"Host key does not match configured key" when connecting to SFTP server with WinSCP .NET assembly

Question

I'm having some trouble while trying to implement an SFTP connection via C#. At the moment I can connect using WinSCP with my host, port, login, password and the key file (ppk file).

My implementation is just like this using WinSCP .NET:

SessionOptions sessionOptions = new SessionOptions
{
    Protocol              = Protocol.Sftp,
    HostName              = "",
    UserName              = "",
    SshHostKeyFingerprint = "",
    SshPrivateKeyPath     = "",
    PrivateKeyPassphrase  = ""
};

using (Session session = new Session ())
{
    session.Open (sessionOptions);
}

In session.Open I always receive an exception. When I don't fill SshHostKeyFingerprint parameter I receive the following exception:

SessionOptions.Protocol is Protocol.Sftp or Protocol.Scp, but SessionOptions.SshHostKeyFingerprint is not set.

Then I just opened my ppk file with PuTTYgen. After that I copied the "Key fingerprint" and put into my code. Now I'm receiving the following exception:

Host key does not match configured key

Does it mean I must have this key in my server? If so, where should I put this key? In this case why can I connect via WinSCP without passing this fingerprint?

Thank you!

Answer 1

The SshHostKeyFingerprint must be set to a fingerprint of server's public key (aka host key), not in the public key of your authentication key pair (your local ppk file). See Understanding SSH key pairs article on WinSCP site.

WinSCP GUI probably works because it has a cached copy of the SSH host key from the first time you used WinSCP with this particular server.

It looks like there is some information on the WinSCP site for how you might go about getting SshHostKeyFingerprint within .NET. There is even a flag to use to skip host key verification (not secure: you could be connecting to a different server or someone could possibly MITM the connection).