Topic "noninteractive host key verification & INI features?"

Author Message
r

Guest


Hi,

How do I verify a host key if I don't have interactive access to winscp? We have winscp installed on one system for batch only usage. What I mean is that we can run it with the /script option, but we don't have interactive access. Problem is that the host key verification seems to require an interactive Y, N, or C. Is there anyway to do this non-interactively? I tried echo yes | winscp3.com /script=test but this did not work.

Also what can be put in the INI file? There seems to be not documentation the this.
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
r wrote:
How do I verify a host key if I don't have interactive access to winscp? We have winscp installed on one system for batch only usage. What I mean is that we can run it with the /script option, but we don't have interactive access. Problem is that the host key verification seems to require an interactive Y, N, or C. Is there anyway to do this non-interactively? I tried echo yes | winscp3.com /script=test but this did not work.

I have added few words about that to documentation.

Basically your approach is completely wrong. It totally breaks most of the security of SSH. You cannot automatically verify the key. You need to verify it manually in advance, so you KNOW what you verify. The verified key is stored to configuration.

Quote:
Also what can be put in the INI file? There seems to be not documentation the this.

I do not plan to document that. If you want to configure some particular function, configure it in GUI and use the INI file it creates.
_________________
Martin Prikryl
r

Guest


Thanks for your feedback. I did not mean that the key is automatically verified. I meatn I only have access to the application in batch mode. So if I read the key as correct, how do I accept the key in batch mode? Also how do you use private keys with WinSCP in command line mode?
r

Guest


Got the key working using the ini file. Here is a copy of a usage ini file. Note host keys main not be valid.

