Xceed .NET Libraries Documentation
Obtaining the server public key fingerprint

Welcome to Xceed .NET, .NET Standard and Xamarin Libraries! > Task-Based Help > SFTP capabilities > Obtaining the server public key fingerprint

During the connection sequence to a SSH server, the server sends its public key for authentication by the client. By default, the component accepts the public key received and the connection sequence moves to its next step.

It is possible for an application to be notified when the server's public key is received and authenticate the key using whatever method is appropriate for the application (e.g., using certificates or a local database, etc).

SSHClient's HostKeyReceived event governs this functionality. The event is triggered during connection sequence to a SSH server when the server's public key is received for authentication. The event arguments contain the server's public key. The key is available as an MD5 fingerprint or as the raw byte array. An application that subscribes to the event can accept or reject the key with the AcceptHostKey property.

using Xceed.SSH.Client;

using Xceed.SSH.Core;

using Xceed.SSH.Protocols;

using Xceed.FileSystem;



namespace DocumentationExamples.SSH

{

  class PublicKeyFingerprint1

  {

    private static void OnHostKeyReceived( object sender, HostKeyReceivedEventArgs e )

    {

      /* The server's fingerprint is available as both a both array or a string */

      byte[] hostKeyMD5Fingerprint = e.HostKeyMD5Fingerprint;

      string hostKeyMD5FingerprintString = e.HostKeyMD5FingerprintString;



      /* TODO: Perform your fingerprint validation... */



      /* We can choose to accept or reject the server's key. Here we accept. */

      e.AcceptHostKey = true;

    }



    static void Example()

    {

      string host = "sftptest.dreamhosters.com";

      string username = "snippet_sftp";

      string password = "9MNfGgSx";



      SSHClient ssh = new SSHClient();



      // Ask to be notified when we receive the server's key and other information

      ssh.HostKeyReceived += OnHostKeyReceived;



      try

      {

        ssh.Connect( host );

      }

      // These exception can be thrown by a call to Connect()

      catch( SSHIdentificationStringException )

      {

        // This means the component was unable to identify the server as a SSH server

        throw;

      }

      catch( SSHKeyExchangeException )

      {

        // This means the client and the server failed to negotiate terms for a connection

        // This usually indicates an interoperability problem with certain old or broken servers

        throw;

      }

      catch( UnsupportedSSHProtocolException )

      {

        // This means the server is using a version of the SSH protocol that is not supported.

        throw;

      }

      catch( SSHTimeoutException )

      {

        // This means the client did not receive a response from the server within the required

        // time. This usually indicate a problem with the Internet connection or an interoperability

        // problem between the server and the client.

        throw;

      }



      try

      {

        try

        {

          ssh.Authenticate( username, password );



          /* ... */

        }

        // These exceptions can be thrown by a call to Authenticate()

        catch( SSHIncorrectPasswordException )

        {

          // This means the authentication method is supported by the server but the password

          // was incorrect for the specified username 

          throw;

        }

        catch( SSHAuthenticationPartialSuccessException )

        {

          // This means the authentication was successful but the server requires an additional authentication

          // using another method specified in the exception information

          throw;

        }

        catch( SSHUnsupportedAuthenticationMethodException )

        {

          // This means the authentication method is not supported by the server

          throw;

        }

        catch( SSHAuthenticationFailedException )

        {

          // This means the authentication method failed

          throw;

        }

      }

      finally

      {

        // Always make sure to disconnect from the server when the connection is no longer needed

        ssh.Disconnect();

      }

    }

  }

}
Imports Xceed.SSH.Client

Imports Xceed.SSH.Core

Imports Xceed.SSH.Protocols

Imports Xceed.FileSystem



Namespace DocumentationExamples.SSH

  Friend Class PublicKeyFingerprint1

    Private Shared Sub OnHostKeyReceived(ByVal sender As Object, ByVal e As HostKeyReceivedEventArgs)

      ' The server's fingerprint is available as both a both array or a string 

      Dim hostKeyMD5Fingerprint() As Byte = e.HostKeyMD5Fingerprint

      Dim hostKeyMD5FingerprintString As String = e.HostKeyMD5FingerprintString



      ' TODO: Perform your fingerprint validation... 



      ' We can choose to accept or reject the server's key. Here we accept. 

      e.AcceptHostKey = True

    End Sub



    Private Shared Sub Example()

      Dim host As String = "sftptest.dreamhosters.com"

      Dim username As String = "snippet_sftp"

      Dim password As String = "9MNfGgSx"



      Dim ssh As New SSHClient()



      ' Ask to be notified when we receive the server's key and other information

      AddHandler ssh.HostKeyReceived, AddressOf OnHostKeyReceived



      Try

        ssh.Connect(host)

      ' These exception can be thrown by a call to Connect()

      Catch e1 As SSHIdentificationStringException

        ' This means the component was unable to identify the server as a SSH server

        Throw

      Catch e2 As SSHKeyExchangeException

        ' This means the client and the server failed to negotiate terms for a connection

        ' This usually indicates an interoperability problem with certain old or broken servers

        Throw

      Catch e3 As UnsupportedSSHProtocolException

        ' This means the server is using a version of the SSH protocol that is not supported.

        Throw

      Catch e4 As SSHTimeoutException

        ' This means the client did not receive a response from the server within the required

        ' time. This usually indicate a problem with the Internet connection or an interoperability

        ' problem between the server and the client.

        Throw

      End Try



      Try

        Try

          ssh.Authenticate(username, password)



          '... 

        ' These exceptions can be thrown by a call to Authenticate()

        Catch e5 As SSHIncorrectPasswordException

          ' This means the authentication method is supported by the server but the password

          ' was incorrect for the specified username 

          Throw

        Catch e6 As SSHAuthenticationPartialSuccessException

          ' This means the authentication was successful but the server requires an additional authentication

          ' using another method specified in the exception information

          Throw

        Catch e7 As SSHUnsupportedAuthenticationMethodException

          ' This means the authentication method is not supported by the server

          Throw

        Catch e8 As SSHAuthenticationFailedException

          ' This means the authentication method failed

          Throw

        End Try

      Finally

        ' Always make sure to disconnect from the server when the connection is no longer needed

        ssh.Disconnect()

      End Try

    End Sub

  End Class

End Namespace
See Also

General Information