Differences
This shows you the differences between the selected revisions of the page.
| messages 2023-10-10 | messages 2024-10-13 (current) | ||
| Line 12: | Line 12: | ||
| If you see this message, it means that WinSCP has not seen this host key before, and has no way of knowing whether it is correct or not. You should attempt to verify the host key by other means, such as asking the machine's administrator. ((&puttydoccite)) | If you see this message, it means that WinSCP has not seen this host key before, and has no way of knowing whether it is correct or not. You should attempt to verify the host key by other means, such as asking the machine's administrator. ((&puttydoccite)) | ||
| - | If the [[faq_hostkey|host key fingerprint is correct]], press //Accept// (//Yes// in the latest stable version). &beta The host key will be stored to cache and you will not be prompted the next time. If you are unsure, want to defer a host key verification until later, but still need to connect now (taking a risk), select //Connect Once// in the down-menu of the //Accept// button (//No// button in the stable version). &beta The host key will not be cached and you will be prompted again the next time. If the fingerprint is not correct or if you do not know the correct fingerprint, press //Cancel// to abort connection. | + | If the [[faq_hostkey|host key fingerprint is correct]], press //Accept// (//Yes// in the older versions). &recent The host key will be stored to cache and you will not be prompted the next time. If you are unsure, want to defer a host key verification until later, but still need to connect now (taking a risk), select //Connect Once// in the down-menu of the //Accept// button (//No// button in the older versions). &recent The host key will not be cached and you will be prompted again the next time. If the fingerprint is not correct or if you do not know the correct fingerprint, press //Cancel// to abort connection. |
| - | If you have the correct host key (or its fingerprint) in a digital form, instead of checking the fingerprint manually, you can select //Paste Key// in drop-down menu of //Accept// (//Yes//) &beta button to have WinSCP compare the fingerprint for you, against a fingerprint or a full key stored in the clipboard. The clipboard can contain an %%SHA-256%% or %%MD5%% fingerprint or a full key in ''.pub'' format. | + | If you have the correct host key (or its fingerprint) in a digital form, instead of checking the fingerprint manually, you can select //Paste Key// in drop-down menu of //Accept// (//Yes//) &recent button to have WinSCP compare the fingerprint for you, against a fingerprint or a full key stored in the clipboard. The clipboard can contain an %%SHA-256%% or %%MD5%% fingerprint or a full key in ''.pub'' format. |
| Use //Copy key fingerprints to clipboard// link to copy key fingerprints to clipboard (both in %%SHA-256%% format seen on the message and additionally in %%MD5%% format). | Use //Copy key fingerprints to clipboard// link to copy key fingerprints to clipboard (both in %%SHA-256%% format seen on the message and additionally in %%MD5%% format). | ||
| Line 37: | Line 37: | ||
| ==== [[certified]] Certified Host key ==== | ==== [[certified]] Certified Host key ==== | ||
| - | If you've configured WinSCP to trust at least one [[ui_ssh_host_ca|certification authority for signing host keys]], then it will ask the SSH server to send it any available certified host keys. If the server sends back a certified key signed by a different certification authority, WinSCP will present this variant of the host key prompt. | + | If you've configured WinSCP to trust at least one [[ui_pref_security#authorities|certification authority for signing host keys]], then it will ask the SSH server to send it any available certified host keys. If the server sends back a certified key signed by a different certification authority, WinSCP will present this variant of the host key prompt. |
