Topic "using fingerprint switch instead of password in script"

Author Message
Keith W
[View user's profile]

Joined: 2015-04-21
Posts: 1
Trying to set up a script to automate a nightly file transfer to an sftp server. Security precludes storing passwords in clear text in the script, so I'm trying to use the fingerprint switch as specified in this example found at https://winscp.net/eng/docs/session_url

sftp://martin;fingerprint=ssh-dss-0b-77-8b-68-f4-45-b1-3c-87-ad-5c-be-3b-c5-72-78@example.com/

I set up my script as follows:

option batch abort
option confirm off
open sftp://user;-fingerprint=<key fingerprint>@sftp.domain.org/
cd /
put filename.csv
exit

When I run the script I get this:

c:\scripts\sftp\WinSCP\winscp.com /script=<filename>.sftp /ini=nul
batch abort
reconnecttime 120
confirm off
Searching for host...
Connecting to host...
Authenticating...
Continue connecting to an unknown server and add its host key to a cache?
The server's host key was not found in the cache. You have no guarantee that the
server is the computer you think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 1024 <key fingerprint>
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
(Y)es, (N)o, C(a)ncel, (C)opy Key: Cancel
Host key wasn't verified!
Host key fingerprint is <key fingerprint>
Authentication failed.

There is no chance to select (Y)es before the script aborts with 'Authentication Failed'.

I tried running this from the WinSCP GUI and was prompted to add the key to the cache and it was successful. Subsequent connections in the GUI connect without prompting for the key. However, whenever I run the script I still get the message above and have no option to add the key fingerprint to the cache.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
I cannot help you as you have removed the key from the prompt. So I cannot check that you have used correct key. It's public key, so it's not a secret.

Anyway, server's host key is not used for authentication! So, I'm afraid you do not understand what you are doing.
See https://winscp.net/eng/docs/ssh_keys
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License