Differences
This shows you the differences between the selected revisions of the page.
| 2020-05-22 | 2023-10-10 | ||
| grammar (martin) | 6.2 Bug 2145 Support for OpenSSH certificates for host verification (martin) | ||
| Line 1: | Line 1: | ||
| ====== The Security Page (Preferences Dialog) ====== | ====== The Security Page (Preferences Dialog) ====== | ||
| - | The //Security page// on the [[ui_preferences|Preferences dialog]] allows you to create, remove or change [[master_password|master password]]. | + | The //Security page// on the [[ui_preferences|Preferences dialog]] allows you to configure how passwords are secured and what certificate authorities are trusted. |
| &screenshotpict(pref_security) | &screenshotpict(pref_security) | ||
| Line 15: | Line 15: | ||
| ===== [[session_password]] Session Password ===== | ===== [[session_password]] Session Password ===== | ||
| Uncheck the //Remember password for duration of the session// checkbox to avoid your password (or private key passphrase) being [[security_credentials#password_memory|stored in the memory]] for a duration of the session. You will be prompted for your password/passphrase again, when reconnecting a lost connection and for background transfers. | Uncheck the //Remember password for duration of the session// checkbox to avoid your password (or private key passphrase) being [[security_credentials#password_memory|stored in the memory]] for a duration of the session. You will be prompted for your password/passphrase again, when reconnecting a lost connection and for background transfers. | ||
| + | |||
| + | ===== [[authorities]] Trusted Host Certification Authorities ===== | ||
| + | In some environments, the SSH host keys for a lot of servers will all be signed in turn by a central "certification authority" ("CA" for short). This simplifies host key configuration for users, because if they configure their SSH client to accept host keys certified by that CA, then they don't need to individually confirm each host key the first time they connect to that server.((&puttydoccite)) | ||
| + | |||
| + | In this section you can configure what CAs WinSCP will accept signatures from. &beta_feature | ||
| + | |||
| + | If you check //Load authorities from PuTTY//, WinSCP will load the trusted authorities from PuTTY.((From its Windows registry key. So this configuration won't be [[portable]].)) WinSCP will display loaded authorities in the list below. But you will not be able to configure the authorities in WinSCP. Instead you can press //Edit in PuTTY// button to open PuTTY's trusted authorities configuration window. | ||
| + | |||
| + | If you want to configure new trusted authority in WinSCP, use the //Add// button. [[ui_ssh_host_ca|Trusted host certificate authority]] dialog will appear. | ||
| + | |||
| + | Use //Edit// button to edit the selected authority or //Remove// button to remove it. | ||
| ===== Further Reading ===== | ===== Further Reading ===== | ||
| Read more about [[ui_preferences|Preferences dialog]] and its other [[ui_preferences#pages|pages]]. | Read more about [[ui_preferences|Preferences dialog]] and its other [[ui_preferences#pages|pages]]. | ||