using fingerprint switch instead of password in script

Advertisement

Keith W
Joined:
Posts:
1

using fingerprint switch instead of password in script

Trying to set up a script to automate a nightly file transfer to an sftp server. Security precludes storing passwords in clear text in the script, so I'm trying to use the fingerprint switch as specified in this example found at https://winscp.net/eng/docs/session_url

sftp://martin;fingerprint=ssh-dss-0b-77-8b-68-f4-45-b1-3c-87-ad-5c-be-3b-c5-72-78@example.com/

I set up my script as follows:

option batch abort
option confirm off
open sftp://user;-fingerprint=<key fingerprint>@sftp.domain.org/
cd /
put filename.csv
exit

When I run the script I get this:

c:\scripts\sftp\WinSCP\winscp.com /script=<filename>.sftp /ini=nul
batch abort
reconnecttime 120
confirm off
Searching for host...
Connecting to host...
Authenticating...
Continue connecting to an unknown server and add its host key to a cache?
The server's host key was not found in the cache. You have no guarantee that the
server is the computer you think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 1024 <key fingerprint>
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
(Y)es, (N)o, C(a)ncel, (C)opy Key: Cancel
Host key wasn't verified!
Host key fingerprint is <key fingerprint>
Authentication failed.

There is no chance to select (Y)es before the script aborts with 'Authentication Failed'.

I tried running this from the WinSCP GUI and was prompted to add the key to the cache and it was successful. Subsequent connections in the GUI connect without prompting for the key. However, whenever I run the script I still get the message above and have no option to add the key fingerprint to the cache.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
40,476
Location:
Prague, Czechia

Re: using fingerprint switch instead of password in script

I cannot help you as you have removed the key from the prompt. So I cannot check that you have used correct key. It's public key, so it's not a secret.

Anyway, server's host key is not used for authentication! So, I'm afraid you do not understand what you are doing.
See https://winscp.net/eng/docs/ssh_keys

Reply with quote

Advertisement

You can post new topics in this forum