Respond y(es) to psftp host key prompt
Solution 1
I ended up adding the key to cache by entering 'y' to the prompt. I had to do it only once, and after that no more prompts, it works good.
Solution 2
I had the same problem with running a unattended script in Windows Server 2008's 'sandbox' like environment. I ended up running the following which enters the y
at the prompt for you:
echo y | psftp [email protected] -l username -pw password -b psftpscript.txt
Hope this helps!
Note: I only had to run the echo y once and removing it for the 2nd run didn't ask for the key to be cached anymore.
Solution 3
When you run it the first time, it will show you your key for the server. Copy the key and then on your command line, specify your host key like this:
psftp example.com -hostkey 06:15:d4:3b:e4:e8:23:c0:d6:6d:45:47:7e:bd:8d:74 -l yourusername -pw yourpassword -batch
Solution 4
You can create a file as input containing just a y and carriage return then run
psftp [email protected] -pw password -b psftpscript.txt < filename.txt
Thanks to James from http://www.sqlservercentral.com/Forums/Topic281954-9-1.aspx for such a simple solution
Solution 5
This doesn't answer your question directly, but provides a possible workaround:
Launch a command prompt as the user who will be running your script and manually accept the certificate. Then upon future connections, you won't have the issue.
Given your need, beyond what has been stated, this may or may not work. I came to this question with the same problem and ended up resolving it using the approach I've just described.
Related videos on Youtube
coder
As of Sep 2011, I'm working with C#, Silverlight 4, WCF, objective-c
Updated on July 09, 2022Comments
-
coder almost 2 years
I am creating a script file programmatically and call
psftp.exe
as follows:psftp [email protected] -pw password -b psftpscript.txt
but it prompts for user input
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: [ssh-rsa 1024 somekey] If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n)
I need it to be completely prompt free, automatic. I tried -batch parameter but it just abandons the connection
-
Michael Haren almost 11 yearsNote: if you echo
n
instead you will get more consistent behavior. You will still continue with the connection, but the key won't be cached. It will ask you for it every time. -
ya23 over 10 years-1: this is not fully automatic: prompt is shown first time the connection is open. If somebody happens to clear cache, your program will break. Relying on this not happening is bad!
-
Whome about 10 yearsWorks as expected an uninterrupted file upload without user interaction. I even tested manually once accepted a key. Script file "echo n | psftp.exe ..." still works.
-
VISQL almost 9 yearsDidn't work for me if I have that echo command in a batch (.bat) file preceding the call to psftp. I run the .bat from the command prompt.
-
bob over 8 yearsThis solution just skips the security afforded by the key in the first place. See the answer from @ReeveStrife for the best solution.
-
Брайков over 7 yearsNote that context user should have permission to write into registry
-
Martin Prikryl about 6 yearsDo not suggest anyone to blindly accept a host key of an SSH server without explaining security consequences! You lose a protection against MITM attacks by doing so.
-
Martin Prikryl about 6 yearsDo not suggest anyone to blindly accept a host key of an SSH server without explaining security consequences! You lose a protection against MITM attacks by doing so.
-
Martin Prikryl about 6 yearsDo not suggest anyone to blindly accept a host key of an SSH server without explaining security consequences! You lose a protection against MITM attacks by doing so.
-
FuzzyAmi about 6 years@MartinPrikryl - while you're completely right about this, shouldn't your comment go in the question? isnt this exactly what the asker asked for?
-
Martin Prikryl about 6 yearsOP asked for "prompt free" solution. As @Gerrie's answer shows, there's a prompt free solution, that still secure.
-
Martin Prikryl over 3 years@ya23 Verification of the host key must be a manual process. Trying to automate that is bad! Using
-hostkey
switch as seen in the answer by @Gerrie is definitely better than caching the key. But this answer is still better that most the others that blindly accept any host key.