Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

Advertisement

Orionsg
Guest

Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

When I connect manually using the GUI WinSCP client to an SFTP site, I specify Host Name, User Name and Private Key File. No password or fingerprint is needed to connect. However, when I try to connect through the .NET client by specifying the same corresponding properties, I get this error:
System.ArgumentException: SessionOptions.Protocol is Protocol.Sftp or Protocol.Scp, but SessionOptions.SshHostKeyFingerprint is not set.
Is there a default value set for this property when using the Windows GUI client that I need to set directly when using the .NET client?

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,020
Location:
Prague, Czechia

Re: Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

Orionsg wrote:

When I connect manually using the GUI WinSCP client to an SFTP site, I specify Host Name, User Name and Private Key File. No password or fingerprint is needed to connect.
That's not true. On the first connect, you are prompted to verify a public key of the server.

Reply with quote

Orionsg
Guest

Re: Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

You are absolutely correct :).
I did not have to enter anything, but there was a message with the public key.

In the meanwhile I have studied the Session class a bit further and found the ScanFingerprint method to get the public key, including the example. Using this, I was able to get my code to work as expected.

Thanks for your reply and the awesome client!

Reply with quote

martin
Site Admin
martin avatar

Re: Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

Note that you should use the ScanFingerprint only to implement an interactive prompt to get the public key verified by an user.
You should not use it to automatically accept the key! That does not make you safe. It would be effectively the same as setting the SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey.

Reply with quote

Advertisement

SK
Guest

Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

I am having the same issue,
SessionOptions sessionOptions = new SessionOptions
{
    Protocol = Protocol.Sftp,
    HostName = _sftpConfig.Value.HostName,
    UserName = _sftpConfig.Value.UserName,
    PortNumber = _sftpConfig.Value.Port,
 
    SshPrivateKeyPath = sftpKeyPath
};

Reply with quote

martin
Site Admin
martin avatar

Re: Why is SshHostKeyFingerprint needed when SshPrivateKeyPath is set to private key file

@SK: So please follow the link included in my previous post.

Reply with quote

Advertisement

You can post new topics in this forum