Accepting host keys in advance

Hi Martin,

I"m trying to configure "DisableAcceptingHostKeys"=dword:00000001

I'm following these instructions:
https://winscp.net/eng/docs/administration
https://winscp.net/eng/docs/ssh_verifying_the_host_key

You say: "System administrator can restrict connection to server without having their host keys accepted in advance."

How does a System administrator accept host keys in advance?

Consider this situation:
-"DisableAcceptingHostKeys"=dword:00000001
-A new server is added to the network
-Some users need access to the new server
-The system administrator wants to add the new servers's host key to the WinSCP configuration. How would the system administrator do that without setting "DisableAcceptingHostKeys"=dword:00000000?

I hope my question make sense. Thanks :)

Thanks
Peter

Connect to the server, verify the hoskeys, and set the DisableAcceptingHostKeys afterwards.
If you need to do this on multiple machines, check what entries are added to the HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\SshHostKeys.

Thanks for the reply!

This works as a workaround, I am doing it this way currently. I was wondering if there was another way.

So I guess there is no way to know how the host key cache is encoded in the registry?

It's just a simple hex format of the key.