Topic "SFTP Decrypt Public Key using PPK file and password"

Author Message
Remi Tavernier
[View user's profile]

Joined: 2016-06-27
Posts: 6
Location: France
Hi,

I'm currently programming in vb.net a software that needs to connect to an SFTP server.

I have a .ppk file with my public en private key in it (encoded). I also know my user name and password to connect to the server.

If I connect using Winscp application directly using the ppk file and the passwords I know, I can connect fine.
From there I can generate the code to connect directly using the assembly.

I manage to connect using the assembly, there is no problem about that.

My only problem is that the ".SshHostKeyFingerprint" variable from the sessionoptions that I use is hardwritten.

I would like to be able to generate the ".SshHostKeyFingerprint" directly using my ".SshPrivateKeyPath" and the password linked to it. Thus I need to decrypt the public key in the ppk file using the password I suppose.

Can anyone help me on that?

Cordialy,

Tavernier Rémi
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24998
Location: Prague, Czechia
The SshHostKeyFingerprint has nothing to do with private/public key of your account. It's your server's public key.

To understand, see:
https://winscp.net/eng/docs/ssh_keys
Remi Tavernier
[View user's profile]

Joined: 2016-06-27
Posts: 6
Location: France
Ok, thank you I really misunderstood this line.

So I must learn the server public key the first time I try to connect to it.

Here there is a guide to implement ssh host key cache.
Using the C# exemple it is prety easy to do a vb.net Code.

I will try to write a small sample of code to make it work.

https://winscp.net/eng/docs/library_example_known_hosts

Thanks
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24998
Location: Prague, Czechia
You should not automate this. It does not make sense. You lose the protection against the MITM attacks, what the hostkey is good for. It's like trying to automate a password.

Anyway, see https://winscp.net/eng/docs/library_example_known_hosts
Remi Tavernier
[View user's profile]

Joined: 2016-06-27
Posts: 6
Location: France
The first time you connect using WinSCP, it ask you if you want to accept the public key host? If you had it to the cache, it will not ask you again.

I just want it to work the same way like the linked exemple show.

Is it bad ? Should I let the user always click on something to accept the connection ?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24998
Location: Prague, Czechia
Remi Tavernier wrote:
The first time you connect using WinSCP, it ask you if you want to accept the public key host? If you had it to the cache, it will not ask you again.

I just want it to work the same way like the linked exemple show.

Is it bad ? Should I let the user always click on something to accept the connection ?

That's fine. You just need to get the user involved on every new or changed hostkey.
Remi Tavernier
[View user's profile]

Joined: 2016-06-27
Posts: 6
Location: France
Thanks a lot for your help,

you can mark this post as Resolved
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License