0 votes
by (140 points)
edited

Hi, How do I check fingerprint after connection?

Thanks.

Applies to: Rebex SFTP

1 Answer

+1 vote
by (1.0k points)
edited

Hi,

I guess you are asking for fingerprint checking in the sftp connection. There is a code scatch:

string hostname = "your-host-name";

// get server fingerprint
Sftp client = new Sftp();
client.Connect(hostname);
string fingerprint = client.Fingerprint;

// loading from some storage (defining is up to you)
Dictionary<string,string> approvedFingerprints = LoadApprovedFingerprints();

// check finger print
if (approvedFingerprints.ContainsKey(hostname))
{
    if (fingerprint == approvedFingerprints[hostname])
    {
        // checking OK
    }
    else
    {
        // hostname changed !
        //   if you trust: 
            //     approvedFingerprints[hostname] = fingerprint;
    }
}
else
{
    // new or disaproved hostname
    //   if you trust: approvedFingerprints[hostname] = fingerprint;
}

SaveApprovedFingerprints(approvedFingerprints);

A brief description of fingerprint checking is given in the Rebex SFTP Tutorial, Basics.

by (140 points)
Hi, You showed a code that is calling LoadApprovedFingerprints() method. Can you explain in detail? I am coding in vb.net. At the bottom you wrote: SaveApprovedFingerprints(approvedFingerprints); Why do we need to do this. Let me know. Thanks
by (13.0k points)
Hi, the LoadApprovedFingerprints and SaveApprovedFingerprints are method that need to be implemented by you. It should store and load pairs of hostname-fingerprint which you trust. It's implementation is application specific. Different code would be used when storing it to the database table, to xml file or to registry. You can even provide a hard coded set of trusted fingerprints and encode it to your application.
...