generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Based on a patch brought by Johnny Luong, libcurl now offers

Browse Source 
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.
This commit is contained in:
Daniel Stenberg
2007-10-03 08:00:42 +00:00
parent 15b8da1980
commit 51c6a5d43b
9 changed files with 76 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/libcurl/curl_easy_setopt.3
View File

@@ -1411,6 +1411,11 @@ Pass a long set to a bitmask consisting of one or more of
CURLSSH_AUTH_PUBLICKEY, CURLSSH_AUTH_PASSWORD, CURLSSH_AUTH_HOST,
CURLSSH_AUTH_KEYBOARD. Set CURLSSH_AUTH_ANY to let libcurl pick one.
(Added in 7.16.1)
.IP CURLOPT_SSH_HOST_PUBLIC_KEY_MD5
Pass a char * pointing to a string containing 32 hexadecimal digits. The
string should be the 128 bit MD5 cheksum of the remote host's public key, and
libcurl will reject the connection to the host unless the md5sums match. This
option is only for SCP and SFTP transfers. (Added in 7.17.1)
.IP CURLOPT_SSH_PUBLIC_KEYFILE
Pass a char * pointing to a file name for your public key. If not used,
libcurl defaults to using \fB~/.ssh/id_dsa.pub\fP.