I've created a service account for a scheduled task on our 2008R2 server. The task runs a PowerShell script, which will, among other things, download an archive from a Linux server every time it is run using PuTTY's PSCP.
However, it does not work, since the service account has never connected to that server before, and does not know its host key. Reading the manual and searching, it turns out that these keys are stored in the registry, under HKEY_USERS\<SID>\Software\SimonTatham\PuTTY\SshHostKeys.
But here is the problem: since it is not allowed local login, the service account does not have a local profile, so it does not have an entry in HKEY_USERS.
How can this be fixed? I doubt it'd be a very good idea to just create the SID key under HKEY_USERS, but there must be some workaround? Could I put this in some default user key?
Best Answer
Ideally, direct support in PuTTY for a command line option to "pre accept" a host key or turn off host key checking altogether would be the easiest solution. However, it doesn't look like that feature will be here anytime soon.
However, you've already got a powershell script running that should be capable of writing to it's own HKEY_CURRENT_USER registry hive. And I assume the host key of your linux server isn't changing that often. So why not just have the powershell script write the appropriate value to the registry before it starts making the pscp calls?
You find the {name} and {value} from another user's session who has already accepted the key.
HKEY_USERS\<SID>is the same as the root ofHKEY_CURRENT_USERfor the user who matches that SID. So as long as you referenceHKEY_CURRENT_USERfrom both accounts, the path to the host keys should be the same.