faq_hostkey » Revisions »
Differences
This shows you the differences between the selected revisions of the page.
| 2016-01-19 | 2016-02-27 | ||
| direct switch or property anchored links (martin) | wikilink (martin) (hidden) | ||
| Line 29: | Line 29: | ||
| A special case is getting host key of a server, that you are an administrator of yourself, yet you do not have a direct secure line to connect through. This is common for virtual servers or servers in a cloud. In such case a server provider should have a specific solution. For example a specialized server in the same private network as your server, with publicly known host keys. You can connect to this specialized server and from it, securely connect to your server (e.g. using %%SSH%% terminal). As you are connecting within private network, you can safely trust any host key. Once connected to your server, acquire its host key. With that you can finally connect directly yet securely over a public network. Alternatively, the server provider can provide the host key via some administrative interface. For example see a solution for [[guide_amazon_ec2|Amazon EC2]], [[guide_google_compute_engine|Google Compute Engine]] or [[guide_microsoft_azure#linux|Microsoft Azure]]. | A special case is getting host key of a server, that you are an administrator of yourself, yet you do not have a direct secure line to connect through. This is common for virtual servers or servers in a cloud. In such case a server provider should have a specific solution. For example a specialized server in the same private network as your server, with publicly known host keys. You can connect to this specialized server and from it, securely connect to your server (e.g. using %%SSH%% terminal). As you are connecting within private network, you can safely trust any host key. Once connected to your server, acquire its host key. With that you can finally connect directly yet securely over a public network. Alternatively, the server provider can provide the host key via some administrative interface. For example see a solution for [[guide_amazon_ec2|Amazon EC2]], [[guide_google_compute_engine|Google Compute Engine]] or [[guide_microsoft_azure#linux|Microsoft Azure]]. | ||
| + | <br /> | ||
| + | <b>Notice</b>: Undefined index: mail in <b>/var/www/vhosts/winscp.net/httpdocs/docs/inc/html.php</b> on line <b>1451</b><br /> | ||
| ===== Automatic host key verification ===== | ===== Automatic host key verification ===== | ||
| Line 38: | Line 40: | ||
| If you already have verified the host key for your GUI session, go to a //[[ui_fsinfo|Server and Protocol Information Dialog]]// and see a //Server Host key Fingerprint// box. //In the latest beta version//, you can have [[ui_generateurl|WinSCP generate the script or code]] for you, including the ''-hostkey'' switch or ''SessionOptions.SshHostKeyFingerprint'' property. &beta | If you already have verified the host key for your GUI session, go to a //[[ui_fsinfo|Server and Protocol Information Dialog]]// and see a //Server Host key Fingerprint// box. //In the latest beta version//, you can have [[ui_generateurl|WinSCP generate the script or code]] for you, including the ''-hostkey'' switch or ''SessionOptions.SshHostKeyFingerprint'' property. &beta | ||
| - | In exceptional situations, when security is not required, such as when connecting within a trusted private network, you can use ''-hostkey=*'' or ''[[http://winscp.net/eng/docs/library_sessionoptions#giveupsecurityandacceptanysshhostkey|SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey]]'' to blindly accept any host key. | + | In exceptional situations, when security is not required, such as when connecting within a trusted private network, you can use ''-hostkey=*'' or ''[[library_sessionoptions#giveupsecurityandacceptanysshhostkey|SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey]]'' to blindly accept any host key. |