SSH Agent

Overview

An SSH agent encapsulates the connection details to a single instance of an SSH server (SFTP).

Usages

The SSH agent is used by the following connectors:

CSV connector

Configuration

In addition to the common agent configuration shared by all agents, the SSH agent requires the following by way of configuration:

Name	Description
Host	The name or IP address of the SSH server.
Port	The port of the SSH server.
Timeout	Duration before which SSH requests timeout.
Password	Only required when Credentials is Custom The password corresponding to the given account name.
Expected Host Key Fingerprint	Optional. The expected fingerprint of the SSH server host key. If provided, the connection will be rejected if the received thumbprint does not match. The thumbprint must be in base64 format, and generated using the md5 hashing algorithm. See below for more information on this field.
Authentication Mode	The mode of authentication when connecting to the SSH server.
Username	The username of the account on the SSH server to authenticate as.
Password	The password of the account on the SSH server to authenticate as. Password authentication mode only.
Private Key Path	Path to the PEM format private key file for the specified SSH server account. Private Key authentication mode only.
Private Key Pass Phrase	Optional pass phrase for the provided private key file. Private Key authentication mode only.
Proxy Type	The type of proxy server to connect to the SSH server through.
Proxy Host	The name or IP address of the proxy server.
Proxy Port	The port of the proxy server.
Proxy Username	The username of the proxy server account to authenticate
Use Binary	The password of the proxy server account to authenticate with.

Fingerprint Validation

By configuring an Expected Fingerprint, the SSH agent will perform an identity check on the configured SSH server, to ensure it's validity. As described above, this value must be provided in base64 format, and have been generated using the md5 hashing algorithm. The method of retrieving and formatting the fingerprint will vary, but on Linux platforms the following command can be used:

ssh-keygen -l -f /path/to/host/key.pub -E md5 | awk '{print $2}' | sed -e 's/MD5://g' | tr -d ':' | xxd -r -p | base64

NOTE: Depending on the SSH server and configuration, one of a number of different host keys may be used depending on the connection negotiation process. In the event of a connection failure due to a unexpected fingerprint, the invalid fingerprint and the name of the host key will be included in the log message, to assist in troubleshooting.

Supported Algorithms and other technical specifications

For a full list of supported algorithms, private key formats, and other supported features, refer to the SSH.NET GitHub page.

Previous article: WCF Communicator Configuration

Next article: Connector Overview

Is this article helpful for you?

Replies 0
Oldest first
- Newest first
- Oldest first

Customer support service by UserEcho