check fingerprint after connection

0 votes
asked Sep 8, 2010 by ubuser (140 points)
edited Sep 9, 2010

Hi, How do I check fingerprint after connection?

Thanks.

Applies to: Rebex SFTP

1 Answer

+1 vote
answered Sep 9, 2010 by Vit Zyka (1,000 points)
edited Sep 9, 2010

Hi,

I guess you are asking for fingerprint checking in the sftp connection. There is a code scatch:

string hostname = "your-host-name";

// get server fingerprint
Sftp client = new Sftp();
client.Connect(hostname);
string fingerprint = client.Fingerprint;

// loading from some storage (defining is up to you)
Dictionary<string,string> approvedFingerprints = LoadApprovedFingerprints();

// check finger print
if (approvedFingerprints.ContainsKey(hostname))
{
    if (fingerprint == approvedFingerprints[hostname])
    {
        // checking OK
    }
    else
    {
        // hostname changed !
        //   if you trust: 
            //     approvedFingerprints[hostname] = fingerprint;
    }
}
else
{
    // new or disaproved hostname
    //   if you trust: approvedFingerprints[hostname] = fingerprint;
}

SaveApprovedFingerprints(approvedFingerprints);

A brief description of fingerprint checking is given in the Rebex SFTP Tutorial, Basics.

commented Sep 9, 2010 by ubuser (140 points)
Hi, You showed a code that is calling LoadApprovedFingerprints() method. Can you explain in detail? I am coding in vb.net. At the bottom you wrote: SaveApprovedFingerprints(approvedFingerprints); Why do we need to do this. Let me know. Thanks
commented Sep 10, 2010 by Martin Vobr (12,940 points)
Hi, the LoadApprovedFingerprints and SaveApprovedFingerprints are method that need to be implemented by you. It should store and load pairs of hostname-fingerprint which you trust. It's implementation is application specific. Different code would be used when storing it to the database table, to xml file or to registry. You can even provide a hard coded set of trusted fingerprints and encode it to your application.
...