| One reason why this can happen is a deliberate attack. Just like an ordinary man-in-the-middle attack which substitutes a wrong host key, a particularly ambitious attacker might substitute an entire wrong certification authority, and hope that you connect anyway. | One reason why this can happen is a deliberate attack. Just like an ordinary man-in-the-middle attack which substitutes a wrong host key, a particularly ambitious attacker might substitute an entire wrong certification authority, and hope that you connect anyway. | ||
| Line 49: | Line 49: | ||
| ===== [[connection_refused]] Network error: Connection to "..." refused ===== | ===== [[connection_refused]] Network error: Connection to "..." refused ===== | ||
| You may get this message when connecting to a server for the following reasons: | You may get this message when connecting to a server for the following reasons: | ||
| + | * The server is down. Please talk to the server or network administrator. | ||
| * You are trying to use WinSCP for a purpose for which it is not designed. [[requirements|WinSCP needs]] an SSH or FTP server to be installed at the other end (on the machine you want to connect to). In particular, you cannot easily use it to connect to another Windows workstation, since Windows does not have an %%SSH%% or %%FTP%% server included by default. Please refer to the guide to [[guide_exchange|exchanging files over Internet]]. | * You are trying to use WinSCP for a purpose for which it is not designed. [[requirements|WinSCP needs]] an SSH or FTP server to be installed at the other end (on the machine you want to connect to). In particular, you cannot easily use it to connect to another Windows workstation, since Windows does not have an %%SSH%% or %%FTP%% server included by default. Please refer to the guide to [[guide_exchange|exchanging files over Internet]]. | ||
| * You are trying to use [[protocols|protocol]] that the server does not support. Particularly you are trying SFTP/SCP (over %%SSH%%), but the server supports %%FTP%%; or vice versa. Check selected protocol on [[ui_login#session_settings|Login dialog]]. Note that WinSCP defaults to %%SFTP%% protocol, while most other similar applications default to %%FTP%%. | * You are trying to use [[protocols|protocol]] that the server does not support. Particularly you are trying SFTP/SCP (over %%SSH%%), but the server supports %%FTP%%; or vice versa. Check selected protocol on [[ui_login#session_settings|Login dialog]]. Note that WinSCP defaults to %%SFTP%% protocol, while most other similar applications default to %%FTP%%. | ||
| * The server is running on a non-standard port. Please make sure you enter actual port number on [[ui_login|Login dialog]]. | * The server is running on a non-standard port. Please make sure you enter actual port number on [[ui_login|Login dialog]]. | ||
| * You may need to connect through a proxy server, but you have not specified one on //[[ui_login_proxy|Proxy page]]// of Advanced Site Settings dialog. | * You may need to connect through a proxy server, but you have not specified one on //[[ui_login_proxy|Proxy page]]// of Advanced Site Settings dialog. | ||
| - | * Connection was blocked by the firewall. Please refer to [[faq_connection_refused|FAQ]]. | + | * Connection was blocked by the firewall. Please refer to [[faq_connection_refused|*]] |
| Line 68: | Line 69: | ||
| ===== [[connection_timed_out]] Network error: Connection to "..." timed out ===== | ===== [[connection_timed_out]] Network error: Connection to "..." timed out ===== | ||
| + | All reasons and hints for [[message_connection_refused|"Network error: Connection refused"]] apply to this error too. | ||
| + | |||
| + | ===== [[connection_pemission_denied]] Network error: Permission denied ===== | ||
| All reasons and hints for [[message_connection_refused|"Network error: Connection refused"]] apply to this error too. | All reasons and hints for [[message_connection_refused|"Network error: Connection refused"]] apply to this error too. | ||
| Line 195: | Line 199: | ||
| To disable the stateful %%FTP%% filtering, in an Administrator command prompt, execute following command: | To disable the stateful %%FTP%% filtering, in an Administrator command prompt, execute following command: | ||
| - | <code> | + | <code batch> |
| - | netsh advfirewall set global StatefulFTP disable | + | netsh advfirewall <nohilite>set</nohilite> global StatefulFTP disable |
