Is there two public-keys? (and a bug)

Discussion of open issues, suggestions and bugs regarding network security and data protection solution - SecureBridge
Post Reply
kaffeburk
Posts: 214
Joined: Mon 29 Jan 2007 08:03

Is there two public-keys? (and a bug)

Post by kaffeburk » Tue 08 Dec 2020 11:26

Hello,

I found out that i can't use the original public-key as publickey in the ScSsh client. It must be a key bounced back from the server. And the OnServerKeyvalidate must be used.

If I only click "connect" with no public key I get the option to transfer a publickey. But no key is transfered. It will work if the old bounced key still is present in the folder, but not included in the property list. I guess you have tested this function by removing the name from the propertylist but not the actual key from the folder. So its a bug. No file is transfered.

ViktorV
Devart Team
Posts: 3168
Joined: Wed 30 Jul 2014 07:16

Re: Is there two public-keys? (and a bug)

Post by ViktorV » Sun 13 Dec 2020 08:02

For the publickey authentication type, SSH uses two different keys: the server key and the client key. The server key is used to authenticate the SSH server and is verified on the client side. Its name is specified in the TScSSHClient.HostKeyName property. The client key is used to authenticate the client and is verified on the SSH server side. Its name is specified in the TScSSHClient.PrivateKeyName property. The private key also contains the public key, distributed as a single key.
Note that the server key is used for all authentication types. As we wrote earlier, when the client is connecting to the SSH server, SecureBridge looks for the key under the path specified in the property TScFileStorage.Path - if it's found, the client uses the key. If the key was not found, you can use the TScSSHClient.OnServerKeyValidate event handler to obtain the server key and import it to TScStorage. If the TScSSHClient.OnServerKeyValidate event handler is not triggered, then the server key was found and authenticated.
If the public key is present in the folder specified in the TScFileStorage.Path property, but theTScSSHClient.OnServerKeyValidate event handler is triggered, the key is not a correct public key of the server.

Post Reply