Personally, I would prefer it just obey .ssh/config but being able to import that config could work be workable too.
- jimbo8098
Match)? Or are you expecting WinSCP to actually use the OpenSSH config file always (i.e. to match the sessions you are opening in WinSCP)?
sftp, I get logged right in:
PS C:\Users\JimSpeir> sftp <redacted>
sftp>
sftp tries to log in with all of my SSH keys instead of just the specific one as before.
. 2026-07-03 18:45:48.051 Looking up host "<redacted>" for SSH connection
. 2026-07-03 18:45:48.132 Connecting to <redacted> port 22
. 2026-07-03 18:45:48.196 Connected to <redacted> (from 192.168.69.7:61537)
. 2026-07-03 18:45:48.263 We claim version: SSH-2.0-WinSCP_release_6.6.2
. 2026-07-03 18:45:48.264 Connected to <redacted> (from 192.168.69.7:61537)
. 2026-07-03 18:45:48.332 Remote version: SSH-2.0-AWS_SFTP_1.2
. 2026-07-03 18:45:48.333 Using SSH protocol version 2
. 2026-07-03 18:45:48.334 Have a known host key of type rsa2
. 2026-07-03 18:45:48.404 Doing ECDH key exchange with curve nistp256, using hash SHA-256
. 2026-07-03 18:45:48.514 Host key fingerprint is:
. 2026-07-03 18:45:48.514 ssh-rsa 2048 SHA256:7xHP0y0BdMjwpB4IWCQsm9WkEseCUkfT3GHVFx8Pzec
. 2026-07-03 18:45:48.524 Host key matches cached key
. 2026-07-03 18:45:48.525 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2026-07-03 18:45:48.525 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2026-07-03 18:45:48.525 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2026-07-03 18:45:48.525 Initialised HMAC-SHA-256 inbound MAC algorithm
. 2026-07-03 18:45:48.584 Agent is running. Requesting keys.
. 2026-07-03 18:45:48.606 Agent has 21 SSH-2 keys
! 2026-07-03 18:45:48.606 Using username "<redacted>>".
. 2026-07-03 18:45:48.720 Server offered these authentication methods: publickey
. 2026-07-03 18:45:48.721 Trying Agent key #0
. 2026-07-03 18:45:48.881 Server refused our key
. 2026-07-03 18:45:48.881 Server offered these authentication methods: publickey
. 2026-07-03 18:45:48.881 Trying Agent key #1
. 2026-07-03 18:45:48.960 Server refused our key
. 2026-07-03 18:45:48.960 Server offered these authentication methods: publickey
. 2026-07-03 18:45:48.960 Trying Agent key #2
. 2026-07-03 18:45:49.052 Server refused our key
. 2026-07-03 18:45:49.052 Server offered these authentication methods: publickey
. 2026-07-03 18:45:49.052 Trying Agent key #3
. 2026-07-03 18:45:49.140 Server refused our key
. 2026-07-03 18:45:49.140 Server offered these authentication methods: publickey
. 2026-07-03 18:45:49.140 Trying Agent key #4
. 2026-07-03 18:45:49.257 Server refused our key
. 2026-07-03 18:45:49.257 Server offered these authentication methods: publickey
. 2026-07-03 18:45:49.257 Trying Agent key #5
. 2026-07-03 18:45:49.341 Remote side sent disconnect message type 2 (protocol error): "Too many authentication failures"
* 2026-07-03 18:45:49.424 (EFatal) Remote side sent disconnect message
* 2026-07-03 18:45:49.424 type 2 (protocol error):
* 2026-07-03 18:45:49.424 "Too many authentication failures"
* 2026-07-03 18:45:49.424 Authentication log (see session log for details):
* 2026-07-03 18:45:49.424 Using username "<redacted>>".
* 2026-07-03 18:45:49.424
* 2026-07-03 18:45:49.424 Authentication failed.
-i was used. The ssh-agent handles the rest thanks to your recent changes.
Match directive since if WinSCP supported that, the public key is defined in one place. My personal reason is pure convenience, 1Password can be setup to automatically set these directives using the "Bookmarks" feature since this feature just writes .ssh config in the .ssh/1Password/config directory.
Match directive. Please post a session log file.
.ssh/config:
# 1Password Item: <item name>
Match Host <host> User <user>
IdentitiesOnly yes
IdentityFile ~/.ssh/1Password/<pubkey>
.ssh/config perfectly.
ProxyJump?
ProxyCommand as tunneling configurations as well.
Host Aliyun-Windows
HostName 47.94.59.xxx
User Administrator
PasswordAuthentication no
Host GXKJ-a100
HostName 12.2.20.xxx
User kdyhn_gxkj
ProxyCommand ssh -W %h:%p Aliyun-Windows
~: I have fixed this:
%HOMEPATH% that breaks it. And as it's not allowed in OpenSSH config file anyway, no point "fixing" it. With the original ~ and the above fix, it should work now too.
.ssh/config, which would be great for me, since I have lots of keys and connections configured there.
~\.ssh\keyfilename, WinSCP could not read a keyfile, I changed it to %HOMEPATH%\.ssh\keyfilename in one connection, keyfile could be read.
windows user path\.ssh\keyfilename (I wonder if this would have been the case if I installed just for the current user and not for all users?).
ssh config file would be a very fundamental and important feature for any serious user, developers, and testers.
ssh config file. I would not want to be be able to edit my ssh config from the WinSCP application to avoid unanticipated corruption.
Parsing of wildcards would be also helpful. For me it would be ideal if it would work like this:
- global configuration – location of
sshconfigfile,~/.ssh/configby default- option to use it as defaults when some value is not explicitly configured in WinSCP
- matching of entered hostname to
configentries, with wildcard support- support for things that WinSCP can easily work with, i.e.
HostName,Port,User,IdentityFile,ServerAliveInterval+ServerAliveCountMax,ProxyJump
ssh config, and convenient names set up for each. So, I pretty much live by this file, because it's a standard way to specify SSH connections.
~/.ssh/config (or the path specified by a system variable?).
ssh config file support.
web-worker-* and then use just a hostname ;)
.ssh/config as a source of easily accessible configurations, more like current import functionality.
ssh config file, ~/.ssh/config by default
config entries, with wildcard support
HostName, Port, User, IdentityFile, ServerAliveInterval + ServerAliveCountMax, ProxyJump
config?
config file is not a site manager (while some use like this). It's a pattern matching configuration file.
config?
srv-ansible the URL like sftp://srv-ansible/ should go to the right server, with the good user name, using the good id file, like OpenSSH would do ;)
...
Host ansible srv-ansible
User ebt
HostName 172.16.238.120
...