13

How do I get WinSCP to connect to an SSH server with a private key that I specify.

I don't see the option.

Screenshot

  • For example, I have a private key I created with SSH in cygwin. (id_rsa)

    $ ls ~/.ssh -l

  -rw------- 1 user None 2602 Dec 24 17:26 id_rsa
  -rw-r--r-- 1 user None  570 Dec 24 17:28 id_rsa.pub
  -rw-r--r-- 1 user None 4562 Apr 27 08:03 known_hosts

$ cat .ssh/id_rsa

  -----BEGIN OPENSSH PRIVATE KEY-----
  b3Blb...........wcm9ib29rMQECAw==
  -----END OPENSSH PRIVATE KEY-----

    And I have already added the Public key (id_rsa.pub), to authorized_keys on the server.

Improve this question
2
  • The authentication section of WinSCP is easy to understand: it requires the password, frequently called the passphrase of the private key and its pathname. But the main section of WinSCP asks for a user name and password. If this means the username and the user password, I am confused, because I want to use SSH without a user password, for added security. Can someone unconfuse me?
    – David Spector
    Commented Jul 9 at 22:42
  • @DavidSpector I just asked Claude and it said "For key-based authentication, you can ignore the password field in the main section and focus on the Advanced settings where you specify your private key.". That makes sense. A major advantage of using keys is for quick passwordless access As for username, you will always need a username. I tend to use private key without a passphrase So Claude sounds right to me when it says "The passphrase for your private key (if you set one when creating the key)".
    – barlop
    Commented Jul 15 at 13:50

2 Answers 2

Reset to default
17

On the WinSCP Login dialog, click the Advanced button, go to SSH > Authentication, and in the Private key file box, browse for your private key file:

Screenshot

See also https://winscp.net/eng/docs/ui_login_authentication

If you do not have your key in the PuTTY .ppk format, you will need to change the file filter to All private key files; once you select the SSH key, WinSCP will offer to convert the key for you, saving a copy of the key in .ppk format.

Improve this answer
0
0

(Martin's answer is quicker than this answer)

The easiest way is to ensure you can connect in PuTTY first since it's very similar to WinSCP: Screenshot1

PuTTY requires the key to be a .ppk [Putty Private Key]

  • How to convert an RSA key (like OpenSSH uses) to a .ppk with PuTTYgen:
    1. FileLoad private key → Change to show all files
    2. Choose id_rsa to load the RSA key → FileSave private key
  • In PuTTY:
    1. ConnectionSSHAuthPrivate key file for authentication → Choose the .ppk
    2. PuTTY asks you to specify the username, which is the same username as with OpenSSH [SSH used in cygwin when executing ssh user@ip]
    3. Now put PuTTY aside, as it helps to know how to connect with PuTTY

At the WinSCP login screen, go to New Site
Screenshot

  1. File protocolSCP [file transfer over SSH]
  2. AdvancedSSHAuthenticationLoad private key → Choose .ppk created above
    Screenshot2
    PuTTYgen is used to convert an RSA key to a .ppk, which is done in the same way I described above
Improve this answer
1
  • 3
    This is unecessarilly complicated. WinSCP can convert the key for you. See my answer.
    – Martin Prikryl
    Commented Apr 27, 2021 at 9:34

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .