> -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Michael Wood > Sent: Wednesday, October 14, 2009 4:03 PM > To: libcurl development > Subject: Re: libcurl and libssh2 > > I have never used libcurl's libssh2 support, but according to this: > > http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#SSH > > it looks like you can either use > CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 to specify the MD5 hash of > the remote hosts key, or you can make sure the host key is > cached in the .ssh/known_hosts file.
It seems the host key is already in the file ~/.ssh/known_hosts: ================================================== 13.198.98.190 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqmvaJxoMOyeNAW5HPPP8OJtqOX2bBg 84NjFHnGFhKcmua3DwHE781J+GKaEYmSeaMAp9Wubtr6/tvqJkjOf66tIUKdOQW5ynXiiY5hQFqI29+1 qFulpoTpbW/LlICXg+lvw8qV+cj7zhZDRPKhfAZrUeZoofgT7EF5MKqTCGrr1SuL6PUEaa4zBVGbl+p8 2xPXZhKbwQXSPyPieLKDUeAWm3jlXdiMx44OjBVoAKUnwQ4aieqeVtM+XGN0iwNPGR3DwQwN1JlupLJF 8sNEggnbSccB/ihBSBJaUmYo/Q3Bveaa5UxhXw4OY1P5tM0LgOVhu/i8ZYGsSsUdd+ySlwaw== durian ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqmvaJxoMOyeNAW5HPPP8OJtqOX2bBg84NjFHn GFhKcmua3DwHE781J+GKaEYmSeaMAp9Wubtr6/tvqJkjOf66tIUKdOQW5ynXiiY5hQFqI29+1qFulpoT pbW/LlICXg+lvw8qV+cj7zhZDRPKhfAZrUeZoofgT7EF5MKqTCGrr1SuL6PUEaa4zBVGbl+p82xPXZhK bwQXSPyPieLKDUeAWm3jlXdiMx44OjBVoAKUnwQ4aieqeVtM+XGN0iwNPGR3DwQwN1JlupLJF8sNEggn bSccB/ihBSBJaUmYo/Q3Bveaa5UxhXw4OY1P5tM0LgOVhu/i8ZYGsSsUdd+ySlwaw== ================================================== The above is the content of the file, although it seems meaningless to me. :-( > To get the key into the known_hosts files, you can just try > to run the ssh command line tool to connect to the remote > machine. It does not seem like there is a way to do it from > within libcurl, but maybe I am wrong. > > Anyway, you would need to verify that this key is correct, > otherwise you would be vulnerable to man in the middle > attacks, so maybe libcurl just thinks it's someone else's > problem to get the key before telling libcurl to connect to > the remote machine. How to verify the key is correct? What toolkit shall I use? Thanks, Xu Qiang ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
