Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Private / Public Key

hecktarzuli wrote:

FYI, Putty allows me to do this via command line which is why I was asking for it via WinSCP.

I guess that it was not intention of putty author to allow -pw parameter to apply to passphrases as well. It is rather side effect. It is quite obvious from the -pw option description.

Instead of passing password using -pw command, they recommend using public-key, by what I believe they mean either unencrypted private key or Pageant authentication.

Isn't the password an extra layer of security, or do you consider putting a password on a key overkill?

No I do not meant that it is overkill. It is extra layer of security to protect your private key when someone gets an access to your computer/harddisk. But only if you keep your passphare in your memory. If you keep it in WinSCP configuration on the same computer, that it has no effect.
hecktarzuli

Private / Public Key

FYI, Putty allows me to do this via command line which is why I was asking for it via WinSCP. There is little/no chance my server is spoofed since it's a server within my local network to which I have direct control over.

So you are saying the way to go is just use Private/Public Key with no password? Isn't the password an extra layer of security, or do you consider putting a password on a key overkill?
martin

Re: Private Key Login WITH Password!

The password box is for password authentication, not for private key passphrase. It would be security problem to allow the same box for both purposes. Imagine your server is spoofed and you connect to fake server. It refuses your public key and WinSCP falls back to password authentication. So it sends password to your private key to the fake server, because it is entered into password box. This is obviously somethink you would not like.

Also I do not see a reason for storing passphrase-protected private key, while saving the password into WinSCP session. You can save the private key unprotected straight with the same result.

Read the documentation.
hecktarzuli

Private Key Login WITH Password!

For some reason WinSCP grays out the password box when I tell it what Private Key to use. The problem is my Private Key is password protected, so I still get a password prompt! It would really be nice to be able to use the password box AND the Private Key feature at the same time.