curl / Mailing Lists / curl-library / Single Mail

Buy commercial curl support. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder Daniel himself.

SSH with libcurl

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 6 Feb 2025 08:56:10 +0100 (CET)

Hi friends,

I would like to make it harder to do SCP/SFTP transfers with libcurl against
unverified hosts. I mean setups when the server is unverified to be the
correct target. To verify an SSH host, you typically use a known hosts file or
a known publickey for the host.

For example, we could *require* one of those fields set to consider the host
verified and fail the transfer otherwise - and perhaps use a magic knownhosts
file name (like "[insecure]") to signal that doing an unverified connection is
ok. This is still to be determined.

I'm curious to learn more from people who do SCP or SFTP transfers with
libcurl to hear what you think about this problem and what possible fixes we
can do to improve the situation.

-- 
  / daniel.haxx.se || https://rock-solid.curl.dev
-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html

Received on 2025-02-06

This message: [ Message body ]
Next message: Daniel Stenberg via curl-library: "RE: Help us out in the curl project"
Previous message: Dan Fandrich via curl-library: "Re: Possible problem with TLS and SMTP causing timeout in curl 8.12?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]