EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Proper implementation of the TElSimpleSSHClient.OnKeyValidate event

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#33955
Posted: 07/08/2015 12:33:17
by Bogda C (Basic support level)
Joined: 07/08/2015
Posts: 2

Hello:

Is there a sample that shows a proper implementation of the OnKeyValidate event as described here:
https://www.eldos.com/documentation/sbb/documentation/ref_howto_ssh_common_validatekey.html

In the samples that come with the product the Validate parameter is set to true and there is a comment that says: "Never do this in production", but I bet this is what people end up doing given the time constraints.

Can you guys please provide a complete sample that shows how one would handle this event? What is the best practice?

Our application is internal, it connects to a linux server and it executes some commands. Do I need to store the public keys of the servers the app can connects to, and check against these public keys?

Thanks
#33956
Posted: 07/08/2015 13:09:03
by Eugene Mayevski (EldoS Corp.)

The article you've reference *is* the Best Practice you are asking about. We can't implement it for you because this should be your educated decision about how to manage and compare keys. TLS addresses this by letting you maintain a Trusted Certificates list and defining certificate validation policies. In SSH you are on your own.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 738 times

none




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!