cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: On the hostpubmd5 option

From: Nick Zitzmann <nick_at_chronosnet.com>
Date: Wed, 20 Nov 2013 19:03:03 -0600

On Nov 20, 2013, at 11:48 AM, frank ernest <doark_at_mail.com> wrote:

> --hostpubmd5 <md5>
> (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The
> string should be the 128 bit MD5 checksum of the remote host's
> public key, curl will refuse the connection with the host unless
> the md5sums match.
>
> How can I tell when to use this?

If you are not using an SSH-based protocol, like SCP or SFTP, then you never need to use this. But if you are, then providing the checksum of the host�s expected public key can protect you against an attack where some other site pretends to be the host.

Nick Zitzmann
<http://www.chronosnet.com/>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-11-21

This message: [ Message body ]
Next message: Nick Zitzmann: "Re: Fetch particular page in particular language"
Previous message: Nick Zitzmann: "Re: On the delegation option"
In reply to: frank ernest: "On the hostpubmd5 option"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]