sftp script 1

[saltbits]

i am trying to do a simple sftp put. i want it to not prompt for password. searching on the net, i get more info about how to keep the password secure and less about out to do it the lazy-easy way cos i really am not concerned about password security right now. how do i do it with hardcoded password in the same script file?

thanks a lot for any help.

 

[nawlej]

have you tried:

(sleep 5;echo $password) | sftp $hstname ???

___________________________________
[morse]--... ...--[/morse], Eric.

 

[saltbits]

thanks, nawlej.

i just tried that but doesnt seem to help. i am pretty new to ftp/sftp and dont know where i am wrong....

 

[nawlej]

give me a rundown about what your ftp server asks for when you connect to it?

___________________________________
[morse]--... ...--[/morse], Eric.

 

[saltbits]

Here is my script:

#!/bin/sh
host='host01'
user='user01'
pwd='pass01'
OLDFILE='f1.txt'
NEWFILE='f2.txt'

sftp $host <<END_SCRIPT
put $OLDFILE $NEWFILE
quit
END_SCRIPT
exit 0

And here is what it asks when i run it:
Connecting to host01...
user01@host01's password:

Then when I type the password in:
Uploading happens successfully.

I have tried using quote and the sleep method you suggested. All of them still prompt for the password.

 

[nawlej]

I know in the good old days of ftp, you could do:

ftp -i -v -n servername <<ENDFTP

user hoss password
binary
ls
bye
ENDFTP


It appears with sftp's authentication mechanism, the passwords are a little harder to exchange.

Now, you have to configure the server ahead of time to consider the source trusted. Use the following steps to make that happen:


create the keys for the origin account, i.e. the account that performs the copy:
$ cd ~/.ssh
$ ssh-keygen -t dsa
You are asked for a passphrase, do not enter a passphrase, type <RET> for empty passphrase.

verify the creation of the 2 files:
~/.ssh/id_dsa
~/.ssh/id_dsa.pub

copy ~/.ssh/id_dsa.pub to the destination node

login into the destination node and verify if file ~/.ssh/authorized_keys is already present, if not do:
$ cd ~/.ssh
$ mv id_dsa.pub authorized_keys

Verify ~/.ssh/authorized_keys and add/replace id_dsa.pub as needed.


Then, run your sftp with a -b extension. This will put it in batch mode and allow it to draw its commands from a text, or batchfile. You need to specify the batch filename after -b.

___________________________________
[morse]--... ...--[/morse], Eric.

 

[saltbits]

nawlej,

although i dont know what all this means, i am going to try it and will return to say how it went. thanks a bunch for the detailed help.

 

[nawlej]

That procedure will basically just make the computer you transfer from trusted to the destination, and will require you not to have to use a password.

___________________________________
[morse]--... ...--[/morse], Eric.

 

[saltbits]

nawlej,
i see what you mean and i also got it to work.
thanks again.

 

[saltbits]

one final Q, nawlej, if you still come back to this thread:

suppose the destination server already has an authorized_keys file, would we simply appened the contents of our id_dsa.pub to it?? unfortunately, i cant test this myself until we go to production but would like to be armed with the info...

 

[nawlej]

suppose the destination server already has an authorized_keys file, would we simply appened the contents of our id_dsa.pub to it?? unfortunately, i cant test this myself until we go to production but would like to be armed with the info...

Yes, absolutely correct. The contents get appended to a new line in authorized_keys.

___________________________________
[morse]--... ...--[/morse], Eric.

 

[saltbits]

thanks, nawlej.

 

[chaffend]

I have tried this procedure on Solaris 8 but have had no luck, it still asks me for a password. Is there anything else I need to do?