 | 1 | initial version |
Figured out a workaround way to do this.
In a command prompt redirect the SSL Key Log file from the SSH remote to where the Wireshark TLS (Pre)-Master-Secret log filename setting is pointed.
example:
"C:\Program Files\PuTTY\plink.exe" -batch -ssh [email protected] tail -n 0 -F /var/SSLKEYLOGFILE.txt >> C:\Users\AHS\Downloads\SSLKEYLOGFILE.txt
The SSH remote capture can then be decrypted live.
Would be nice if Wireshark had this capability built in to grab the SSL key log file from the SSH remote.