(Tcl) SFTP Host Key Fingerprint

See more SFTP Examples

Demonstrates how to get the SSH server's host key fingerprint after connecting.

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set sftp [new_CkSFtp]

set hostname "sftp.example.com"
set port 22
set success [CkSFtp_Connect $sftp $hostname $port]
if {$success != 1} then {
    puts [CkSFtp_lastErrorText $sftp]
    delete_CkSFtp $sftp
    exit
}

# Get the classic MD5 fingeprint
set md5_fingerprint [CkSFtp_hostKeyFingerprint $sftp]
puts "$md5_fingerprint"

# Sample output:
# ssh-rsa 3072 21:b0:d8:41:4e:ef:78:10:20:af:01:b7:71:5d:eb:94

# Starting in Chilkat v9.5.0.92, we can also get the SHA256 fingerprint.
# (it is also possible to get fingerprints using other hash algorithms such as SHA384, SHA512, etc.)

set includeKeyType 1
set includeHashName 1
set sha256_fingerprint [CkSFtp_getHostKeyFP $sftp "SHA256" $includeKeyType $includeHashName]
puts "$sha256_fingerprint"

# Sample output:
# ssh-rsa SHA256:Ufgj480OsdsCZRjj9sSNM6fpgIcSJ61RsIG8usndUIY=

# The key type and hash name can be optionally included or not.
set includeKeyType 0
set includeHashName 1
set sha256_fingerprint [CkSFtp_getHostKeyFP $sftp "SHA256" $includeKeyType $includeHashName]
puts "$sha256_fingerprint"

# SHA256:Ufgj480OsdsCZRjj9sSNM6fpgIcSJ61RsIG8usndUIY=

set includeKeyType 1
set includeHashName 0
set sha256_fingerprint [CkSFtp_getHostKeyFP $sftp "SHA256" $includeKeyType $includeHashName]
puts "$sha256_fingerprint"

# ssh-rsa Ufgj480OsdsCZRjj9sSNM6fpgIcSJ61RsIG8usndUIY=

set includeKeyType 0
set includeHashName 0
set sha256_fingerprint [CkSFtp_getHostKeyFP $sftp "SHA256" $includeKeyType $includeHashName]
puts "$sha256_fingerprint"

# Ufgj480OsdsCZRjj9sSNM6fpgIcSJ61RsIG8usndUIY=

delete_CkSFtp $sftp