I am using Tamir.SharpSSH to make SFTP connections in my .NET code. I have servers' host, port, username, password and servers' fingerprint.
I am able to connect to the server without the fingerprint. Is there any way to match the fingerprint that I have with the servers' before making the connection?
Following is my C# code for the connection:
string _ftpURL = "ftp.com"; //Host URL or address of the SFTP server
string _UserName = "Login_Id"; //User Name of the SFTP server
string _Password = "12345"; //Password of the SFTP server
int _Port = 22; //Port No of the SFTP server (if any)
string _ftpDirectory = "ReceivedFiles"; //The directory in SFTP server where the files will be uploaded
string LocalDirectory = "D:\\FilePuller"; //Local directory from where the files will be uploaded
ArrayList UploadedFiles = new ArrayList();
Sftp oSftp = new Sftp(_ftpURL, _UserName, _Password);
oSftp.Connect(_Port);
Is there anyway I can add a check for Server's fingerprint before connecting to the SFTP Server?
The SharpSSH is stupid enough not to verify the host keys by default.
You would have to re-implement SshBase.ConnectSession not to set StrictHostKeyChecking to no.
JSch.getHostKeyRepository().add() to configure expected host key (or implement HostKeyRepository interface).UserInfo interface, particularly the promptYesNo method.