This is an old revision of the document!

Documentation » Features »

Scripting and Task Automation

This article contains detailed description of scripting/automation functionality. You may want to see simplified guide to the functionality instead.

In addition to graphical interface, WinSCP offers scripting/console interface with many commands. The commands can be typed in interactively, or read from script file or another source.

Using scripting interface directly is recommended for simple tasks not requiring any control structures. For complex tasks, using WinSCP .NET assembly is preferred.

Advertisement

Verifying the Host Key or Certificate in Script

The first connection to an SSH server requires verification of the host key. To automate the verification in script, use -hostkey switch of open command to accept the expected host key automatically.

Advertisement

You can find the key fingerprint on Server and Protocol Information Dialog. You can also copy the key fingerprint to clipboard from the confirmation prompt on the first (interactive) connection using Copy key fingerprints to clipboard command (in the script, use SHA-256 fingerprint of the host key only). Learn more about obtaining host key fingerprint.

FTPS/WebDAVS TLS/SSL certificate signed by untrusted authority may also need to be verified. To automate the verification in script, use -certificate switch of open command to accept the expected certificate automatically.

Running a Script under a Different Account (e.g., Using a Scheduler)

If you are going to run the script under a different account (for example using the Windows Task Scheduler), make sure the script does not rely on a configuration settings that might differ on the other account. When using registry as configuration storage, the settings are accessible only for your Windows account. Ideally, make sure the script does not rely on any external configuration, to make it completely portable. Note that the configuration also includes verified SSH host keys and FTPS/WebDAVS TLS/SSL certificates.

For details, see the next section and Why WinSCP does not work in a new environment (operating system, machine, user account, network), when it works for me in a different environment already?

Sharing Configuration with Graphical Mode

In scripting/console mode, WinSCP shares configuration with graphical mode by default. While this can be useful in some cases, it can also be a disadvantage.

The disadvantage is that change to configuration in graphical mode may break your script (common example is enabling Existing files only option for synchronization). Also the script is not portable to other machines, when it relies on an external configuration.

If you want to protect your script from such inadvertent change or if you want to make the script portable, you should isolate its configuration from graphical mode explicitly.

The best way to do that is to configure all the options you need using script commands only (option command, switches of other commands, session URL), or if no such command is available, using raw site settings and raw configuration. Finally force scripting mode to start with the default configuration using /ini=nul command-line parameter.

Alternatively export your configuration to a separate INI file and reference it using /ini= command-line parameter. Also consider setting the INI file read-only, to prevent WinSCP writing to it, when exiting. Particularly, if you are running multiple scripts in parallel, to prevent different instances of WinSCP trying to write it at the same time.

Generating Script

You can have WinSCP generate a script template for you.

Example

In the example below, WinSCP connects to example.com server with account user, downloads file and closes the session. Then it connects to the same server with the account user2 and uploads the file back. 

# Connect
open sftp://user:password@example.com/ -hostkey="ssh-rsa 2048 xxxxxxxxxxx..."
# Change remote directory
cd /home/user
# Download file to the local directory d:\
get examplefile.txt d:\
# Disconnect
close
# Connect as a different user
open sftp://user2:password@example.com/
# Change the remote directory
cd /home/user2
# Upload the file to current working directory
put d:\examplefile.txt 
# Disconnect
close
# Exit WinSCP
exit

Advertisement

Save the script to the file example.txt. To execute the script file use the following command. 

winscp.com /ini=nul /script=example.txt

For simple scripts you can specify all the commands on command-line using /command switch: 

winscp.com /ini=nul /command "open sftp://user:password@example.com/ -hostkey=""ssh-rsa 2048 xxxxxxxxxxx...""" "get examplefile.txt d:\" "exit"

In Windows batch file, you can use ^ to split too long command-line to separate lines by escaping following new-line character: 

winscp.com /ini=nul /command ^
    "open sftp://user:password@example.com/ -hostkey=""ssh-rsa 2048 xxxxxxxxxxx...""" ^
    "get examplefile.txt d:\" ^
    "exit"

See other useful example scripts.

Converting Script to Code Based on .NET Assembly

When you find yourself limited by scripting capabilities, you may consider converting your script to code that uses WinSCP .NET assembly.

Further Reading

Last modified: by 174.229.180.93

Documentation

Support

Associations

Follow Us