Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)


Topic review


Re: Example

That's how URLs works. Any URLs, anywhere. In all web browsers. In many command-line FTP/SFTP clients, like OpenSSH, curl, wget, etc.
There are standards for that.

If you do not like it, do it the way you do with mysql. There are -username and -password switches in WinSCP:
Even the article, I've linked above tells that:
To avoid having to URL-encode the credentials, particularly when sourcing them from a variable, you can use -username and -password switches of the open command or WinSCP commandline.


For example take MySQL, if you want to connect you can provide user, password and server this way:

Or otherwise you can only provide user and server this way

and the password will be prompted and you just have to enter it and it works.
Your software is the first software that I encounter that basically says:
"... if you enter user:password@server it's file BUT if you dare to enter only user@serve... well... now every "%" followed by two digits will be converted to UTF-8. Have fun finding out your new password."

I tell you, I've been working 10 years in IT and this is the first software I see, whatever the OS can be Linux/Windows/Mac that actually change the password in behalf of the way you send the command.

It's crazy, don't you think?

Can you name another software that acts like that?

Re: All good

Can you please explain what do you find strange about it?

All good

All good, you can close this topic as it works as expected.
However I find strange that you wan to keep the software behave in that way.
I still have a problem with PowerShell.
I will open another topic.

Thank you

Picture to explain

Here is the problem.
Can you see the password how it changes?

"%" in password makes login fail

I found the bug!
Yes, we have a % in the password.
In the logs I noticed that the password in plain text switched the %24 to a $.

But there is definitely a bug.

Re: .\WinSCP.exe command without password fails

Add /loglevel=* to WinSCP commandline to enable password logging and compare the logs, to check if the same password is really used in both cases. Is there any special character in the password?

I made a video

I hope this might help you see the big picture. I took a video in which you can see as the same line of code works with password but fails without password.

Even if I copy/paste the same password from the previous line the login fails.

I believe there must be a problem in the concatenation because
works while
and adding the password later when prompted it doesn't.

The same problem also affect not only the
but also the
when used with the PowerShell script you mention in your guides.

Cannot tell if it's related to
/hostkey="ssh-ed25519 255
as I cannot test it with other environments.

Let me know if you need any information.

More logs

I forgot to mention that I discovered this bug while using the PowerShell code that you put in this page

fails with error:

Error: Exception calling "Open" with "1" argument(s): "Connection has been unexpectedly closed. Server sent command exit status 0.

Authentication log (see session log for details):
Using username "user".
Access denied.

Authentication failed."


Here the logs of the successful login with password and unsuccessful login without password

I have anonymized the data.

.\WinSCP.exe command without password fails

Hello, I think I found a bug.
Steps to reproduce:

1) If I open PowerShell and pass the values user:password@server like this
.\WinSCP.exe sftp://user:password@ /hostkey="ssh-ed25519 255 eesecret2BUNg="
everything is good and I can connect to the remote server

2) If I open PowerShell and pass the values user@server like this
.\WinSCP.exe sftp://user@ /hostkey="ssh-ed25519 255 eesecret2BUNg="
a window pops up asking for password. I enter the password manually and the window says "Access denied".

I'm on version 5.17.10

Cannot tell if it's related to the hostkey ssh-ed25519 255 or if affects all key type as I only have this environment.

Thank you