In what format are SSH host keys stored?

Advertisement

CaBabaSiMitralier
Joined:
Posts:
4

In what format are SSH host keys stored?

If I access an SFTP server that returns the following public key:
W6/lu6bST+BmHRgO862W2dsjjV3jwntPyCYt1eDokiQ=
...and then I access the following Registry location:
HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SshHostKeys
...the public key has been stored like this:
0x10001,0xb243b208746807d29a67f0a2b9737b4f7938658fa6f842a09692d5c05c24e4144e4469dc235f3ffee0b2eaa786f3a98bfe59d2032d8990b7ad828422bf6c1ac125c3c7356f2c63ef3cb617bc9488d47cff4cb368286413d09ce031c72fdd5fc81129d6a9368e7c20007773a8b4b8dfdfa257d4d5218c9528de1b03891a47204c5d75e9405d8830670e513bdf3f1cbb197ccff83128e3b0f458e426df6ecb93860518833ecfb4faaf5411e9f0e3ef6aebf348ed886816cf550bb27990351e2ca838977eec51b46766a918f8a3911899d1d289399d958f222469e1b6ecb47a3fcb9ead4353314b45ccca121524b98d82d2e8331958d6a3d9a31dfc2e42bdba1711

What format is that?

The reason I ask is that I have a use case where I need to manually add a public key to the registry, but that would require reproducing that format.

As a follow-up question, if it would be better to use the winscp.ini file instead, how do I configure the .NET WinSCP assembly to use this file, rather than the registry?

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,504
Location:
Prague, Czechia

Re: In what format are SSH host keys stored?

The first format in your post is just a SHA-256 fingerprint of the host key.
What WinSCP stores into the registry is a full host key.
Why do you want to store the key into the registry manually?
Note that you can store the fingerprint into the registry too.

WinSCP .NET assembly does not use the registry nor the INI file. In the assembly, you are supposed to set the SessionOptions.SshHostKeyFingerprint:
https://winscp.net/eng/docs/library_sessionoptions#sshhostkeyfingerprint

Though the latest beta can actually use the registry cache with its new SshHostKeyPolicy.AcceptNew mode:
https://winscp.net/eng/docs/library_sessionoptions#sshhostkeypolicy

Reply with quote

Kal84
Guest

regedit SshHostKeys

I am also looking at the \Software\Martin Prikryl\WinSCP 2\SshHostKeys key and seeing the hostkeys data in a format like below:
"0x1234567890123456789012345678901234567890123456789012345678901234,
0x1234567890123456789012345678901234567890123456789012345678901234"
I would like to know how I can generate these values; I am assuming they come from the fingerprint, e.g. 12:34:56:78:90:12:34:56:78:90:12:34:56:78:90:12.

Reply with quote

martin
Site Admin
martin avatar

Re: regedit SshHostKeys

@Kal84: As I wrote above: "What WinSCP stores into the registry is a full host key." So no, it does not come from the fingerprint. Quite on the contrary. The fingerprint comes from the full key. But as I also wrote, "you can store the fingerprint into the registry too".

Reply with quote

Advertisement

You can post new topics in this forum