Topic "Host key wasn't verified"

Author Message
FAMIUser

Guest


Hi,

i got a script to put files on a remote server but it returns the same error over and over again : " Host Key wasn't verified"

I can make my connection through the Winscp GUI but when running the script it fails every time

try
{
# Load WinSCP .NET assembly
# Use "winscp.dll" for the releases before the latest beta version.
#[Reflection.Assembly]::LoadFrom("WinSCPnet.dll") | Out-Null
[Reflection.Assembly]::LoadFrom("C:\Batch\WinSCP4\WinSCP.dll") | Out-Null

# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
$sessionOptions.Protocol = [WinSCP.Protocol]::Sftp
$sessionOptions.HostName = "193.191.216.90"
$sessionOptions.UserName = "ext_myUser"
$sessionOptions.Password = ""
$sessionOptions.SshHostKeyFingerprint = "ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
$sessionOptions.SshPrivateKeyPath = "C:\XX\XX\WinSCP4\privatekey.ppk"

$session = New-Object WinSCP.Session

try
{
# Connect
$session.Open($sessionOptions)
$remotePath = "In\All"
$localPath = "c:\FTPDATA\Production\IS\80111202\OUT\Fedopress\"
$files = ""

# Upload files
$transferOptions = New-Object WinSCP.TransferOptions
$transferOptions.TransferMode = [WinSCP.TransferMode]::Binary

$transferResult = $session.PutFiles($localPath + "\*", $remotePath, $False, $transferOptions)

# Throw on any error
$transferResult.Check()

# Print results
foreach ($transfer in $transferResult.Transfers)
{
Write-Host ("Upload of {0} succeeded" -f $transfer.FileName)
$Files = $files + $transfer.FileName + "`r`n"
}
}
finally
{
# Disconnect, clean up
$session.Dispose()
}

}
catch [Exception]
{
Write-Host $_.Exception.Message
exit 1
}

can you please advice
thanks in advance
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26572
Location: Prague, Czechia
I assume you do not set the SshHostKeyFingerprint to a correct value.

Have the GUI generate a code template for you.
https://winscp.net/eng/docs/ui_generateurl#code

See also https://winscp.net/eng/docs/faq_hostkey#automation
JakubWz

Guest


Ahoj Martine,

Apologies for re-opening this post but I feel it's relevant.

I followed your FAQ at https://winscp.net/eng/docs/faq_hostkey#automation and generated the hostkey on the Ubuntu box using: ssh-k3ygen -l -f /home/user/wftpserver/myftp_ssh.key -E MD5 to get desired output and use that output in the format within the script as follows:

"C:\WinSCP\WinSCP.exe" /log=c:\WinSCP\logs\winscp.log /command "open sftp://user:wouldyouliketoknow@mydomain.com" -hostkey="ssh-rsa 2048 MD5:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" "put "C:\Test\file.xlsx" /Data/File_%%TIMESTAMP#yyyymmddhhnnss%%.xlsx" "exit"

I even tried to copy the key from saved session I manually accepted within the WinSCP GUI and paste it in my .cmd script but it still doesn't work.

Basically, the issue is that I cannot connect automatically using the script to SSFTP (SSH 2.0) WingFTP server. I need to automate the acceptance of the hostkey as I need to deploy this to 12 other windows based machines.

From the .log I get this:

". 2017-06-15 16:28:51.290 Verifying host key ecdsa-sha2-nistp256 nistp256,0x0000000000000000 0000000000000000 000000000000000 000000000000000 ,0x0000000000000000 000000000000000 00000000000000 0000000000000000 with fingerprint ecdsa-sha2-nistp256 256 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
. 2017-06-15 16:28:51.290 Asking user:
. 2017-06-15 16:28:51.290 **Continue connecting to an unknown server and add its host key to a cache?**
. 2017-06-15 16:28:51.290
. 2017-06-15 16:28:51.290 The server's host key was not found in the cache. You have no guarantee that the server is the computer you think it is.
. 2017-06-15 16:28:51.290
. 2017-06-15 16:28:51.290 The server's ecdsa-sha2-nistp256 key fingerprint is:
. 2017-06-15 16:28:51.290 ecdsa-sha2-nistp256 256 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
. 2017-06-15 16:28:51.290
. 2017-06-15 16:28:51.290 If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
. 2017-06-15 16:28:51.290 In scripting, you should use a -hostkey switch to configure the expected host key. ()
. 2017-06-15 16:29:01.294 Attempt to close connection due to fatal exception:
* 2017-06-15 16:29:01.294 Host key fingerprint is ecdsa-sha2-nistp256 256 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00.
* 2017-06-15 16:29:01.294 (Exception) **Host key wasn't verified!**
. 2017-06-15 16:29:01.294 Closing connection.
. 2017-06-15 16:29:01.294 Sending special code: 12"
JakubWz
[View user's profile]

Joined: 2017-06-15
Posts: 1
Location: London
Ahoj Martine,

Jeste maly dodatek:

When I copied the hostkey using the GUI just to verify it's the same as using the generator on the Ubuntu box, I got this:

ecdsa-sha2-nistp256 256 00:00:0:00:00:00:00:00:00:00:00:00:00:00:00:00

Thing is if I add this to my command line in this format:

-hostkey="ecdsa-sha2-nistp256 256 00:00:0:00:00:00:00:00:00:00:00:00:00:00:00:00"

It comes up in the .log with the same error. It seems, that the connection just skipped the hostkey comparison and requires manual confirmation regardless of the -hostkey in the command line.

Thought this may help in pointing me in the right direction.

Thanks heaps!
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26572
Location: Prague, Czechia
/home/user/wftpserver/myftp_ssh.key - Are you sure this is a path to host key? Isn't it your account private key?

Please start a new thread and post a complete session log file.
Advertisements

You can post new topics in this forum






Search

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License