Topic "Winscp3 Authentication problems"

Author Message
MECOMO AG

Guest


Hello all,

we're using WINSCP 3.7.1 to push files to a site. If we run a batch manually everything works fine:

C:\Programme\H3GKino\SFTP>winscp3
winscp> option batch on
batch on
winscp> opion confirm off
Unknown command 'opion'.
winscp> option confirm off
confirm off
winscp> option transfer binary
transfer binary
winscp> open USERNAME@IPADDRESS
Initialisation...
Searching for host...
Connecting to host...
Authenticating...
Using username "USERNAME".
Authenticating with public key "rsa-key-20041216"
Authenticated.
Starting the session...
Reading remote directory...
Session started.
Active session: [1] USERNAME@IPADDRESS
winscp>

Once we integrate the batch into an automated SQL Job, it does not work anymore:

batch on
confirm off
transfer binary
Initialisation...
Searching for host...
Connecting to host...
Authenticating...
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's key fingerprint is: ssh-rsa 1024 39:95:d4:82:cf:25:8f:92:9a:92:6a:23:4f:89:47:4f
If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, (C)ancel: Cancel
Authentication failed.
Host key wasn't verified!
No session.

We are using the same Credentials DOMAIN\USER for both methods.

Any idea where to troubleshoot?

Thanks,

Heiko Oberleitner
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
Please read FAQ.
_________________
Martin Prikryl
MECOMO AG

Guest


prikryl wrote:
Please read FAQ.


Dear Martin, thanks for the link. We had already read the faq and followed the intructions (or Use INI file instead of registry to store the configuration. The INI file can be accessed by all accounts.). Would you please have a look at this Logfile? (I replaced the real IP & Username)

. --------------------------------------------------------------------------
. WinSCP Version 3.7.1 (Build 257) (OS 5.2.3790 Service Pack 1)
. Login time: Freitag, 20. April 2007 13:53:29
. --------------------------------------------------------------------------
. Session name: USER@IP
. Host name: IP (Port: 2222)
. User name: USER(Password: No, Key file: Yes)
. Transfer Protocol: SFTP (SCP)
. SSH protocol version: 2; Compression: No
. Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: No
. Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. SSH Bugs: -,-,-,-,-,-,-,-,
. Proxy: none
. Return code variable: Autodetect; Lookup user groups: Yes
. Shell: default, EOL: 0
. Local directory: C:\Dokumente und Einstellungen\Administrator\Eigene Dateien, Remote directory: /cp/XG302, Update: No, Cache: Yes
. Cache directory changes: Yes, Permanent: Yes
. Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No
. --------------------------------------------------------------------------
. Looking up host "IP"
. Connecting to IP port 2222
. Server version: SSH-2.0-OpenSSH_3.9p1-AuthSelect-SecurID-log
. We claim version: SSH-2.0-WinSCP-release-3.7.1
. Using SSH protocol version 2
. Doing Diffie-Hellman group exchange
. Doing Diffie-Hellman key exchange
. Asking user:
. The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's key fingerprint is: ssh-rsa 1024 aa:d0:07:86:88:93:a7:98:25:87:2c:b2:83:4f:2b:71
.
. If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
.
. Continue connecting and add host key to the cache? ()
. Host key fingerprint is:
. ssh-rsa 1024 aa:d0:07:86:88:93:a7:98:25:87:2c:b2:83:4f:2b:71
. Initialised AES-256 client->server encryption
. Initialised AES-256 server->client encryption
. Initialised HMAC-SHA1 client->server MAC algorithm
. Initialised HMAC-SHA1 server->client MAC algorithm
! Using username "USER".
. Reading private key file "C:\Programme\H3GKino\SFTP\Keys\privateKey.ppk"
. Offered public key
. Offer of public key accepted
! Authenticating with public key "rsa-key-20041216"
. Access granted
. Opened channel for session
. Started a shell/command
. --------------------------------------------------------------------------
. Using SFTP protocol.
. Doing startup conversation with host.
> Type: SSH_FXP_INIT, Size: 5, Number: -1
< Type: SSH_FXP_VERSION, Size: 5, Number: -1
. SFTP version 3 negotiated.
> Type: SSH_FXP_EXTENDED, Size: 38, Number: 200
< Type: SSH_FXP_STATUS, Size: 38, Number: 200
< Status/error code: 8
. Server does not recognise WinSCP.
. Changing directory to "/cp/XG302".
. Getting real path for '/cp/XG302'
> Type: SSH_FXP_REALPATH, Size: 18, Number: 528
< Type: SSH_FXP_NAME, Size: 39, Number: 528
. Real path is '/cp/XG302'
. Trying to open directory "/cp/XG302".
> Type: SSH_FXP_OPENDIR, Size: 18, Number: 779
< Type: SSH_FXP_HANDLE, Size: 13, Number: 779
> Type: SSH_FXP_CLOSE, Size: 13, Number: 1028
< Type: SSH_FXP_STATUS, Size: 24, Number: 1028
< Status/error code: 0
. Getting current directory name.
. Listing directory "/cp/XG302".
> Type: SSH_FXP_OPENDIR, Size: 18, Number: 1291
< Type: SSH_FXP_HANDLE, Size: 13, Number: 1291
> Type: SSH_FXP_READDIR, Size: 13, Number: 1548
< Type: SSH_FXP_NAME, Size: 433, Number: 1548
> Type: SSH_FXP_READDIR, Size: 13, Number: 1804
< Type: SSH_FXP_STATUS, Size: 28, Number: 1804
< Status/error code: 1
> Type: SSH_FXP_CLOSE, Size: 13, Number: 2052
< Type: SSH_FXP_STATUS, Size: 24, Number: 2052
< Status/error code: 0
. Startup conversation with host finished.
. Closing connection.

