Support For Other Fingerprint Algorithms

[StrangeWill]

Currently SSH.NET only supports MD5, with the big-ish struggles right not being that FingerPrint being just a bite array, so something we can't easily add new algorithm support to.

We're currently calculating our own fingerprint for SHA256 support, but ideally having the library support this out of the box would be best.

To prevent breaking backwards comparability we can:

• Make additional properties per algorithm (not the best, easy though, accessible, matches current "convention")
• Make a new property that allows us to look up by algorithm, all algorithms need to be checked up-front and stored, but we can add more
• Make a method that takes an algorithm that we'll return the thumbprint for, internal implementation may cache this

What probably makes the most sense? Or does everyone just roll their own and it's not really a big deal?

[0xced]

I just submitted #1163 which should address this issue by adding two new (well documented) properties: MD5FingerPrint and SHA256FingerPrint.

[0xced]

Note that you can already compute the SHA256 fingerprint as of SSH.NET 2020.0.2. The fingerprint is nothing more than a hash of the host key. Here's how you can compute it:

const string expectedFingerPrint = "ohD8VZEXGWo6Ez8GSEJQ9WpafgLFsOfLOtGGQCQo6Og";
using var client = new SshClient(host: "ssh.dev.azure.com", username: "git");
client.HostKeyReceived += (_, e) =>
{
	var sha256FingerPrint = Convert.ToBase64String(SHA256.HashData(e.HostKey)).TrimEnd('=');
	e.CanTrust = sha256FingerPrint == expectedFingerPrint;
};
client.Connect();

The pull request I submitted merely addresses discoverability (thanks to autocompletion) and standardization (hex format for MD5 and unpadded base64 format for SHA256).

[WojciechNagorski]

Version 2023.0.0 has been published https://www.nuget.org/packages/SSH.NET/2023.0.0