Differences
This shows you the differences between the selected revisions of the page.
2014-11-30 | 2015-02-08 | ||
Restored revision 1402641346. Undoing revision 1417365354. (martin) (hidden) | no summary (Petr) | ||
Line 5: | Line 5: | ||
This is a feature of the SSH protocol. It is designed to protect you against a network attack known as spoofing: secretly redirecting your connection to a different computer, so that you send your password to the wrong machine. Using this technique, an attacker would be able to learn the password that guards your login account, and could then log in as if they were you and use the account for their own purposes. | This is a feature of the SSH protocol. It is designed to protect you against a network attack known as spoofing: secretly redirecting your connection to a different computer, so that you send your password to the wrong machine. Using this technique, an attacker would be able to learn the password that guards your login account, and could then log in as if they were you and use the account for their own purposes. | ||
+ | |||
+ | ~~AD~~ | ||
To prevent this attack, each server has a unique identifying code, called a host key. These keys prevent a server from forging another server's key. If you connect to a server and you receive an unexpected host key, WinSCP can warn you that the server may have been switched and that a spoofing attack might be underway. | To prevent this attack, each server has a unique identifying code, called a host key. These keys prevent a server from forging another server's key. If you connect to a server and you receive an unexpected host key, WinSCP can warn you that the server may have been switched and that a spoofing attack might be underway. | ||
Line 21: | Line 23: | ||
Once the key is verified, you can see it during all future sessions on [[ui_fsinfo|Server and Protocol Information Dialog]]. | Once the key is verified, you can see it during all future sessions on [[ui_fsinfo|Server and Protocol Information Dialog]]. | ||
+ | |||
+ | ~~AD~~ | ||
===== Automating Host Key Verification ===== | ===== Automating Host Key Verification ===== |