command line or winscp.ini key exchange threshold

Advertisement

dr_mumps
Joined:
Posts:
3

command line or winscp.ini key exchange threshold

How do I either specify the first key exchange threshold and/or defeat the "warning below" check when using WinSCP from the command line? I had to alter the server side to a "higher" level algorithm to allow my script to function.
... The first key-exchange algorithm supported by the server is diffie-hellman-group1-sha1, which is below the configured warning threshold.
Do you want to continue with this connection?...
When using the WinSCP front end, setting the Advanced Site setting, Key Exchange works fine... but only for those sessions connected via the WinSCP front end. It there a command line and/or winscp.ini parameter I can set to do the same thing?

Also, if a "YES" is answered to the above query, can WinSCP store the response in the winscp.ini so it wouldn't be prompted again?

Reply with quote

Advertisement

dr_mumps
Joined:
Posts:
3

Re: command line or winscp.ini key exchange threshold

I should also mention that I have tried the following... none of which "bypass" the warning threshold:
-rawsettings SshProt=0 ==> "SSH protocol version 1 required by our configuration but not provided by server" ... no session
-rawsettings SshProt=1 ==> "SSH protocol version 1 required by our configuration but not provided by server" ... no session
-rawsettings SshProt=2 ==> prompts Yes or No regarding the warning threshold
-rawsettings SshProt=3 ==> prompts Yes or No regarding the warning threshold

0 to 3 appear to be the options allowed for SshProt ... with "2" no longer available according to the doc's

Also tried:
-rawsettings Cipher=diffie-hellman-group1-sha1,WARN ==>
"The first key-exchange algorithm supported by the server is diffie-hellman-group1-sha1, which is below the configured warning threshold.
Do you want to continue with this connection?
(Y)es, (N)o: No"

Reply with quote

dr_mumps

Re: command line or winscp.ini key exchange threshold

FANTASTIC!.. did I just miss that rawsetting definition or was it just added? ... Doesn't matter. Thanks so much

Reply with quote

Advertisement

You can post new topics in this forum