Differences
This shows you the differences between the selected revisions of the page.
| 2012-08-13 | 2012-12-27 | ||
| .net assembly (martin) | recommend restricting an access to unprotected private key file (martin) | ||
| Line 2: | Line 2: | ||
| The best solution is to use [[ui_pageant|authentication agent (Pageant)]], so that you enter the passphrase only once. | The best solution is to use [[ui_pageant|authentication agent (Pageant)]], so that you enter the passphrase only once. | ||
| - | If you need to avoid entering the passphrase to automate a task (such as with [[scripting]] or when using [[library|.NET assembly]]) and using authentication agent is not suitable for you, you can store the key unprotected (without an passphrase). Note that this imposes security risk, if someone gains access to the key. | + | If you need to avoid entering the passphrase to automate a task (such as with [[scripting]] or when using [[library|.NET assembly]]) and using authentication agent is not suitable for you, you can store the key unprotected (without an passphrase). Note that this imposes security risk, if someone gains access to the key. You should consider restricting access to the unprotected private key file to the local account that runs the script only (using [[http://technet.microsoft.com/en-us/library/cc770962.aspx|Windows file system permissions]]). |
| WinSCP does not support providing the passphase from [[commandline|command line]] or by other means allowing automation. Anyway, this would not bring substantial advantage over unprotected key as the passphrase would need to be stored too (in a script), probably on the same data storage as the key. | WinSCP does not support providing the passphase from [[commandline|command line]] or by other means allowing automation. Anyway, this would not bring substantial advantage over unprotected key as the passphrase would need to be stored too (in a script), probably on the same data storage as the key. | ||