How to accept adding the key to the cache ?

Advertisement

eniosp
Guest

How to accept adding the key to the cache ?

Hi,

I am using the version 4.2.7 on Windows XP SP3.

I am try to run the following command.

"C:\Program Files\WinSCP\winscp.com" usr:pass@server /hostkey="ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" /console /command "Option batch abort" "cd /home/internal/test" "Put -delete ""c:\temp\File1.pdf""" "Put -delete ""c:\temp\File1.csv""" "Put -delete ""c:\temp\File1.rdy""" "close" "exit"

I have the following output:

C:\>"C:\Program Files\WinSCP\winscp.com" usr:pass@server /hostkey="ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" /console /command "Option batch abort" "cd /home/internal/test" "Put -delete ""c:\temp\File1.pdf""" "Put -delete ""c:\temp\File1.csv""" "Put -delete ""c:\temp\File1.rdy""" "close" "exit"
Searching for host...
Connecting to host...
Authenticating...
The server's host key was not found in the cache. You have no guarantee that the
server is the computer you think it is.
The server's dss key fingerprint is:
ssh-dss 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, C(a)ncel, (C)opy Key:

Is there a way to automatically accept it ?

I've tried the option bellow. But instead of continuing Cancel is chosen.

C:\>"C:\Program Files\WinSCP\winscp.com" /console /command "Option batch continue" "open sftp://usr:pass@server -hostkey=""ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx""" "cd /home/internal/test" "Put -delete ""c:\temp\File1.pdf""" "Put -delete ""c:\temp\File1.csv""" "Put -delete ""c:\temp\File1.rdy""" "close" "exit"
batch continue
Searching for host...
Connecting to host...
Authenticating...
The server's host key was not found in the cache. You have no guarantee that the
server is the computer you think it is.
The server's dss key fingerprint is:
ssh-dss 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, C(a)ncel, (C)opy Key: Cancel
Host key wasn't verified!
Authentication failed.
No session.
No session.
No session.
No session.
No session.

Many thanks

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

Re: How to accept adding the key to the cache ?

Please read documentation. If that does not help, come back.
_________________
Martin Prikryl

Reply with quote

eniosp
Guest

Re: How to accept adding the key to the cache ?

martin wrote:

Please read documentation. If that does not help, come back.

I've checked the documents but I could not make it work.

I've new tests now but I did not work:
Without batch option:
C:\>"C:\Program Files\WinSCP\winscp.com" /console /command "open sftp://usr:pass@host -hostkey=""ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx""" "close" "exit"
Searching for host...
Connecting to host...
Authenticating...
The server's host key was not found in the cache. You have no guarantee that the
 server is the computer you think it is.
The server's dss key fingerprint is:
ssh-dss 1024 eb:0d:68:30:8c:ef:2c:15:4d:b4:36:e1:51:e6:8b:fe
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, C(a)ncel, (C)opy Key:
With batch option continue:
C:\>"C:\Program Files\WinSCP\winscp.com" /console /command "Option batch continu
e" "open sftp://usr:pass@host -hostkey=""ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx""" "close" "exit"
batch           continue
Searching for host...
Connecting to host...
Authenticating...
The server's host key was not found in the cache. You have no guarantee that the
 server is the computer you think it is.
The server's dss key fingerprint is:
ssh-dss 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
If you trust this host, press Yes. To connect without adding host key to the cac
he, press No. To abandon the connection press Cancel.
Continue connecting and add host key to the cache?
(Y)es, (N)o, C(a)ncel, (C)opy Key: Cancel
Host key wasn't verified!
Authentication failed.
No session.

C:\>

Many thanks,
Enio

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

Re: How to accept adding the key to the cache ?

You need to put real key fingerprint into hostkey switch.

Reply with quote

eniosp
Guest

Re: How to accept adding the key to the cache ?

martin wrote:

You need to put real key fingerprint into hostkey switch.
Hi prikryl,

I've put it it was replaced by xx.xx. I can send you the logs without "masking".

Reply with quote

Advertisement

eniosp
Joined:
Posts:
1
Location:
Zurich

Re: How to accept adding the key to the cache ?

eniosp wrote:

martin wrote:

You need to put real key fingerprint into hostkey switch.
Hi prikryl,

I've put it it was replaced by xx.xx. I can send you the logs without "masking".

I just send an email with complete log.

Reply with quote

eniosp2
Guest

Re: How to accept adding the key to the cache ?

There is no issue here. Only the fingerprint did change.

I did not pay attention on the fingerprint value and thought there was an issue.

