Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

Mace

Re: StrictHostKeyChecking?

martin wrote:

So user would be able to manually store the keys to the "cache", would he? Where do you want to have your option? In HKEY_LOCAL_MACHINE, so it cannot be cleared by the user?


That seems to be a very good idea, maybe under HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\WinSCP 2\ ...
But that is really up to you.
Thank you very much!
martin

Re: StrictHostKeyChecking?

So user would be able to manually store the keys to the "cache", would he? Where do you want to have your option? In HKEY_LOCAL_MACHINE, so it cannot be cleared by the user?
Guest

Re: StrictHostKeyChecking?

martin wrote:

Can you tell me what do you want, instead of referring to options of other SSH implementations?


The feature I request is the option to strictly prohibit the connection to unauthorized/unknown hosts.
Under Linux this equals the option mentioned above, where a client can store public host keys in .ssh/known_hosts and can exclusively connect to this hosts when the option "StrictHostKeyChecking yes" is placed inside the ssh_config.
There should be the possibility to prohibit a client connection to hosts not stored in a pre-configured option file under [SshHostKeys] (alternatively: the Windows registry).
At the moment/by default, this option seems to be set to "ask" in WinSCP, where an incautious user just can click on "Accept".
martin

Re: StrictHostKeyChecking?

Can you tell me what do you want, instead of referring to options of other SSH implementations?
Mace

StrictHostKeyChecking?

How can the ssh option "StrictHostKeyChecking yes" be activated in WinSCP?
Using the ini file option the accepted host keys are stored under [SshHostKeys], but I cannot find any option to change the default value "StrictHostKeyChecking ask".