Differences
This shows you the differences between the selected revisions of the page.
2020-12-02 | 2020-12-02 | ||
5.18 When connecting to new SSH host, its host key can be automatically accepted in scripting and .NET assembly (martin) | 5.18 Bug 1842: Support SHA-256 fingerprints of TLS/SSL certificates (martin) | ||
Line 20: | Line 20: | ||
| ''-==hostkey===%%"<fingerprint>"%%'' | Specifies fingerprint of expected [[ssh_verifying_the_host_key|SSH host key]] (or several alternative fingerprints separated by semicolon). It makes WinSCP automatically [[scripting#hostkey|accept host key]] with the fingerprint. Use SHA-256 fingerprint of the host key. As the host key fingerprint contains spaces you need to surround it by quotes. //Learn how to [[faq_hostkey|obtain host key fingerprint]]//. \\ Use the ''acceptnew'' keyword to make WinSCP automatically accept host key of new hosts. When this is combined with [[config#no|no configuration mode]], it forces use of registry for the host key cache. &beta_feature \\ In exceptional situations, when security is not required, you can use value ''*'' to accept any host key. In this case, script output and log file will include warning about insecure connection. \\ [[SFTP]] and [[SCP]] protocols only. | | | ''-==hostkey===%%"<fingerprint>"%%'' | Specifies fingerprint of expected [[ssh_verifying_the_host_key|SSH host key]] (or several alternative fingerprints separated by semicolon). It makes WinSCP automatically [[scripting#hostkey|accept host key]] with the fingerprint. Use SHA-256 fingerprint of the host key. As the host key fingerprint contains spaces you need to surround it by quotes. //Learn how to [[faq_hostkey|obtain host key fingerprint]]//. \\ Use the ''acceptnew'' keyword to make WinSCP automatically accept host key of new hosts. When this is combined with [[config#no|no configuration mode]], it forces use of registry for the host key cache. &beta_feature \\ In exceptional situations, when security is not required, you can use value ''*'' to accept any host key. In this case, script output and log file will include warning about insecure connection. \\ [[SFTP]] and [[SCP]] protocols only. | | ||
| ''-==clientcert===%%<file>%%'' | [[tls#client_certificate|TLS/SSL client certificate]] path. \\ [[ftps|FTPS]] and [[webdav|WebDAVS]] protocols only. | | | ''-==clientcert===%%<file>%%'' | [[tls#client_certificate|TLS/SSL client certificate]] path. \\ [[ftps|FTPS]] and [[webdav|WebDAVS]] protocols only. | | ||
- | | ''-==certificate===%%"<fingerprint>"%%'' | Specifies fingerprint of expected [[tls#certificate|TLS/SSL certificate]] (or several fingerprints separated by semicolon). It makes WinSCP automatically [[scripting#hostkey|accept certificate]] with the fingerprint. \\ In exceptional situations, when security is not required, you can use value ''*'' to accept any certificate. In this case, script output and log file will include warning about insecure connection. \\ [[ftps|FTPS]] and [[webdav|WebDAVS]] protocols only. | | + | | ''-==certificate===%%"<fingerprint>"%%'' | Specifies fingerprint of expected [[tls#certificate|TLS/SSL certificate]] (or several fingerprints separated by semicolon). It makes WinSCP automatically [[scripting#hostkey|accept certificate]] with the fingerprint. //The current stable version// supports SHA-1 fingerprints only. //In the latest beta version,// use SHA-256 fingerprint. &beta \\ In exceptional situations, when security is not required, you can use value ''*'' to accept any certificate. In this case, script output and log file will include warning about insecure connection. \\ [[ftps|FTPS]] and [[webdav|WebDAVS]] protocols only. | |
| ''-==passphrase===<phrase>'' | Passphrase for encrypted private keys and client certificates. \\ SFTP, SCP, FTPS and WebDAVS protocols only. | | | ''-==passphrase===<phrase>'' | Passphrase for encrypted private keys and client certificates. \\ SFTP, SCP, FTPS and WebDAVS protocols only. | | ||
| ''-==passive===on%%|%%off'' | Enables [[ui_login_connection#connection|passive]] (''=on'') or active (''=off'') transfer mode ([[FTP]] protocol only). | | | ''-==passive===on%%|%%off'' | Enables [[ui_login_connection#connection|passive]] (''=on'') or active (''=off'') transfer mode ([[FTP]] protocol only). | |