As you see above, we have stored the key in the cache. But the scheduled job still aks to save the key, as you can see fromthis logfile:


C:\WINDOWS\system32>cd \

C:\>cd Programme\H3GKino\SFTP

C:\Programme\H3GKino\SFTP>winscp3.com /script=C:\Programme\H3GKino\SFTP\WinSCP_Put_COPY.txt
batch on
confirm off
transfer binary
Initialisation...
Searching for host...
Connecting to host...
Authenticating...
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's key fingerprint is: ssh-rsa 1024 aa:d0:07:86:88:93:a7:98:25:87:2c:b2:83:4f:2b:71
If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, (C)ancel: Cancel
Authentication failed.
Host key wasn't verified!
No session.
No session.
DTSRun: Ldt...

DTSRun: Fhrt aus...

DTSRun OnStart: DTSStep_DTSCreateProcessTask_1

DTSRun OnFinish: DTSStep_DTSCreateProcessTask_1

DTSRun: Paketausfhrung beendet.

Thank you and kind regards,
Heiko
Margo

Guest


Hallo, all!
I have same problem. in documentation i find :
Running a Script under a Different Account

If you are going to run the script under a different account (for example using the Windows scheduler), note that WinSCP may store its configuration to the user part of Windows Registry by default. So you may need to either transfer the configuration from your account registry to the other account registry or use the INI file instead.

What mean:
transfer the configuration from your account registry to the other account registry

Where can i it find in registry?

Please Martin, help me!

Thank you.

Margo
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
MECOMO AG wrote:
Dear Martin, thanks for the link. We had already read the faq and followed the intructions (or Use INI file instead of registry to store the configuration. The INI file can be accessed by all accounts.). Would you please have a look at this Logfile? (I replaced the real IP & Username)
...

Are you sure that you really use the INI file? Also can you see the accepted host key in the INI file?
_________________
Martin Prikryl
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
Margo wrote:
What mean:
transfer the configuration from your account registry to the other account registry

Where can i it find in registry?

Please read documentation.
_________________
Martin Prikryl
MECOMO AG

Guest


prikryl wrote:
MECOMO AG wrote:
Dear Martin, thanks for the link. We had already read the faq and followed the intructions (or Use INI file instead of registry to store the configuration. The INI file can be accessed by all accounts.). Would you please have a look at this Logfile? (I replaced the real IP & Username)
...

Are you sure that you really use the INI file? Also can you see the accepted host key in the INI file?


Hi,

We'll, the INI ist in the same directory as the EXE and the kay ist stored in the INI, so I assume that the INI is used. How can we be sure?

thx Heiko
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
MECOMO AG wrote:
We'll, the INI ist in the same directory as the EXE and the kay ist stored in the INI, so I assume that the INI is used. How can we be sure?

Can you try to explicitly specify full path to an INI file using /ini parameter?
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License