Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

jganzer

Re: password encryption for saved sites?

Hello Martin,

In another post you stated "Password is stored in ecrypted form to Windows registry (unless you choosed to store configuration to INI file). However the encryption is rather simple." what kind of encryption is used and where in the source files am I able to find out more about this?
martin

Re: password encryption for saved sites?

jganzer wrote:

I tested this by creating a new registry key but winscp didn't obfuscate the password at all on startup. Any idea why it did not martin?

Please post an export of your session registry key.
jganzer

Re: password encryption for saved sites?

I tested this by creating a new registry key but winscp didn't obfuscate the password at all on startup. Any idea why it did not martin?
jganzer

Re: password encryption for saved sites?

martin wrote:

You can store the password unencrypted to PasswordPlain and let WinSCP do the encryption (obfuscation really) for you:
https://winscp.net/eng/docs/custom_distribution#distributing_passwords


So if I create a registry key in the same folder as the rest of the sites, it will encrypt the password next time winscp starts? I'm getting ready for work otherwise I'd test this. I'm trying to make updating the sites as automated as possible and this encryption is the only thing I need to figure out. If people need to open winscp to change a setting then run my script then change a setting back, I'd prefer a different method. If I'm able to encrypt the passwords for winscp, please let me know. Thank you
jganzer

password encryption for saved sites?

I've been trying to find this for a while now but if I save my password for a site, mypassword, in the registry key for it gets encrypted. In the registry the password is changed to A35C7A59327F48218735313D292F392E323D31393033393E392E313328332E2F723F333135313D2C3D2F2F2B332E38084996. What type of encryption is used? I'm making a small program to create sites in WinSCP based off of a CSV file but I need to know how the password is changed. Any help would be greatly appreciated as this is the last big hurdle to accomplish.

Thank you