API Overview
Docs
API: easy API: multi API: share API: URL API: WebSocket Environment vars Errors Examples Security Symbols Tutorial
easy setopt options easy getinfo options multi setopt options TLS options
Functions
All functions curl_easy_getinfo curl_easy_init curl_easy_perform curl_easy_reset curl_easy_setopt curl_multi_add_handle curl_multi_init curl_multi_perform curl_multi_remove_handle curl_multi_setopt
curl / libcurl / API / curl_easy_setopt / CURLOPT_SSH_HOST_PUBLIC_KEY_MD5

CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 explained

Related:
easy options
getinfo options
multi options
File a bug about this page
View man page source

Name

CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 - MD5 checksum of SSH server public key

Synopsis

#include <curl/curl.h>
 
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
                          char *md5);

Description

Pass a char pointer pointing to a string containing 32 hexadecimal digits. The string should be the 128-bit MD5 checksum of the remote host's public key, and libcurl aborts the connection to the host unless the MD5 checksum match.

MD5 is a weak algorithm. We strongly recommend using CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 instead.

The application does not have to keep the string around after setting this option.

Using this option multiple times makes the last set string override the previous ones. Set it to NULL to disable its use again.

This option is only applied when libcurl creates a new SSH connection. Once a connection has been created and successfully verified with this MD5 check, it is deemed vetted and may be reused by libcurl without performing the MD5 verification again, even if you later change or disable this option or switch to other verification mechanisms such as CURLOPT_SSH_KNOWNHOSTS or CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256. Any such changes only affect future new connections, not already established ones.

When MD5 verification is enabled for a connection via this option, libcurl uses that MD5-based check instead of the known hosts/host key callback verification path for that connection, so you must not assume that both the MD5 check and the known hosts/host key callback verification are performed for the same connection.

Default

NULL

Protocols

This functionality affects scp and sftp

Example

int main(void)
{
  CURL *curl = curl_easy_init();
  if(curl) {
    CURLcode result;
    curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file");
    curl_easy_setopt(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
                     "afe17cd62a0f3b61f1ab9cb22ba269a7");
    result = curl_easy_perform(curl);
    curl_easy_cleanup(curl);
  }
}

Availability

Added in curl 7.17.1

Return value

curl_easy_setopt returns a CURLcode indicating success or error.

CURLE_OK (0) means everything was OK, non-zero means an error occurred, see libcurl-errors.

See also

CURLOPT_SSH_AUTH_TYPES(3), CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256(3), CURLOPT_SSH_KNOWNHOSTS(3), CURLOPT_SSH_PUBLIC_KEYFILE(3)

This HTML page was made with roffit.