Differences
This shows you the differences between the selected revisions of the page.
| 2019-06-04 | 2019-06-04 | ||
| 5.12 Bug 1589 – Use SHA-256 host key fingerprints (martin) | displaying all host keys (martin) | ||
| Line 40: | Line 40: | ||
| ===== [[connecting]] Connecting to the server ===== | ===== [[connecting]] Connecting to the server ===== | ||
| + | ==== Finding Host Key ==== | ||
| - | Before the first connection, find out fingerprint of the server's ED25519 key by running ''%%.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key"%%'' from the OpenSSH installation folder (''%WINDIR%\System32\OpenSSH'' or ''C:\Program Files\OpenSSH''), as the Administrator (with PowerShell, use ''$env:ProgramData'' instead of ''%ProgramData%''): &winpath | + | Before the first connection, find out fingerprint of the server's host key by using ·''%%ssh-keygen.exe%%'' from the OpenSSH installation folder (''%WINDIR%\System32\OpenSSH'' or ''C:\Program Files\OpenSSH''), as the Administrator (with PowerShell, use ''$env:ProgramData'' instead of ''%ProgramData%''): &winpath |
| + | |||
| + | To display all host keys, use this command: | ||
| <code> | <code> | ||
| - | C:\Windows\System32\OpenSSH>.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key" | + | for %f in (%ProgramData%\ssh\ssh_host_*_key) do .\ssh-keygen.exe -l -f "%f" |
| + | </code> | ||
| + | |||
| + | You will get an output like this: | ||
| + | |||
| + | <code> | ||
| + | C:\Windows\System32\OpenSSH>for %f in (%ProgramData%\ssh\ssh_host_*_key) do @.\ssh-keygen.exe -l -f "%f" | ||
| + | 1024 SHA256:K1kYcE7GHAqHLNPBaGVLOYBQif04VLOQN9kDbiLW/eE martin@example (DSA) | ||
| + | 256 SHA256:7pFXY/Ad3itb6+fLlNwU3zc6X6o/ZmV3/mfyRnE46xg martin@example (ECDSA) | ||
| 256 SHA256:KFi18tCRGsQmxMPioKvg0flaFI9aI/ebXfIDIOgIVGU martin@example (ED25519) | 256 SHA256:KFi18tCRGsQmxMPioKvg0flaFI9aI/ebXfIDIOgIVGU martin@example (ED25519) | ||
| + | 2048 SHA256:z6YYzqGiAb1FN55jOf/f4fqR1IJvpXlKxaZXRtP2mX8 martin@example (RSA) | ||
| </code> | </code> | ||
| + | |||
| + | ==== Connecting ==== | ||
| Start WinSCP. [[ui_login|Login dialog]] will appear. On the dialog: | Start WinSCP. [[ui_login|Login dialog]] will appear. On the dialog: | ||
| Line 62: | Line 76: | ||
| * Save your site settings using the //Save// button. | * Save your site settings using the //Save// button. | ||
| * Login using //Login// button. | * Login using //Login// button. | ||
| - | * [[ssh_verifying_the_host_key|Verify the host key]] by comparing fingerprint with the one collected before (see above). | + | * [[ssh_verifying_the_host_key|Verify the host key]] by comparing fingerprint with those collected before (see above). |
| If you cannot authenticate to the server, and you are using Windows 10 //Developer mode//, make sure that your OpenSSH server does not conflict with an internal %%SSH%% server used by the //Developer mode//. You may need to turn off the //%%SSH%% Server Broker// and //%%SSH%% Server Proxy// Windows services. Or run your OpenSSH server on a different port than 22. | If you cannot authenticate to the server, and you are using Windows 10 //Developer mode//, make sure that your OpenSSH server does not conflict with an internal %%SSH%% server used by the //Developer mode//. You may need to turn off the //%%SSH%% Server Broker// and //%%SSH%% Server Proxy// Windows services. Or run your OpenSSH server on a different port than 22. | ||