| </code> | </code> | ||
| Line 399: | Line 403: | ||
| * There's antivirus (or similar application) that starts inspecting the uploaded file, locking it while doing that, what conflicts with WinSCP attempt to rename the file. | * There's antivirus (or similar application) that starts inspecting the uploaded file, locking it while doing that, what conflicts with WinSCP attempt to rename the file. | ||
| - | To circumvent that, disable [[ui_pref_resume|transfer resume/transfer to temporary filename]]. | + | To circumvent that, disable transfer resume/transfer to temporary filename. |
| + | |||
| + | * In GUI, go to [[ui_pref_resume|//Preferences > Transfer > Endurance//]] and disable [[ui_pref_resume#temporary|//Transfer Resume / Transfer to Temporary Filename//]]. | ||
| + | * In scripting, use [[scriptcommand_put#resumesupport|''-resumesupport=off'' with ''put'' command]] (or other command that triggered the upload). | ||
| + | * In .NET assembly, use ''[[library_transferoptions#resumesupport|TransferOptions.ResumeSupport]]'' property. | ||
| ===== [[preserve_time_perm]] Upload of file .. was successful, but error occurred while setting the permissions and/or timestamp. If the problem persists, turn off setting permissions or preserving timestamp. Alternatively you can turn on 'Ignore permission errors' option. ===== | ===== [[preserve_time_perm]] Upload of file .. was successful, but error occurred while setting the permissions and/or timestamp. If the problem persists, turn off setting permissions or preserving timestamp. Alternatively you can turn on 'Ignore permission errors' option. ===== | ||
| Line 415: | Line 423: | ||
| When using [[scripting]], add [[scriptcommand_put#nopreservetime|''-nopreservetime'' switch]] to [[scriptcommand_put|''put'' command]]. If you are not running scripting with [[scripting#configuration|default isolated configuration]], you may also need to add [[scriptcommand_put#nopermissions|''-nopermissions'' switch]] (what is the default settings). | When using [[scripting]], add [[scriptcommand_put#nopreservetime|''-nopreservetime'' switch]] to [[scriptcommand_put|''put'' command]]. If you are not running scripting with [[scripting#configuration|default isolated configuration]], you may also need to add [[scriptcommand_put#nopermissions|''-nopermissions'' switch]] (what is the default settings). | ||
| - | With [[scriptcommand_synchronize|''synchronize'' command]], this works only when ''[[scriptcommand_synchronize#criteria|-criteria]]'' is ''none'' or ''size'' and it never works in ''both'' mode. | + | With [[scriptcommand_synchronize|''synchronize'' command]], this works only when ''[[scriptcommand_synchronize#criteria|-criteria]]'' lacks ''time'' and it never works in ''both'' mode. |
| ==== [[library]] .NET Assembly ==== | ==== [[library]] .NET Assembly ==== | ||
| Line 439: | Line 447: | ||
| </code> | </code> | ||
| - | With [[library_session_synchronizedirectories|''Session.SynchronizeDirectories'']], this works only when ''criteria'' parameter is ''SynchronizationCriteria.None'' or ''SynchronizationCriteria.Size'' and it never works when ''mode'' parameter is ''SynchronizationMode.Both'' (learn [[library_powershell#enums|enumeration syntax]] in PowerShell). | + | With [[library_session_synchronizedirectories|''Session.SynchronizeDirectories'']], this works only when ''criteria'' parameter lacks ''SynchronizationCriteria.Time'' and it never works when ''mode'' parameter is ''SynchronizationMode.Both'' (learn [[library_powershell#enums|enumeration syntax]] in PowerShell). |
| ==== In Other Languages ==== | ==== In Other Languages ==== | ||
| Line 538: | Line 546: | ||
| Though as with the most of session settings, if you have the site set up in WinSCP GUI, you can have it [[ui_generateurl#code|generate a code template]] for you, including the ''SessionOptions.SshHostKeyFingerprint''. | Though as with the most of session settings, if you have the site set up in WinSCP GUI, you can have it [[ui_generateurl#code|generate a code template]] for you, including the ''SessionOptions.SshHostKeyFingerprint''. | ||
| + | |||
| + | ===== [[method_not_found_eventwaithandle]] Method not found: 'Void System.Threading.EventWaitHandle..ctor(...)' ===== | ||