Thanks for the support.

Cheers,

Reply with quote

dangfitz
Guest

newbie hostkey issue

I'm getting the key has changed message. I tried -hostkey & -certificate, but I keep getting the error, "too many parameters for command 'open'."

option batch on
option confirm off
open userid:passwd@server -hostkey="ssh-rsa 1024 xx:xx:xx..."

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

Make sure you are using the latest version.
_________________
Martin Prikryl

Reply with quote

Advertisement

Dhirendra
Guest

Same problem I am aslo facing

martin wrote:

Make sure you are using the latest version.
Hi.

I am able to connect it using the C# code with private key authentication. But when I execute this via window service it giving the same error. What do we do now? Please help me, my peers are asking "why did you use this tool?". What should I pass while opening the connection.

I am using 4.3.2 version....

Thanks in advace...
Dhirendra Misra

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

Re: Same problem I am aslo facing

Dhirendra wrote:

I am able to connect it using the C# code with private key authentication. But when I execute this via window service it giving the same error.
Please read FAQ:
https://winscp.net/eng/docs/faq_scheduler
_________________
Martin Prikryl

Reply with quote

ETLEngineer
Guest

I had the same problem; if you're using SQL Server Agent to execute your job\script and receiving the following message. You must logon to the server remotely with the userid:ServerAminID and execute WinScp software, login to the ftp site, wait for prompt requesting to cache the host key; once the key is accepted you can execute thru SQL Server Agent

If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.

Continue connecting and add host key to the cache? ()

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

ETLEngineer wrote:

I had the same problem; if you're using SQL Server Agent to execute your job\script and receiving the following message. You must logon to the server remotely with the userid:ServerAminID and execute WinScp software, login to the ftp site, wait for prompt requesting to cache the host key; once the key is accepted you can execute thru SQL Server Agent

If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.

Continue connecting and add host key to the cache? ()
Correct approach would be to use -hostkey switch of open command:
https://winscp.net/eng/docs/scriptcommand_open

Reply with quote

Advertisement

LalitKukreja
Guest

Automated script works 6 out of 10 runs but fails otherwise

Hi All,

The automated script is working in 6 out of 10 runs. Below are the messages that are received in success and failure scenarios.

================================================================
Success Message:
Executed as user: AccountName\UserID C:\Windows\system32>echo offbatch abort confirm off Searching for host...Connecting to host...Authenticating...Using username "UserID". Authenticating with pre-entered password.Authenticated. Starting the session...Reading remote directory...Session started. Active session: Other details
================================================================

Now the failure message:

Message
Executed as user: AccountName\UserID. C:\Windows\system32>echo offbatch abort confirm off Searching for host... Connecting to host...Authenticating... The server's host key was not found in the cache. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: ssh-rsa XXXX xx:xx:xx:xx:xx:xx:xx:xx:xx:xx If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel. Continue connecting and add host key to the cache? (Y)es, (N)o, C(a)ncel, (C)opy Key: Cancel Host key wasn't verified! Host key fingerprint is ssh-rsa XXXX xx:xx:xx:xx:xx:xx:xx:xx:xx:xx Authentication failed.

Any help on this please?

Reply with quote

Teo D
Guest

Re: How to accept adding the key to the cache ?

Hi,

It's possible that you are running the script in a session that has no registered cache yet. Or maybe your running your script via services which will run under session 0 (in Win10 this is not accessible anymore). In any case, try doing a manual connection first using your login. Once you are connected, export the configurations to a ini file accessible for any users of the computer (try c:\temp\winscp.ini). That ini file contains the ssh finger print that is needed for the connection. For the execution of winscp.exe, add the argument /ini="[path of the ini file]". The application should work without the prompt or a need to verify the host/server.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,671
Location:
Prague, Czechia

Re: How to accept adding the key to the cache ?

Teo D wrote:

It's possible that you are running the script in a session that has no registered cache yet. Or maybe your running your script via services which will run under session 0 (in Win10 this is not accessible anymore). In any case, try doing a manual connection first using your login. Once you are connected, export the configurations to a ini file accessible for any users of the computer (try c:\temp\winscp.ini). That ini file contains the ssh finger print that is needed for the connection. For the execution of winscp.exe, add the argument /ini="[path of the ini file]". The application should work without the prompt or a need to verify the host/server.
Thanks for your post.
All this is documented in the FAQ I've linked above already:
https://winscp.net/eng/docs/faq_scheduler

Reply with quote

Advertisement

You can post new topics in this forum