Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

TS

Re: commandline download...

Thomas Boss wrote:

Hi,
...
* 2007-11-21 18:49:12.875 Host key wasn't verified!
. 2007-11-21 18:49:12.875 Closing connection.
...
because i allways trust my servers.

so, what could i do to get this working?


Make a list of host keys for all of your servers, and add those host keys to WinSCP -- either through the use of an INI file, or via a registry file that you (silently?) import before firing off the WinSCP script.

I think Martin has said before, it's a gross security risk (read: Bad Idea[tm]) to blindly accept a host key without verification. That's putting all your trust in the infallibility of the network to prevent a MitM attack. In most cases the network is NOT cryptographically strong, and so it reduces the security of your ssh (weakest link, etc). If you really care so little about the security of your file transfer, plaintext FTP requires no host key caching and because it has no cryptographic overhead, may even be faster. The fact that you're sending your user account credentials in plain text is, in our hypothetical scenario, a non-issue. Or even better, use TFTP and dispense with the facade of user authentication altogether. Realize that any of these options are equivalent from a security standpoint. (Well, okay plain FTP might be worse because the user credentials revealed could potentially be used to impersonate that user elsewhere.)
Thomas Boss

commandline download...

Hi,
i try to make a unattendet commandline download with the following commandline:

WinSCP.exe /command "open xx:xx@xx" "/option batch on" "/option confirm off" "get x/x/x.txt C:\x.txt" "exit" /Log="C:\log.txt"

unfortunatly i don't get it to work. I allways get this lines in the Log:

. 2007-11-21 18:49:12.875 Asking user:
. 2007-11-21 18:49:12.875 The server's host key was not found in the cache. You have no guarantee that the server is the computer you think it is.
. 2007-11-21 18:49:12.875
. 2007-11-21 18:49:12.875 The server's rsa2 key fingerprint is:
. 2007-11-21 18:49:12.875 ssh-rsa 1024 c6:5b:58:f2:75:16:bb:3a:dd:46:70:44:f0:6c:31:45
. 2007-11-21 18:49:12.875
. 2007-11-21 18:49:12.875 If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
. 2007-11-21 18:49:12.875
. 2007-11-21 18:49:12.875 Continue connecting and add host key to the cache? ()
. 2007-11-21 18:49:12.875 Attempt to close connection due to fatal exception:
* 2007-11-21 18:49:12.875 Host key wasn't verified!
. 2007-11-21 18:49:12.875 Closing connection.

i thought with "option batch on" i turned off the "Asking user" (which is quit stupid in a commandline, or not?)

I can't store the connection (in WinSCP the connection works) because there are different connections, and it would be easyier - because i allways trust my servers.

so, what could i do to get this working?

BR
Thomas