Where do I get SSH host key fingerprint to authorize the server?

When writing a WinSCP script or code using WinSCP .NET assembly, use the same methods as described previously to obtain the host key.

In scripting specify the expected fingerprint using -hostkey switch of an open command. With .NET assembly, use SessionOptions.SshHostKeyFingerprint property.

If you already have verified the host key for your GUI session, go to a Server and Protocol Information Dialog and see a Server Host key Fingerprint box. You can have WinSCP generate the script or code for you, including the -hostkey switch or SessionOptions.SshHostKeyFingerprint property.

In exceptional situations, when security is not required, such as when connecting within a trusted private network, you can use -hostkey=* or SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey to blindly accept any host key.

If you want to allow a user to manually verify the host key, use the Session.ScanFingerprint method to retrieve the key fingerprint. Then let the user to verify it and assign the verified value to the SessionOptions.SshHostKeyFingerprint property.