Discuss this help topic in SecureBlackbox Forum
Get a fingerprint of an SSH key
SSH key fingerprints are often used by human users to authenticate the server.
While it is quite difficult for human to remember the whole value of the host key, remembering its fingeprint or at least some of its components is much easier.
It is also easier to confirm the integrity of the key by its fingerprint when connecting to the server for the first time, especially if it is done over the phone.
To get key fingeprint, use TElSSHKey's FingerprintXXX properties.
The fingerprint is calculated over the public part of the key, so it is the same whether calculated over the public key or its corresponding private key.
Four properties are available:
- FingerprintMD5: returns 16-byte MD5 fingerprint in form of internal TMessageDigest128 object. Use SBUtils.Unit.DigestToBinary128() (or DigestToBinary() on some platforms) method to convert it to byte array.
- FingerprintSHA1: returns 20-byte SHA1 fingerprint in form of internal TMessageDigest160 object. Use SBUtils.Unit.DigestToBinary160() (or DigestToBinary() on some platforms) method to convert it to byte array.
- FingerprintMD5String: returns text human-readable string representing the MD5 fingerpint (e.g. '00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff').
- FingerprintSHA1String: returns text human-readable string representing the SHA1 fingerpint (e.g. '00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:0a:1b:2c:3d').
How To articles about SSH keys
Discuss this help topic in SecureBlackbox Forum
