Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

Guest

use -hostkey="your key"

Use -hostkey="your key"
MuruganandhanR

Get SFTP Finger Print

private string fnGetSFTPFingerPrint()
{
    if (!ObjSFTP.UnlockComponent("CSHANMSSH_5VswUWpF4Rnk"))
        return "Unlock Component Failed.";
 
    ObjSFTP.ConnectTimeoutMs = 5000;
    ObjSFTP.IdleTimeoutMs = 10000;
    int Port = Convert.ToInt32(txtPort.Text);
    bool success;
    Chilkat.SshKey key = new Chilkat.SshKey();
 
    if (!ObjSFTP.Connect(txtHost.Text, Port))
        return "Connection Failed.";
 
 
    string privKey;
    privKey = key.LoadText(txtPrivateKeyPath.Text); //("myPrivateKey.pem");
    if (privKey == null)
        return "Connection Failed.";
    success = key.FromOpenSshPrivateKey(privKey);
 
    if (success != true)
        return "Connection Failed.";
    if (!ObjSFTP.AuthenticatePk(txtUserName.Text, key))
        return "Connection Failed.";
 
 
    if (!ObjSFTP.InitializeSftp())
        return "Initialization Failed.";
 
    string handle;
    handle = ObjSFTP.OpenDir(txtDestination.Text);
    if (handle == null)
        return "Open Dir Failed.";
 
    txtFingerKeyPrint.Text = ObjSFTP.HostKeyFingerprint;
    return ObjSFTP.HostKeyFingerprint;
}
martin

Re: "Host key not found in cache error "

@vh: Such error does not exist in WinSCP. Maybe you mean log record "Host key does not match cached key..."
You will get that if the cached host key does match. But the key still validates using the fingerprint provided in script using -hostkey. If you get different results, please start a new topic and attach a complete session log file.
vh

"Host key not found in cache error "

Just want to ask a question, if we have both, one key mentioned in the registry and other one in open command with -hostkey, will it produce any error?
In my case I have the one hostkey fingerprint hardcoded in the script while the other one present in the registry. Both are different. I want my script to execute successfully, I don't know about the one stored in registry but it gives the error "host key not found in the cache".
martin

Re: Hostkey automatic

AMH wrote:

i call this command in my program:
lanceAppli("winscp.com  /script= scp.txt")

in my scp.txt i put
...

I suppose that the space in /script= scp.txt is the problem. This way, WinSCP does not connect /script= with scp.txt. It ignores empty /script switch and tries to connect to host scp.txt.
martin

JimGriffith wrote:

Okay so forget that I said the scripting part but asking for it to save the information in the registry, in my opinion, is a valid request that other people may like to see. If I've entered the key once for a site, why should I have to continue to enter it? I've already validated that I know the key and it matches the site I'm connecting to, which I believe maintains the security. I just want to store it for future connections to that site.

But WinSCP allows that. Just not the way you are trying to do it.
AMH

sftp hostkey automatic

Now I tried this syntax but no thing is change the same message:
Recherche de l'hote.....


Host does not exist.
winscp>
JimGriffith

Try putting your option confirm off after the open statement. This is the way I do my scripts and it works for me.
open sftp://user:pass@ftp.site.com -hostkey="ssh-rsa 1024 46:62:9d:86:45:d0:b9:b2:b4:0f:61:a2:af:40:8a:ea"
option confirm off
option transfer binary
put file.txt
exit
AMH

Hostkey automatic

I call this command in my program:
lanceAppli("winscp.com  /script= scp.txt")

In my scp.txt I put:
option confirm off
open sftp://mylogin:myPW@MyIP:port -hostkey="ssh-rsa 1024 aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa"
option Transfer binary
put  filename.ext
close
exit

When i execute it i have a message :
Host does't exist.

But if i do it from DOS command, line by line:
winscp.com

winscp>option confirm off
confirm off
winscp>

it works!

Can some one help me?
JimGriffith

Okay so forget that I said the scripting part but asking for it to save the information in the registry, in my opinion, is a valid request that other people may like to see. If I've entered the key once for a site, why should I have to continue to enter it? I've already validated that I know the key and it matches the site I'm connecting to, which I believe maintains the security. I just want to store it for future connections to that site.
martin

JimGriffith: OK, that's something you absolutely should not do. You break all security in SSH by this. Of course do whatever you want to do. But do not ask me to implement support for it.
JimGriffith

Yes I am but I want to do it in scripting. After I have a transfer failure, because it's a new site and I haven't accepted the host key, I want to be able to run my process which will pull the host key from the log, connect to the site, automatically accepting the key that I've supplied, and storing what it needs in the registry for future scripting use.
martin

@JimGriffith: That does not make any sense. So either you are doing automatic script that has to run with default configuration (on any machine), without making any changes to it. Than you use -hostkey. Or you want to cache the hostkey for regular (non-automatic) use. Than you can do it from GUI or by importing the settings to registry (you can do it automatically as well). You are mixing two different things together.
JimGriffith

So that the next time I want to send to that address I don't have to specify the host key.
martin

JimGriffith wrote:

However, I noticed that even though I'm specifying the host key, it doesn't store the fingerprint in the registry. Is there another option to store that?

Why do you need that?
JimGriffith

okay I was able to get it to work this way
open sftp://user:pass@site.com -hostkey="ssh-rsa 1024 46:62:9d:86:45:d0:b9:b2:b4:0f:61:a2:af:40:8a:ea"

After it worked on one machine I tried it on another and received the "too many parameters" error. After I looked at the version on that machine I realized it was only 4.0.x and it worked once I upgraded. However, I noticed that even though I'm specifying the host key, it doesn't store the fingerprint in the registry. Is there another option to store that?
JimGriffith

Just tried that and it didn't work here's my command
open sftp:user:pass@site.com /hostkey="ssh-rsa 1024 46:62:9d:86:45:d0:b9:b2:b4:0f:61:a2:af:40:8a:ea"

Same results. Too many parameters.
martin

Re: Same issue

@JimGriffith: There is an example in documentation of open command. Basically you need to enclose the host key to quotes.
JimGriffith

Same issue

I'm having the same issue. When you do your next documentation additions, can you provide examples of how the switches and options should be used? Thanks! I've tried to put the auto accept of the host key in many places using a script file with no success so I decided to go to my command line. Here's my command
open sftp:user:pass@site.com /hostkey=ssh-rsa 1024 46:62:9d:86:45:d0:b9:b2:b4:0f:61:a2:af:40:8a:ea

When I execute this I receive a "too many parameters for command 'open'" error.

Can you, or someone who has successfully done this, provide me with an example of how and where to use this switch? And please don't tell me to go read documentation. It's obvious that I've been there and it's not helping. Thanks.
martin

Please post your script and a command you use to run WinSCP.
Guest

Yes, we tried this option, but couldn't get it to work. It was as if this option was silently ignored.
martin

Re: Need help with automatic host key acceptance

Please read documentation. If that does not help, come back.
ecarew

Need help with automatic host key acceptance

I am trying to get my copy of WinSCP 4.1.8 (Build 415) on a Windows 2003 server to run with the -hostkey option to the open command. I can't seem to get it to function. It's as if I didn't put the option in the script file at all, the program simply stops without opening up a session. Does anyone have an example of a command line that works for this feature, with this version of WinSCP?

Thanks