Why do I need to use SshHostKeyFingerprint in WinSCP .NET assembly, when WinSCP GUI does not require such option?

huangapple go评论77阅读模式
英文:

Why do I need to use SshHostKeyFingerprint in WinSCP .NET assembly, when WinSCP GUI does not require such option?

问题

这是您提供的代码的翻译部分:

这是我第一次使用WinSCP .NET客户端从远程Linux PC上传文件。如果我运行以下代码而没有定义`SshHostKeyFingerprint`,我会收到错误信息:

> SessionOptions.Protocol是Protocol.Sftp或Protocol.Scp,但SessionOptions.SshHostKeyFingerprint没有设置

因此,我认为定义`SshHostKeyFingerprint`是必需的,但我不知道应该写什么。当我使用已知的WinSCP软件工具连接到相同的Linux PC(协议:SFTP)时,我只需输入主机名、用户名和密码,即可建立连接。为什么在我使用我的代码时会要求输入`SshHostKeyFingerprint`?我在哪里可以找到远程服务器的`SshHostKeyFingerprint`?

尝试
{
    // 设置会话选项
    SessionOptions sessionOptions = new SessionOptions
    {
        Protocol = Protocol.Sftp,
        HostName = TagService.MAE_IP_PLC,
        UserName = "manufact",
        Password = "SUNRISE",
        //SshHostKeyFingerprint = "ssh-rsa 2048 xxxxxxxxxxx..."
    };

    using (Session session = new Session())
    {
        // 连接
        session.Open(sessionOptions);

        // 上传文件
        TransferOptions transferOptions = new TransferOptions();
        transferOptions.TransferMode = TransferMode.Binary;

        TransferOperationResult transferResult;
        transferResult =
            session.PutFiles(@"c:\test\versions_840Dsl", "/card/siemens/versions.xml", false, transferOptions);

        // 检查任何错误
        transferResult.Check();

        // 打印结果
        foreach (TransferEventArgs transfer in transferResult.Transfers)
        {
            Console.WriteLine("上传 {0} 成功", transfer.FileName);
        }
    }

    //返回 0;
}
catch (Exception e)
{
    Console.WriteLine("错误:{0}", e);
    //返回 1;
    using (StreamWriter sw = File.AppendText(CommonClass.error_path))
    {
        sw.WriteLine("WinSCP错误 " + e + " " + Convert.ToString(DateTime.Now));
    }
}
英文:

It is the first time I am using a WinSCP .NET client for uploading files from remote Linux PC. If I run following code without defining SshHostKeyFingerprint I get Error:

> SessionOptions.Protocol is Protocol.Sftp or Protocol.Scp, but SessionOptions.SshHostKeyFingerprint is not set

So I think it is mandatory to define a SshHostKeyFingerprint, but I have no idea what to write here. When I connect to the same Linux PC with the known WinSCP Software Tool (protocol: SFTP), I just enter the hostname, username and password, and the connection is established. Why am I asked for the SshHostKeyFingerprint when I use my code? Where can I find the SshHostKeyFingerprint of the remote server?

try
{
    // Setup session options
    SessionOptions sessionOptions = new SessionOptions
    {
        Protocol = Protocol.Sftp,
        HostName = TagService.MAE_IP_PLC,                    
        UserName = "manufact",
        Password = "SUNRISE",
        //SshHostKeyFingerprint = "ssh-rsa 2048 xxxxxxxxxxx..." ???????????
    };

    using (Session session = new Session())
    {
        // Connect
        session.Open(sessionOptions);

        // Upload files
        TransferOptions transferOptions = new TransferOptions();
        transferOptions.TransferMode = TransferMode.Binary;

        TransferOperationResult transferResult;
        transferResult =
            session.PutFiles(@"c:\test\versions_840Dsl", "/card/siemens/versions.xml", false, transferOptions);

        // Throw on any error
        transferResult.Check();

        // Print results
        foreach (TransferEventArgs transfer in transferResult.Transfers)
        {
            Console.WriteLine("Upload of {0} succeeded", transfer.FileName);
        }
    }

    //return 0;
}
catch (Exception e)
{
    Console.WriteLine("Error: {0}", e);
    //return 1;
    using (StreamWriter sw = File.AppendText(CommonClass.error_path))
    {
        sw.WriteLine("WinSCP Error " + e + " " + Convert.ToString(DateTime.Now));
    }
}

答案1

得分: 1

不正确的是,WinSCP GUI 不需要验证主机密钥。每个体面的 SSH/SFTP 客户端都需要这样做。验证主机密钥是确保 SSH 连接安全的重要部分。您可能只是忘记了 GUI 在第一次连接时要求您验证主机密钥。

相关问题:

还可以查看 WinSCP FAQ 在哪里获取 SSH 主机密钥指纹以授权服务器?


如果您不关心安全性,那么可以使用 SshHostKeyPolicy.GiveUpSecurityAndAcceptAny

英文:

It's not true that WinSCP GUI does not require verification of the host key. Every decent SSH/SFTP client require that. Verifying the host key is integral part of securing SSH connection. You have probably only forgotten that you were asked by the GUI to verify the hostkey on the first connection.

Related questions:

See also WinSCP FAQ Where do I get SSH host key fingerprint to authorize the server?


If you do not care about security, then use SshHostKeyPolicy.GiveUpSecurityAndAcceptAny.

huangapple
  • 本文由 发表于 2023年7月27日 20:24:17
  • 转载请务必保留本文链接:https://go.coder-hub.com/76779715.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定