Limit failed Pageant tries

Advertisement

kitchin
Joined:
Posts:
2
Location:
Virginia

Limit failed Pageant tries

I had 6 Pageant keys loaded. I tried to log into an SFTP account that does not use keys but does have a saved password. It failed because the server disconnected after WinSCP tried 5 Pageant keys.

This may not be good default behavior.

Suggestion:

1. A new session option: limit Pageant tries to the first [3] available keys

2. A new global option: [off] skip Pageant if Private key file not specified (overrides session option "Attempt authentication using Pageant").

3. A different UI for the session option SSH/Authentication:

Authentication options
* Attempt TIS or CryptoCard Authentication (SSH-1)
* Bypass Authentication entirely (SSH-2)
* Attempt 'keyboard-interactive' authentication (SSH-2)
** Respond with password to the first prompt

Authentication key
* Private key file
* Attempt authentication using Pageant
* Limit Pageant attempts to the first [3] keys currently loaded, if key file above blank
* Allow agent forwarding

GSSAPI
...


I have many SFTP accounts, so my workaround was to use a script to edit WinSCP.ini, adding the line
TryAgent=0
to most session profiles.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
27,426
Location:
Prague, Czechia

Re: Limit failed Pageant tries

Thanks for your suggestions. Will consider them.

I have many SFTP accounts, so my workaround was to use a script to edit WinSCP.ini, adding the line
TryAgent=0
to most session profiles.
Since 5.6.x you can set the option for all (or selected) stored sites from command line like:
winscp.exe /batchsettings * TryAgent=0
See https://winscp.net/eng/docs/commandline#batchsettings

Reply with quote

Advertisement

You can post new topics in this forum