Plink SSH主机密钥 - > Windows注册表项

Question

I'm trying to figure out how to make the registry entry that plink is making in windows when you choose to accept and store a host key... I want to be able to automate this process within C++ ... Has anyone done this? My leads are it gives you the RSA2 key fingerprint ... Is that whats getting converted to what is being stored in the registry? If so - how? If not - does anyone know if it's possible to automate that entry without having to accept the host key via user interaction?

Rsa2 key fingerprint:

f5:11:17:52:e1:bb:5e:12:ad:ce:ef:cd:c2:d1:4d:5a

Windows Registry Entry:

0x10001,0xc81cb48f929a6f09bab2c27050d53050d9051d3999b552bb1a83f525fea280a1f55424ad4d77c778afdebaf9ff09c99517f77f4da191fde40b65ec867325159663708ffdb6e6661b026611a7b88150279edb166febfcbe122da7d0e53263a068f70e7407a0379a89540f59913512d2ed9138ee09239fc02a2ec50bfbfe2e839a5ab1da505c10e6131bbbc1aa2031a619e8c68cf3ea122e610c62c5ae15db31c2691289568fceae4614cea7b64519a98cc36ee00eb42f957d1fececbf78f8cf1f0587ce0eb09e0863f3526a4bf4e96eeee5f67c4dafc87bd1dc78ee81e651694bad22de954c50df8dde6a3c2e9e982ed448892e7091455249dd720da3cca6e231

Any help is much appreciated, I'm not too keen on this portion of the work, I didn't think I'd have to go this deep to auto-accept host keys using plink but they really don't want it to be possible to automate this...

Answer 1

The PuTTY FAQ explains why plink itself doesn't offer to automate this process:

A.2.9 Is there an option to turn off the annoying host key prompts?
No, there isn't. And there won't be. Even if you write it yourself and send us the patch, we won't accept it.
... Host key checking is your guarantee that the encryption you put on your data at the client end is the same encryption taken off the data at the server end; it's your guarantee that it hasn't been removed and replaced somewhere on the way.

It's important to understand this reasoning before proceeding. However, it goes on to mention two things:

1. the -hostkey option, which allows you to specify a known host key on the command-line when running plink
2. A Python script for converting OpenSSH .known_hosts files into a .reg file.

The link to the Python script from the FAQ is broken, but you can find it in the current git viewer as contrib/kh2reg.py .

The script performs various transforms on the key (probably similar to the difference between standard PEM files and PuTTY's PPK format), and then uses a function winmungestr to format it for the registry, which percent-encodes non-printable characters, spaces, and any of \\*?%~

You could probably adapt that script to your language and context with a bit of effort.