "xx:xx:xx..." for all the systems I connect to?
Advertisements
kamii47
[View user's profile]

Joined: 2015-09-14
Posts: 4
why not you put the keys in some configurations?
It is not possible to recognized xxxx as your actual key
Master468
[View user's profile]

Joined: 2015-09-13
Posts: 4
All configurations have keys and they are already stored on the system. This works using winscp.com. What I want to know is there a way to do this via VB.net/dll?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24995
Location: Prague, Czechia
Master468 wrote:
I'm looking to retrieve a file via sftp from several remote systems (I've already connected to all the systems and the keys have been added to Putty's cache).

When using winscp.com I can use:

Code:
open sftp://username:password@10.22.49.14/ -hostkey="ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"

This work's only because you have the key in the cache.
The actual -hostkey switch has an invalid syntax is effectively ignored. You could have used -hostkey="huhu" with the same effect.

It actually not recommended to have the script rely on WinSCP GUI configuration:
https://winscp.net/eng/docs/scripting#configuration

The assembly is a step further, it won't use the GUI configuration.

The expected server's host key is a part of the session setup and should be provided in the code the same way you provide the hostname and credentials.
Master468
[View user's profile]

Joined: 2015-09-13
Posts: 4
Thanks prikryl.

Following the link you referenced I went to the page "converting your script to code that uses WinSCP .NET assembly." There is showed a script converted to PowerShell code with setup as follows:

Code:
    # Setup session options
    $sessionOptions = New-Object WinSCP.SessionOptions
    $sessionOptions.Protocol = [WinSCP.Protocol]::Sftp
    $sessionOptions.HostName = "example.com"
    $sessionOptions.UserName = "user"
    $sessionOptions.Password = "password"
    $sessionOptions.SshHostKeyFingerprint = "ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
 
    $session = New-Object WinSCP.Session



This shows the use of "ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" which is what I am trying to accomplish in VB.net but it is not working. Is there a reason this does not work in VB.net?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24995
Location: Prague, Czechia
The example shows that you convert
-hostkey="ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
to $sessionOptions.SshHostKeyFingerprint = "ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"

The xx:xx:xx:... is just a placeholder for the actual key fingerprint, not a literal value.

If you use the literal xx:xx:xx:... in the script, it is ignored. If the script works with the xx:xx:xx:..., it means the script relies on the GUI configuration for the host key verification, what is not recommended. Just as if the -hostkey switch was not even present.

The assembly cannot use the GUI configuration. Hence, there's no way to convert script that relies on GUI configuration to the .NET assembly. In the .NET assembly you have to explicitly provide the host key fingerprint (just as is recommended in the script).
Master468
[View user's profile]

Joined: 2015-09-13
Posts: 4
OK thanks
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License