01-25-2011
Your problem wasn't similar at all, and your "solution" is completely unrelated. Whether you use expect or not it still would not have been in the PATH.
Furthermore: sftp is designed to not let you use plaintext passwords. So does any sane authentication system, such as su and sudo. It's a security feature to prevent the plaintext password being stored and transmitted with insecure methods, and to slow down brute-forcing. That you had to bludgeon sftp into doing what you wanted with the external "expect" language is a subtle hint -- in mile-high, flashing neon letters -- that you're not supposed to do that.
There's much better, passwordless, secure, reliable authentication methods that don't require an external tool hack, and you'll find them in 30 seconds if you google "passwordless ssh". The poster of this thread is in fact using them already.
10 More Discussions You Might Find Interesting
1. Solaris
I am trying to run a sript on cron to SFTP data to a company. Private and public keys are set up.
When I run this manully it works fine, however it was failing when run on cron. I have narrowed down the problem - it fails at the code that says if the error code is 0 then continue
. . . I... (2 Replies)
Discussion started by: Heidi.Ebbs
2 Replies
2. Shell Programming and Scripting
Hi,
I have a simple script that is trying to put a file that resides on a local machine to a remote machine. It runs fine manually but does not complete when scheduling to run in cron. Here is what the script looks like. Any idea what I am doing wrong here?
#!/bin/ksh
cd /path
sftp... (4 Replies)
Discussion started by: ewilson0265
4 Replies
3. Solaris
I am using a script to transfer a file from a unix host to another unix host. The code snippet for sftp in the script is as below.
sftp -oIdentityFile=$ID_FILE_NAME -oNumberOfPasswordPrompts=0 $REMOTE_USERID@$REMOTE_HOST <<EOF
cd incoming
put $REPORT_FILE... (2 Replies)
Discussion started by: msabhilash
2 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I am running simple script to automate sftp transfer to remote box. I have setup public/private keys to have sftp connect automatically and have test script that list remote directory:
#!/bin/ksh
echo "OK, starting now..."
sftp userid@host <<EOI
cd dir
ls -lt
bye
EOI... (2 Replies)
Discussion started by: r1omen
2 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I have been searching for older posts and I've found many entries with identical problems, but I was not able to find the solution (or when I thought I found it, my trial didn't worked :(). Anyway, here is my question.
I wrote a sftp.sh file that runs perfect from command line. It uses scp... (6 Replies)
Discussion started by: Kronos
6 Replies
6. UNIX for Dummies Questions & Answers
Hi Newbie here
I am having problems with automating sFTP transfers.
Just to save time - SCP is not an option as sFTP is stipulated by controllers of far end server.
Ineed to automate sFTP transfer of a single file, once a day to a remote server to which i have no control over.
I am using:... (6 Replies)
Discussion started by: robbien
6 Replies
7. Shell Programming and Scripting
Hello,
I am facing a very strange problem when I run my script manuallu ./Fetchcode which is using to connect with MKS integrity from linux end it workks fine but when I run it from cron it doesn't work.Can someone help me
1) How could I check my script when it is running from cron like... (3 Replies)
Discussion started by: anuragpgtgerman
3 Replies
8. Shell Programming and Scripting
Help. My script is working fine when executed manually but the cron seems not to catch up the command when registered.
The script is as follow:
#!/bin/sh
for file in file_1.txt file_2.txt file_3.txt
do
awk '{ print "0" }' $file > tmp.tmp
mv tmp.tmp $file
done
And the cron... (2 Replies)
Discussion started by: jasperux
2 Replies
9. Shell Programming and Scripting
Dears,
I am new to linux scripting and I was look for a way to auto login to a server using sftp to download a file.
I found one and it is working fine. But i don't know the meaning of <<EOF in the code. Any one explain it to me:
#!/bin/sh
HOST=yourservername
USER=yourusername ... (1 Reply)
Discussion started by: torabi
1 Replies
10. Shell Programming and Scripting
hi Team,
I am connecting from one (A) linux server to another(C)/any linux server by sftp
on A linux server:
sftp userid@C
password:
mget is Not working fine
I am using mget to pull the files. it shows mget as invalid command.
But from (B) Linux server to (C) /to Any server Linux... (15 Replies)
Discussion started by: johnsnow
15 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)
PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)