| + | |||
| + | Full message: | ||
| + | |||
| + | > Method not found: ‘Void System.Threading.EventWaitHandle..ctor(Boolean, System.Threading.EventResetMode, System.String, Boolean ByRef, System.Security.AccessControl.EventWaitHandleSecurity)’ | ||
| + | |||
| + | The exception can be represented as ''MethodInvocationException'' or ''MissingMethodException''. | ||
| + | |||
| + | The exception occurs, when you are trying to use .NET Framework build of the assembly in .NET [Core] code or from PowerShell [Core]. | ||
| + | |||
| + | You need to use .NET Standard build of the assembly, which is located in the ''netstandard2.0'' subfolder of ''WinSCP-X.X.X-Automation.zip'' package. | ||
| + | |||
| + | For details, learn about [[library_install#installing|installing the assembly]]. | ||
| ===== [[key_fingerprint_does_not_match]] SSH host key/TLS host certificate fingerprint "..." does not match pattern "..." ===== | ===== [[key_fingerprint_does_not_match]] SSH host key/TLS host certificate fingerprint "..." does not match pattern "..." ===== | ||
| Line 543: | Line 565: | ||
| You get these errors, when the SSH host key fingerprint provided to [[library_sessionoptions#sshhostkeyfingerprint|''SessionOptions.SshHostKeyFingerprint'']] or TLS host certificate fingerprint provided to [[library_sessionoptions#tlshostcertificatefingerprint|''SessionOptions.TlsHostCertificateFingerprint'']] have a wrong format. | You get these errors, when the SSH host key fingerprint provided to [[library_sessionoptions#sshhostkeyfingerprint|''SessionOptions.SshHostKeyFingerprint'']] or TLS host certificate fingerprint provided to [[library_sessionoptions#tlshostcertificatefingerprint|''SessionOptions.TlsHostCertificateFingerprint'']] have a wrong format. | ||
| - | (In [[library_powershell|PowerShell]], when setting the properties via ''-Property'' switch of [[https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/new-object|''New-Object'' cmdlet]], the error is disguised as //"The value supplied is not valid, or the property is read-only. Change the value, and then try again."//) | + | (In [[library_powershell|PowerShell]], when setting the properties via ''-Property'' switch of [[https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/new-object|''New-Object'' cmdlet]], the error is disguised by PowerShell as //"The value supplied is not valid, or the property is read-only. Change the value, and then try again."//) |
| Examples of the correct format of the fingerprints: | Examples of the correct format of the fingerprints: | ||
| Line 554: | Line 576: | ||
| Also make sure you use the same version (ideally the latest) of WinSCP both for obtaining the fingerprint in WinSCP GUI and using the fingerprint in WinSCP .NET assembly. Older versions do not support modern SHA-256 fingerprints. So the fingerprint formats may be incompatible (and less safe). | Also make sure you use the same version (ideally the latest) of WinSCP both for obtaining the fingerprint in WinSCP GUI and using the fingerprint in WinSCP .NET assembly. Older versions do not support modern SHA-256 fingerprints. So the fingerprint formats may be incompatible (and less safe). | ||
| - | A common mistake is to substitute ''SessionOptions.TlsHostCertificateFingerprint'' with ''SessionOptions.SshHostKeyFingerprint'' (or vice versa). The SSH host key is used with SSH-based protocols SFTP and FTP. The TLS host certificate is used with SSL-based protocols FTPS and WebDAVS. | + | A common mistake is to substitute ''SessionOptions.TlsHostCertificateFingerprint'' with ''SessionOptions.SshHostKeyFingerprint'' (or vice versa). The SSH host key is used with SSH-based protocols SFTP and FTP. The TLS host certificate is used with SSL-based protocols FTPS, WebDAVS and S3. |
| ===== [[path_slash_ambiguous]] Selecting files using a path ending with slash is ambiguous. Remove the slash to select the folder. Append * mask to select all files in the folder. ===== | ===== [[path_slash_ambiguous]] Selecting files using a path ending with slash is ambiguous. Remove the slash to select the folder. Append * mask to select all files in the folder. ===== | ||