This project is read-only.

HostKeyReceived validate Host Key

Aug 22, 2013 at 12:14 PM
Hi,

I have been able to successfully validate host key fingerprint, but I was wondering how to validate the host key based on a .pub public key file I have?

My current attempts have taken me this far:
private void _client_HostKeyReceived(object sender, HostKeyEventArgs e)
        {
            Log(LogLevel.Info, String.Format("SSH Client host key recevied: {0}", e.HostKeyName));

            try
            {
                // Read the bytes from the public key file.
                var publicKeyFileBytes = File.ReadAllBytes(PublicKeyPath);

                var algorithmKey = ((SshLib.SshClient) sender).ConnectionInfo.CurrentHostKeyAlgorithm;
                var algorithm = ((SshLib.SshClient) sender).ConnectionInfo.HostKeyAlgorithms[algorithmKey];
                var result = algorithm.Invoke(e.HostKey);

                // Check the sequences match.
                if (result.VerifySignature(publicKeyFileBytes, /* What is this? */))
                {
                    Log(LogLevel.Info, "Host key has been authenticated.");

                    // Setting e.CanTrust informs the SSH Client if authentication has passed.
                    e.CanTrust = true;
                }
                else
                {
                    e.CanTrust = false;
                    Log(LogLevel.Error, "Invalid host key received.");
                }
            }
            catch (Exception ex)
            {
                // In case of exception, we need to prevent authentication from passing.
                e.CanTrust = false;

                Log(ex, "Host Key Receipt");
            }
        }
The problem currently is the VerifySignature method. What should the "signature" argument be? And am I doing this the right way?