IP*Works! Auth V9 - Online Help
IP*Works! Auth V9
Questions / Feedback?

SSHServerAuthentication Event

Fired after the server presents its public key to the client.

Syntax

typedef void __fastcall (__closure *TipaSSHAuthSSHServerAuthenticationEvent)(System::TObject* Sender, TipaSSHAuthSSHServerAuthenticationEventParams *e);

__property TipaSSHAuthSSHServerAuthenticationEvent OnSSHServerAuthentication = {read=FOnSSHServerAuthentication, write=FOnSSHServerAuthentication};

typedef struct {
     String HostKey;
     String Fingerprint;
     String KeyAlgorithm;
     bool Accept;
} TipaSSHAuthSSHServerAuthenticationEventParams;

Remarks

This event is where the client can decide whether to continue with the connection process or not. If the public key is known to be a valid key for the SSH server, Accept should be set to true within the event. Otherwise, the server will not be authenticated and the connection will be broken.

The full binary text of the key will be provided in HostKey, in the same format used internally by SSH. For easier comparison, Fingerprint will be an MD5 hash of HostKey in the hex-encoded form: "0a:1b:2c:3d".

When the event is fired, Accept will be true only if either HostKey or Fingerprint is identical to the value of SSHAcceptServerHostKey. KeyAlgorithm specifies the name of the key algorithm used, e.g., "ssh-rsa".

SSH's security inherently relies on client verification of the host key. Ignoring the host key and always setting Accept to true is strongly discouraged, and could cause potentially serious security vulnerabilities in your application. It is recommended that clients maintain a list of known keys for each server and check HostKey against this list each time a connection is attempted.

 
 
Copyright (c) 2017 /n software inc. - All rights reserved.
Build 9.0.6240.0