WinSCP commandline: Hostkey not found in cache error

Question

I am trying to connect to Unix server from WinSCP commandline for the first time.

It closes with the the following error:

The server's host key was not found in the cache. You have no guarantee that the server is the computer you think it is.

The server's rsa2 key fingerprint is: ssh-rsa 1024 42:9e:c7:f4:7f:8b:50:10:6a:06:04:b1:d4:f2:04:6d If you trust this host, press Yes. To connect without adding host key to the cac he, press No. To abandon the connection press Cancel.

In the WinSCP commandline, it does not ask for any input (Yes or No). It closes with Authentication failed. If I connect through the WinSCP tool, I'll get the same error. However, I'll be able to press YES.

I also know that If I add -hostkey switch in the command line, I'll be able to connect. But, I don't want pass hostkey in my batch script as I will be connecting to various servers. So, my requirement is to pass "YES" input from the commandline in case of this error. Can someone help?

Answer 1

A host key fingerprint verification is a crucial step in securing your SSH connection. Even if you are using a set of sessions with your script, it does not excuse you. The fingerprint should be part of a set of information you have for each of the sessions (in addition to a hostname, an username and a password).

Skipping the fingerprint verification means that you lose any security and there's no point using an SSH/SFTP anymore.

Anyway, if you do not care about a security, you can use the -hostkey=* switch to unconditionally accept any host key.

Further references:

• Where do I get SSH host key fingerprint to authorize the server?

• Verifying the host key