How are SFTP fingerprints handled?

rconn

Administrator
Staff member
May 14, 2008
10,506
94
#4
TCC shows me this:
Code:
v:\> dir sftp://vefatica.net
The server provided the following fingerprint:
  e4:dd:11:2e:82:34:ab:62:59:1c:c8:62:1d:4b:48:99

Would you like to continue? (Y/N)?
That's correct, but that's not what you originally asked.

The ipworks ssh class passes the fingerprint when the class connects. If you accept it, it gets saved to your .INI file (server + fingerprint). (But it is never deleted.) When you reconnect, TCC looks to see if there's a match in the .INI file; if so it's accepted, if not you get the prompt.
 
#5
I must have been doing two different things when I noticed the same version of TCC asking twice about the fingerprint. Now I see that it's actually in the INI file twice and I'm not asked about it any longer.
Code:
v:\> grep 48:99 %_ininame
vefatica.net=e4:dd:11:2e:82:34:ab:62:59:1c:c8:62:1d:4b:48:99
sftp://vefatica.net=e4:dd:11:2e:82:34:ab:62:59:1c:c8:62:1d:4b:48:99