Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Figured out a workaround way to do this.

In a command prompt redirect the SSL Key Log file from the SSH remote to where the Wireshark TLS (Pre)-Master-Secret log filename setting is pointed.


"C:\Program Files\PuTTY\plink.exe" -batch -ssh [email protected] tail -n 0 -F /var/SSLKEYLOGFILE.txt >> C:\Users\AHS\Downloads\SSLKEYLOGFILE.txt

The SSH remote capture can then be decrypted live.

Would be nice if Wireshark had this capability built in to grab the SSL key log file from the SSH remote.