Server fingerprint, a hash of the server's public key, depends on:
1. The negotiated host key algorithms (most servers support at least two algortihms (RSA and DSA), it's up to the client which one it selects and each uses a different public key.
Rebex SFTP and Rebex SSH use DSA by default, but many other clients prefer RSA, leading to different fingerprints. To prefer RSA as well, set
SshHostKeyAlgorithm.RSA (check out this tutorial for information on setting SSH parameters).
2. The hash algorithm used to calculate the key.
Ssh object's Fingerprint property always return an MD5 hash of the server's public key, but
SshSession object offers more - its
Fingerprint property is an
SshFingerprint object whose
ToString method accepts an argument, making it possible to get a fingerprint calculated using another hash algorithms. To get an SHA-256 fingerprint from a connected
Sftp object, use the following code:
string fingerprint = sftp.Session.Fingerprint.ToString(SignatureHashAlgorithm.SHA256);
It's not currently possible to get the server public key, but the next release already has this feature. It will be released very soon, but if you would like to try a beta, please let me know.