Then let the user to verify it and assign the verified value to the SessionOptions.SshHostKeyFingerprint property. If you want to allow a user to manually verify the host key, use the Session.ScanFingerprint method to retrieve the key fingerprint. In exceptional situations, when security is not required, such as when connecting within a trusted private network, you can use -hostkey=* or SessionOptions.GiveUpSecurityAndAcceptAnySshHostKey to blindly accept any host key. You can have WinSCP generate the script or code for you, including the -hostkey switch or SessionOptions.SshHostKeyFingerprint property. If you already have verified the host key for your GUI session, go to a Server and Protocol Information Dialog and see a Server Host key Fingerprint box. NET assembly, use SessionOptions.SshHostKeyFingerprint property. In scripting specify the expected fingerprint using -hostkey switch of an open command. NET assembly, use the same methods as described previously to obtain the host key. When writing a WinSCP script or code using WinSCP. If you need to know the fingerprint later on for other purposes, like to verify the host key on another machine, or for automation, go to a Server and Protocol Information Dialog. Once you connect, WinSCP caches the fingerprint and will ensure, that the key is unchanged every time you connect later on. from home or a client), but you have a physical access to the server site, connect from the server site the first time (e.g. For example if you plan to connect to the server from an external site (e.g. Before connecting for the first time, ensure a security of your local machine and a line to the server. If you do not have anyone else to obtain the fingerprint from, you may need to connect to the server without knowing the fingerprint. So it is not secret and can be safely sent over unencrypted (yet trusted) communication channels. Also note that the host key fingerprint is generated from a public key part of the host key only. The host key is only one and hence the same for all users. Instead you can ask anyone else who has a physical access to the server or who already knows the host key. In the real world, most administrators do not provide the host key fingerprint.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |