login about faq

Having very little experience on this... I have a task to resolve an issue where our .net (C#/ASP) Chilkat v9.4.1.42 client SFTP connection needs to authenticate the host which can be 1 of 4 per the virtual IP load balancing. I'm told we need to add these 4 host public key entries into the known_hosts file. Issue: our Windows 2008 R2 client server apparently has no SSH installed (no dir or known host file found). If I have our SSH tools (bundle including PuTTY, WinSCP etc.) installed on the client server and add these host entries to the known_hosts file... will my .net Chilkat connection magically recognize and authenticate successfully now? Or is there some chilkat connection object property/method I need to modify in the c# code to 'register' these 4 server hosts?

~Thanks in advance to anyone able to offer some guidance. .·´¯·.¸><(((º> ? <º(((><¸¸.·´¯·.¸

This question is marked "community wiki".

asked Jan 08 at 09:29

Scooter's gravatar image

Scooter
11

edited Jan 08 at 09:31


I'll explain how this is a non-issue.

One must remember that Chilkat is an API, whereas these other things (PuTTY, WinSCP, etc.) are applications. The "known host file" is a feature of the application. An API should never assume nor require a specific file such as this. An application may choose to utilize a known hosts file, perhaps it's own private known hosts file, or maybe a "known hosts" database table..

What PuTTY, WinSCP, and these other applications do is (1) connect to the SSH server and then (2) examine the fingerprint of the server's host key, and then (3) check to see if this fingerprint is in the known hosts file, and if not, then interactively give the user a choice..

With Chilkat, your application makes a call to Connect. Once the connection is established, your app may examine the host key fingerprint via the HostKeyFingerprint property. It is up to your app to decide if it wishes to even check the host key fingerprint, and if so, it is up to your app to implement for itself how to persist a collection of "known host key fingerprints" -- perhaps to a file, perhaps to a database table, etc. In summary, Chilkat is not tied to some system file containing known hosts. This functionality is left for your app to decide what it wishes to do..

link

answered Jan 08 at 10:05

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Perfect answer to make my Friday!

But for my own further education… you talk about steps (2) and (3) optionally inspecting/comparing the HostKeyFingerPrint. The 4 host entries I was instructed to add to a known hosts (if we used one as you explain) look like host public keys.. not a finger prints?

Example(1 of 4): Somehost1.somewhere.com,100.10.10.100 ssh-rsa AAAAB3Nz <long key="" here=""> 1qDwp9w==

Example of a finger print property after API connects to host: ssh-dss 1024 2c:08:b4:59:9d:3b:ce:90:b8:49:58:61:3a:e7:9a:c9

Can the known host serve either purpose then depending on the application?

(Jan 08 at 10:31) Scooter
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×31
×28
×12
×6
×2

Asked: Jan 08 at 09:29

Seen: 445 times

Last updated: Jan 08 at 10:31

powered by OSQA