curl-library
Re: Why does libcurl need the public key for SFTP auth anyway?
From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 22 Sep 2009 00:51:00 +0200 (CEST)
Date: Tue, 22 Sep 2009 00:51:00 +0200 (CEST)
On Mon, 21 Sep 2009, Gary V. Vaughan wrote:
>>> So I should be passing the public key of the remote host to libcurl, and
>>> not the public part of the private key I'm using to authenticate?
>
> And my next point was going to be that known_hosts provides host key
> management as defence against MITM attacks, so explicitly requiring a public
> key (host key, or the public part of my auth key) still seems unnecessary.
It is, but that's because libssh2 only offer such an API still.
-- / daniel.haxx.seReceived on 2009-09-22