Differences
This shows you the differences between the selected revisions of the page.
| 2025-04-10 | 2025-04-10 | ||
| no summary (202.52.150.20) (hidden) (untrusted) | no summary (202.52.150.20) (hidden) (untrusted) | ||
| Line 64: | Line 64: | ||
| ===== Administration Tasks ===== | ===== Administration Tasks ===== | ||
| Learn how a system administrator can [[administration|restrict or enforce certain functionality]] of the application. | Learn how a system administrator can [[administration|restrict or enforce certain functionality]] of the application. | ||
| + | ===== [[verifying]] Verifying Integrity of Installer ===== | ||
| + | Optionally, as a security measure, you can verify an integrity of the WinSCP installer binary before installing. | ||
| + | |||
| + | In Windows File Explorer display //Properties// of the installer and verify a signature on the //Digital Signatures// tab. The installer should be signed by "Martin Prikryl". | ||
| + | |||
| + | * The EV certificate used to sign the latest installers is valid from 2022-11-24 to 2026-02-18 and has the following SHA-1 thumbprint (hash): ''0dee8f52d6b8d8c4b2c9573f4299fd97d707bab7''. | ||
| + | * The EV certificate used to sign the older installers is valid from 2020-02-10 to 2023-02-17 and has the following %%SHA-1%% thumbprint (hash): ''fb845245cfbb0ee97e76c775348caa31d74bec4c''. | ||
| + | |||
| + | &screenshotpict(certificate) | ||
| + | |||
| + | The certificate can also be displayed on the User Account Control prompt, when starting an [[ui_installer#mode|installation for all users]]. | ||
| + | |||
| + | You can also verify file integrity manually. Find ==checksums== of the installer binary in the release notes or on the [[this>../../download/WinSCP-&winscp_stable_version-Setup.exe/download|installer download page]]. You can cross-check the checksum against a [[https://sourceforge.net/projects/winscp/files/WinSCP/&winscp_stable_version/|copy of the release notes on the SourceForge server]]. Use the ''[[https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certutil|certutil]]'' tool to calculate a SHA-256 checksum of the downloaded installer and compare it. | ||
| + | |||
| + | <code> | ||
| + | C:\...>certutil -hashfile WinSCP-&winscp_stable_version-Setup.exe SHA256 | ||
| + | SHA256 hash of WinSCP-&winscp_stable_version-Setup.exe: | ||
| + | &winscp_stable_setup_sha256 | ||
| + | CertUtil: -hashfile command completed successfully. | ||
| + | </code> | ||
| - | a | ||
| ===== [[msi]] MSI Installer ===== | ===== [[msi]] MSI Installer ===== | ||