Is there any way to get SFTP server's public key from any Sftp client or by using any tool? I have access (username/password) to connect to production SFTP remote server and I would like to find the public key from any SFTP client or by using any other tool. My intention is to use that public key in Java JSCh library and to connect to the SFTP server.
How to find public key of the server using any SFTP/SSH client
public-keysftpssh
Related Solutions
FileZilla uses the PuTTY suite of tools for its SSH implementation. PuTTY supports using public keys, so by default so does FileZilla. It's as simple as downloading and running Pageant and importing your key, or generating a new one using PuTTYgen.
You can also manually specify a key file using menu Edit → Settings, item Connection (first item in the left panel)
ssh-copy-id script works only against *nix servers (or servers with *nix emulation), as it internally executes some *nix shell command on the server (like exec, sh, umask, rm, mkdir, tail, cat, etc).
You can setup the key manually. I'm aware that you know that, but as there subtle differences, when doing that on a Windows server, I'll mention it anyway for benefit of other readers.
Main steps are:
- Create the
.sshfolder in your Windows account profile folder (typically inC:\Users\username\.ssh). - Create
authorized_keysfile in the folder and add your public key to it. - Make sure that the ACL of the
.sshfolder and theauthorized_keysso that only a respective Windows account have a write access to the folder and the file and the account that runs the server have a read access. Also note that the location of the file for Administrators is overriden in the defaultsshd_configfile to%ALLUSERSPROFILE%\ssh\administrators_authorized_keys.
For details, see my guide for Setting up SSH public key authentication on Win32-OpenSSH.
If you want to do that from your local machine, you can do it using sftp. Particularly if you have no key on the server registered yet, you can just upload the id_rsa.pub file as authorized_keys file:
$ sftp martin@example.com
martin@example.com's password:
Connected to martin@example.com.
sftp> mkdir .ssh
sftp> cd .ssh
sftp> put id_rsa.pub authorized_keys
Uploading id_rsa.pub to /C:/Users/martin/.ssh/authorized_keys
id_rsa.pub 100% 401 197.5KB/s 00:00
sftp> bye
The above is basically, what ssh-copy-id does internally – Except that ssh-copy-id appends the authorized_keys, what plain sftp cannot do. If you need to append, you can download authorized_keys to the local machine, append it locally and re-upload it back.
Alternatively, you you can setup the key from another Windows machine using (my) WinSCP client, with its Install Public Key into Server function.
See also my answer to Setting up public key authentication to Linux server from Windows (ppk private key).
Best Answer
The only correct way is to ask the server administrator to provide you the host key.
If you retrieve the host key remotely yourself, you cannot really trust the key, as you can be under a Man-in-the-middle attack already.
Anyway, the easiest way is to use
ssh-keyscantool:If you are on Windows, you can get a Windows build of
ssh-keyscanfrom Win32-OpenSSH project or Git for Windows. It's built-in in recent versions of Windows 10.For more options and background information, see my article Where do I get SSH host key fingerprint to authorize the server?