This event can be fired only for SSH protocols. Since the
SSH architecture doesn't know about certificates or
any other means of checking if the remote server is really the one
you intended to connect to, whether you will accept a connection or not is a matter of 'trust'.
This is how SSH works in real life - once you connect to the
remote server and you are sure it is really the server you
expect it to be, you should store Fingerprint information locally. For each new
connection, you should test if the new Fingerprint information is same as the stored Fingerprint -
to be sure that no one is 'in the middle' spying on
your connection. Fingerprint
information is almost unique among different server and it
is generated from a server's private key.
If you set Accept to
True (default), wodSSH will continue to perform
negotiation with the server normally. If you set it to
False (for instance, because you see that
Fingerprint information is not the
same as before), it will drop the connection.
Even if you connect to the same server, different protocol
versions will produce different Fingerprint information. So, if you use SSH1
and store fingerprint information and then later you use
SSH2, you will see this information is different. This is
to be expected. You should store new information
also.
HostFingerprint
Event
