[olug] Command SCP client for Windows

Will Langford unfies at gmail.com
Thu Dec 4 22:50:42 UTC 2008


On Thu, Dec 4, 2008 at 9:30 AM, Kevin <sharpestmarble at gmail.com> wrote:

> Alternatively, could you see about making the ssh server keys the
> same, as is the case when you image a server?
>

If you don't mind all the keys being the same, then it works wonderfully
with the image stuff.

If you insist on different keys and such... then you're really not gonna get
around the whole 'say yes' thing.  With putty and similar, you could create
a .reg file that you run to integrate the host finger print into the
registry for the given server.....

HKCU\Software\SimonTatham\PuTTY\SshHostKeys

At least this way you wouldn't get the 'verify host finger print' messages.

This somewhat goes back to the previous thread concerning self signed SSL
certs and similar.  The difference being that with https, people might just
want to stop the casual snooper (vs stopping an actual hijack)... and with
ssh/scp, you should indeed need to verify/trust the other side (comparing
finger prints and such).

I'd suggest making the key verification just be apart of the server/client
setup process - you undoubtedly need to boot stuff once already... it should
be easy to throw in there.  As far as locations in the field already...
it'll just require some vnc/rdp/tech-on-site stuff for each thing, eating
away at time and being tedious.... or the reg thing etc etc etc

-Will



More information about the OLUG mailing list