[Configuration\Interface]
RandomSeedFile=P:%5Cwinscp.RND
ConfirmOverwriting=1
ConfirmResume=1
CopyParamDialogExpanded=0
ErrorDialogExpanded=0
ContinueOnError=0
ConfirmCommandSession=1
SynchronizeParams=3
SynchronizeRecurse=1
QueueTransfersLimit=2
QueueAutoPopup=1
QueueRememberPassword=0
PuttySession=WinSCP%20temporary%20session
PuttyPath=""C:%5CProgram%20Files%5CPuTTY%5Cputty.exe""
PuttyPassword=0
IgnoreCancelBeforeFinish=12/30/1899 12:00:03 AM
BeepOnFinish=0
BeepOnFinishAfter=12/30/1899 12:00:30 AM
Interface=0
ShowAdvancedLoginOptions=0
CopyOnDoubleClick=0
CopyOnDoubleClickConfirmation=0
DDAllowMove=0
DDAllowMoveInit=0
DDTransferConfirmation=1
DDTemporaryDirectory=
DDWarnLackOfTempSpace=1
DDWarnLackOfTempSpaceRatio=1.1
DeleteToRecycleBin=1
DimmHiddenFiles=1
SelectDirectories=0
SelectMask=%2A.%2A
ShowHiddenFiles=1
ShowInaccesibleDirectories=1
ConfirmDeleting=1
ConfirmClosingSession=1
ConfirmExitOnCompletion=1
AutoStartSession=
UseLocationProfiles=0
ForceDeleteTempFolder=1
LocaleSafe=1033
DDExtEnabled=1
DDExtTimeout=1000
DefaultDirIsHome=1
TemporaryDirectoryCleanup=1
ConfirmTemporaryDirectoryCleanup=1
PreservePanelState=1
[Configuration\Logging]
Logging=0
LogFileName=
LogFileAppend=1
LogWindowLines=100
LogProtocol=0
LogView=0
LogWindowOnStartup=1
LogWindowParams=-1;-1;500;400
[Configuration\Interface\CopyParam]
AddXToDirectories=1
Masks=%2A.%2Ahtml;%20%2A.htm;%20%2A.txt;%20%2A.php%2A;%20%2A.cgi;%20%2A.c;...
FileNameCase=0
PreserveReadOnly=1
PreserveTime=1
PreserveRights=0
Text=rw-r--r--
TransferMode=2
ResumeSupport=1
ResumeThreshold=102400
ReplaceInvalidChars=1
LocalInvalidChars=/%5C:%2A%3F"<>|
CalculateSize=1
Queue=0
QueueNoConfirmation=1
ExcludeFileMask=
ClearArchive=0
[Configuration\Interface\Editor]
Editor=0
ExternalEditor=notepad.exe%20!.!
ExternalEditorText=1
FontName=Courier%20New
FontHeight=-12
FontStyle=0
FontCharset=1
WordWrap=0
FindText=
ReplaceText=
FindMatchCase=0
FindWholeWord=0
SingleEditor=0
MDIExternalEditor=0
DetectMDIExternalEditor=1
MaxEditors=500
EarlyClose=2
[Configuration\Interface\QueueView]
Height=100
Layout=70,160,160,80,80,80
Show=1
ToolBar=0
[Configuration\Interface\Explorer]
CoolBarLayout=5,1,0,381,6;3,0,0,127,5;4,1,1,249,4;6,0,0,196,3;2,1,1,634,2;...
DirViewParams=0;1;0|150,1;70,1;101,1;79,1;62,1;55,1|0;1;2;3;4;5
LastLocalTargetDirectory=C:%5CDocuments%20and%20Settings%5CFFFF_admin%...
StatusBar=1
WindowParams=-1;-1;600;400;0
ViewStyle=0
ShowFullAddress=1
DriveView=1
DriveViewWidth=180
SessionComboWidth=114
[Configuration\Interface\Commander]
CoolBarLayout=5,0,0,219,6;1,1,0,338,5;4,0,0,227,4;3,1,0,136,3;6,1,0,144,2;...
CurrentPanel=1
LocalPanelWidth=0.5
SwappedPanels=0
StatusBar=1
CommandLine=0
ToolBar=1
WindowParams=54;70;805;671;0
ExplorerStyleSelection=0
PreserveLocalDirectory=0
CompareByTime=1
CompareBySize=0
SynchronizeBrowsing=0
SessionComboWidth=114
[Configuration\Interface\Commander\LocalPanel]
CoolBarLayout=2,1,0,146,2;1,1,0,80,1;0,1,1,333,0
DirViewParams=0;1;0|150,1;70,1;101,1;79,1;62,1;55,0|0;1;2;3;4;5
StatusBar=1
DriveView=0
DriveViewHeight=100
[Configuration\Interface\Commander\RemotePanel]
CoolBarLayout=2,1,0,146,2;1,1,0,80,1;0,1,1,334,0
DirViewParams=0;1;0|150,1;70,1;101,1;79,1;62,1;55,0;20,0|0;1;2;3;4;5;6
StatusBar=1
DriveView=0
DriveViewHeight=100
[Configuration\CustomCommands]
&Execute=""!""
&Touch=touch%20"!"
Ta&r/GZip=tar%20-cz%20%20-f%20"!%3F&Archive%20Name:%3Farchive.tgz!"%20!&
&UnTar/GZip=tar%20-xz%20--directory="!%3F&Extract%20to%20directory:%3F.!"%20-f%20"!"
&Grep=grep%20"!%3F&Search%20for%20pattern:%3F!"%20!&
&File Compare (NT/2k/XP only)=cmd%20/c%20fc%20"!"%20"!^!"%20|%20more%20&&%20pause
[Configuration\CustomCommandsParams]
&Execute=0
&Touch=3
Ta&r/GZip=1
&UnTar/GZip=0
&Grep=512
&File Compare (NT/2k/XP only)=256
[Sessions\FFFF@RRRR]
HostName=RRRR
UserName=FFFF
PingType=0
[Sessions\Default%20Settings]
PingType=0
[Sessions\ZZZZ]
HostName=XXX
UserName=YYYY
Special=1
PingType=0
; PublicKeyFile=P:%5CMy%20Documents%5CWork%5CKeys%5Cprivate%5Cprivate1-ssh2-rsa.ppk
PublicKeyFile=Z:\Admin\Keys\VVVV.ppk
[SshHostKeys]
rsa2@22:RRRR=0x23,0xa111eeefe025bd1ea7e781fe023c48d0f7866d1f203f02b4b72ca...
rsa2@22:RRRR.GGGG.com=0x23,0xa111eeefe025bd1ea7e781fe023c48d0f7866d1f203f...
[Configuration\CDCache]
FFFF@RRRR=412F686F6D652F77656C6C706F696E3D2F2F0D0A2F686F6D652F77656C6C706...
FFFF@RRRR.GGGG.com=412F686F6D652F77656C6C706F696E3D2F2F0D0A2F686F6D652F77...
Guest




prikryl wrote:
r wrote:
How do I verify a host key if I don't have interactive access to winscp? We have winscp installed on one system for batch only usage. What I mean is that we can run it with the /script option, but we don't have interactive access. Problem is that the host key verification seems to require an interactive Y, N, or C. Is there anyway to do this non-interactively? I tried echo yes | winscp3.com /script=test but this did not work.

I have added few words about that to documentation.

You cannot automatically verify the key.



If you say you cannot automatically accept a hostkey, then what is the purpsioe of this documentation:

"
Verifying the Host Key in Script

The first connection to an SSH server requires verification of the host key. To automate the verification in script, you can use command-line parameter hostkey (or switch of open command with the same name) to accept the expected hostkey automatically.
"
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Quote:
If you say you cannot automatically accept a hostkey, then what is the purpsioe of this documentation:...

The post is almost 4 years old!
_________________
Martin Prikryl
pattyengr
[View user's profile]

Joined: 2012-06-22
Posts: 5
Hi, I am facing the same issue as I am reading the host key from the INI file everytime but the code throws and error later "Host Key wasn't verified"
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
pattyengr wrote:
Hi, I am facing the same issue as I am reading the host key from the INI file everytime but the code throws and error later "Host Key wasn't verified"

Please start a new thread, and post a complete session log file, your script or code and any other details. Are you using scripting or .NET assembly?
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License