Obtaining fingerprint for SFTP

Advertisement

jricci9999
Joined:
Posts:
3
Location:
Florida

Obtaining fingerprint for SFTP

It seems there is a way to obtain the SshHostKeyFingerprint value from a site. I can do this with various tools, but not programmatically. This appears to be necessary to access an SFTP site through the API. I have been searching around for an example of how to do this, but so far have not found it. Am I missing the obvious? Is there something in the winscpnet API which can do this for me? Is there a code example somewhere? Thanks for any help.

Reply with quote

Advertisement

jricci9999
Joined:
Posts:
3
Location:
Florida

Re: Obtaining fingerprint for SFTP

jricci9999 wrote:

It seems there is a way to obtain the SshHostKeyFingerprint value from a site. I can do this with various tools, but not programmatically. This appears to be necessary to access an SFTP site through the API. I have been searching around for an example of how to do this, but so far have not found it. Am I missing the obvious? Is there something in the winscpnet API which can do this for me? Is there a code example somewhere? Thanks for any help.

I found the function. It's Session.ScanFingerprint(SessionOption options, String algorithm).

Reply with quote

jricci9999
Joined:
Posts:
3
Location:
Florida

Re: Obtaining fingerprint for SFTP

martin wrote:

But you should not use Session.ScanFingerprint to obtain the fingerprint automatically.
That's just a less effective way to do what SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey does.

See https://winscp.net/eng/docs/faq_hostkey

Thanks for that poiter. I'll take a look. My usage is always to a very small set of known sites. I could easily store these values and validate they have not changed. Would that be the best way to ensure the transfer is secure?

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
41,517
Location:
Prague, Czechia

Re: Obtaining fingerprint for SFTP

jricci9999 wrote:

Thanks for that poiter. I'll take a look. My usage is always to a very small set of known sites. I could easily store these values and validate they have not changed. Would that be the best way to ensure the transfer is secure?
It's not the best way. But it's acceptable. It's all covered in the FAQ linked above.

Reply with quote

Advertisement

You can post new topics in this forum