WinSCP fails to update PuTTY's cache with changed key

After a recent WinSCP update whenever I click on the "Open session in PuTTY" button I get the "PuTTY Security Alert" popup:


If I click on Yes I still get the same "PuTTY Security Alert" popup the next time I click on the "Open session in PuTTY" button. It never updates PuTTY's cache with the key.

This happens for 2 of my servers. But not the other 3 servers.
This happens if I'm connected in WinSCP as root or an admin user.

Thanks for your report. To what version did you update? What version were you using before? If you downgrade back, does the problem go away? What version of PuTTY are you using?

I've had the problem for a while. I think the problem started when I updated from WinSCP 6.5.1 to WinSCP 6.5.3. I'm currently using WinSCP 6.5.5

PuTTY is version 0.83

I just downgraded to WinSCP 6.5 and the problem still exists.

Then it's probably not related to WinSCP update, but rather something has changed about the servers at the same time.
Are the servers public? Can you share their hostname? (at least privately?)

With the help of claude I fixed this issue.

1. WinSCP runs in portable/INI mode, storing its host key cache in WinSCP.ini rather than the registry.
   
2. Two of my Synology NAS had stale old keys alongside the correct current keys in that INI file (semicolon-separated).
   
3. Every time WinSCP launched PuTTY, WinSCP would inject its cached keys (including the stale one) into PuTTY's registry, causing PuTTY to see a mismatch and show the warning.
   
4. Clicking Yes in PuTTY's warning would clean up the registry entry, but the stale key remained in WinSCP.ini ready to be re-injected on the next launch.
   
5. Standalone PuTTY (launched from start menu) eventually got fixed by the 6.5.6 update (or the registry cleanup I did), but WinSCP-launched PuTTY kept re-poisoning the registry from the INI file.

Sorry for my late reply.
So I assume you never actually connect to these servers with WinSCP – you only use WinSCP to launch PuTTY to connect to these servers. Is that correct?

I definitely connect to these servers with WinSCP to view and edit folders and files. But sometimes I'll open a new tab just to connect to a server to launch PuTTY.

So how does WinSCP has stale old keys?
Or does it possible have multiple keys, what PuTTY does not understand?
Can you please share an example of the registry key with such old key?

The keys are in C:\Users\Dave\AppData\Local\Programs\WinSCP\WinSCP.ini
The affected keys were in the format of
Deleting those "double key" entries (while WinSCP was closed) fixed the problem.

Thanks. I'll look into it.