Differences
This shows you the differences between the selected revisions of the page.
| 2023-10-10 | 2023-10-10 | ||
| don't call it an error (martin) | 6.2 Redesigned host key prompt (as part of the Bug 2145) (martin) | ||
| Line 12: | Line 12: | ||
| If you see this message, it means that WinSCP has not seen this host key before, and has no way of knowing whether it is correct or not. You should attempt to verify the host key by other means, such as asking the machine's administrator. ((&puttydoccite)) | If you see this message, it means that WinSCP has not seen this host key before, and has no way of knowing whether it is correct or not. You should attempt to verify the host key by other means, such as asking the machine's administrator. ((&puttydoccite)) | ||
| - | Both SHA-256 and MD5 fingerprints of the host key are shown. As both fingerprints are for the same key, it is enough to check only one of them. Checking %%SHA-256%% fingerprint is safer though. | + | If the [[faq_hostkey|host key fingerprint is correct]], press //Accept// (//Yes// in the latest stable version). &beta The host key will be stored to cache and you will not be prompted the next time. If you are unsure, want to defer a host key verification until later, but still need to connect now (taking a risk), select //Connect Once// in the down-menu of the //Accept// button (//No// button in the stable version). &beta The host key will not be cached and you will be prompted again the next time. If the fingerprint is not correct or if you do not know the correct fingerprint, press //Cancel// to abort connection. |
| - | If the [[faq_hostkey|host key fingerprint is correct]], press //Yes//. The host key will be stored to cache and you will not be prompted the next time. If you are unsure, want to defer a host key verification until later, but still need to connect now (taking a risk), press //No//. The host key will not be cached and you will be prompted again the next time. If the fingerprint is not correct or if you do not know the correct fingerprint, press //Cancel// to abort connection. | + | If you have the correct host key (or its fingerprint) in a digital form, instead of checking the fingerprint manually, you can select //Paste Key// in drop-down menu of //Accept// (//Yes//) &beta button to have WinSCP compare the fingerprint for you, against a fingerprint or a full key stored in the clipboard. The clipboard can contain an %%SHA-256%% or %%MD5%% fingerprint or a full key in ''.pub'' format. |
| - | + | ||
| - | If you have the correct host key (or its fingerprint) in a digital form, instead of checking the fingerprint manually, you can use //Paste Key// button (in drop-down menu of //Yes// button) to have WinSCP compare the fingerprint for you, against a fingerprint or a full key stored in the clipboard. ·The clipboard can contain an %%SHA-256%% or %%MD5%% fingerprint or a full key in ''.pub'' format. | + | |
| - | + | ||
| - | Use //Copy key fingerprints to clipboard// link to copy the fingerprints to clipboard. | + | |
| + | Use //Copy key fingerprints to clipboard// link to copy key fingerprints to clipboard (both in %%SHA-256%% format seen on the message and additionally in %%MD5%% format). | ||
| Read more about [[ssh_verifying_the_host_key|verifying host keys]]. | Read more about [[ssh_verifying_the_host_key|verifying host keys]]. | ||