Advertisement
Advertisement
It seems there is a way to obtain the SshHostKeyFingerprint value from a site. I can do this with various tools, but not programmatically. This appears to be necessary to access an SFTP site through the API. I have been searching around for an example of how to do this, but so far have not found it. Am I missing the obvious? Is there something in the winscpnet API which can do this for me? Is there a code example somewhere? Thanks for any help.
Session.ScanFingerprint to obtain the fingerprint automatically.
SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey does.
But you should not useSession.ScanFingerprintto obtain the fingerprint automatically.
That's just a less effective way to do whatSessionOptions.GiveUpSecurityAndAcceptAnySshHostKeydoes.
See https://winscp.net/eng/docs/faq_hostkey
It's not the best way. But it's acceptable. It's all covered in the FAQ linked above.Thanks for that poiter. I'll take a look. My usage is always to a very small set of known sites. I could easily store these values and validate they have not changed. Would that be the best way to ensure the transfer is secure?
Advertisement
You can post new topics in this forum