Verifying the host key through scripting not working

Advertisement

Sowmya
Joined:
Posts:
10
Location:
Bangalore

Verifying the host key through scripting not working

Hi,

I am using winscp scripting feature to connect to a cluster(linux) from a vb.net application on windows. I realised that for the first time only the host key for the server needs to be verified through scripting. I used the command

open servername -hostkey="ssh-rsa 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" and it worked pretty well and asked for the userid and password and so on.

Now ,I close this session and open a new winscp session and gave a command
open servername
This does pop up a message "The server's host key was not found in teh cache" . Could you please let me know if this key is not registered yet on teh server. Should we give this key each time we log in ?

Also how to we give the certificate option here?

I tried giving teh command open ctnheng1 -certificate="=ssh-rsa 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
It did give a unrecognised command err.
Could you pelase help me on this .Its urgent.
Thanks for a wonderful tool.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
27,227
Location:
Prague, Czechia

Re: Verifying the host key through scripting not working

Sowmya wrote:

Should we give this key each time we log in ?
When the hostkey is accepted using -hostkey switch, not by manually answering the prompt, the acceptance is not permanent. So you should give the hostkey each time you login.

Also how to we give the certificate option here?

I tried giving teh command open ctnheng1 -certificate="=ssh-rsa 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
It did give a unrecognised command err.
What version of WinSCP are you using?
Also certificate have completely different format, but that should not cause the error you describe.
_________________
Martin Prikryl

Reply with quote

Sowmya
Joined:
Posts:
10
Location:
Bangalore

Tahnks for the reply. I use the Winscp4.18 version .

I understand that -hostkey should be given each time to login.
Ifs the certicate essential. Anyway its going be files transferes within the corporate network.


Thanks once again.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
27,227
Location:
Prague, Czechia

The certificate switch is supported since 4.2.2 only.
_________________
Martin Prikryl

Reply with quote

toneuk
Guest

Administrator note: Never ever do this, unless you are willing to give up on all security features of SSH protocol:

The following article demonstrates how to automatically pass the hostkey to the open command using VB.NET. The code in the article does it by trying an initial connect to the host and extracting the hostkey from the initial output. This is then used on connecting.

The article also demonstrates how to upload and download files by creating a DLL that stores WinSCP as a resource.
<invalid hyperlink removed by admin>

Reply with quote

Advertisement

You can post new topics in this forum