0

I am using Tamir.SharpSSH to make SFTP connections in my .NET code. I have servers' host, port, username, password and servers' fingerprint.

I am able to connect to the server without the fingerprint. Is there any way to match the fingerprint that I have with the servers' before making the connection?

Following is my C# code for the connection:

string _ftpURL = "ftp.com"; //Host URL or address of the SFTP server
string _UserName = "Login_Id";      //User Name of the SFTP server
string _Password = "12345";   //Password of the SFTP server
int _Port = 22;                  //Port No of the SFTP server (if any)
string _ftpDirectory = "ReceivedFiles"; //The directory in SFTP server where the files will be uploaded
string LocalDirectory = "D:\\FilePuller"; //Local directory from where the files will be uploaded

ArrayList UploadedFiles = new ArrayList();

Sftp oSftp = new Sftp(_ftpURL, _UserName, _Password);

oSftp.Connect(_Port);

Is there anyway I can add a check for Server's fingerprint before connecting to the SFTP Server?

ReshaD
  • 936
  • 2
  • 18
  • 30
gaurav sachdeva
  • 57
  • 1
  • 7

1 Answers1

0

The SharpSSH is stupid enough not to verify the host keys by default.

You would have to re-implement SshBase.ConnectSession not to set StrictHostKeyChecking to no.

  • And then use JSch.getHostKeyRepository().add() to configure expected host key (or implement HostKeyRepository interface).
  • Or implement UserInfo interface, particularly the promptYesNo method.
Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
  • HI, Thanks for your help. I have set the StrictHostKeyChecking property to yes, but could you please elaborate on the next step (any sample code). This is how i have set StrictHostKeyChecking property. Code : Hashtable config = new Hashtable(); config.Add("StrictHostKeyChecking", "yes"); – gaurav sachdeva Mar 02 '15 at 08:51
  • Hi Martin, I was going through the forums and like you many others suggested to go for Known_Hosts implementation.However i am confused as to where should that file (known_hosts) be placed as i could not locate the path ~/.ssh/known_hosts. i am working on a windows machine and using .net code. Can you please help me with the implementation of known_hosts. – gaurav sachdeva Mar 02 '15 at 13:38
  • I do not suggest `known_hosts` implementation. I believe that `JSch.getHostKeyRepository().add()` is the simplest and most straightforward solution. – Martin Prikryl Mar 02 '15 at 13:40
  • Do u have any sample code? I am a complete newbie to sFTP.. ;-( – gaurav sachdeva Mar 02 '15 at 13:41
  • Martin can you please provide some inputs. i have implemented myJsch.getHostKeyRepository().add and its still throwing "reject hostkey exception" UserInfo ui=new MyUserInfo(); mySession.setUserInfo(ui); myJsch.getHostKeyRepository().add(_ftpURL, fingerPrint_bytes, ui); Q1) In this is the fingerprint supposed to be converted in bytes? Q2) What all should be there in the "ui" object. – gaurav sachdeva Mar 03 '15 at 06:33
  • Hey... Just got done with this... :-) All thanks to u Martin... a small eureka moment for me.. :-p – gaurav sachdeva Mar 03 '15 at 06:42
  • A small question.. in this implementation, sharpSSH asks me whether i want to trust a particular finger print or not. Is there a way i can skip this step and accept it programmitically? But, I do not want to set "strictHostKeyChecking" to "no". Is there any workaround. i was thinking of adding the fingerprint in the Known_hosts file manually but I think I cannot do so as the finger prints are stored in encrypted format in known_hosts file. Can you please suggest some work-around for this. – gaurav sachdeva Mar 04 '15 at 12:30
  • What do you mean by "asks me"? When does it ask you? What specifically? – Martin Prikryl Mar 04 '15 at 13:16