Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to use passwordless sftp in script?
Top Forums UNIX for Beginners Questions & Answers How to use passwordless sftp in script? Post 302982914 by Corona688 on Tuesday 4th of October 2016 04:54:26 PM
Old 10-04-2016
Quote:
Originally Posted by scriptor
will sftp will not work as passwordless without doing "public key authentication". ?
"interactive password authentication" means "password typed by a human being in realtime authentication" and no substitutes for human will do. This is intentional. It prevents the old-fashioned and very insecure habit of dropping important passwords in script files. No modern login method, be it ssh, su, or sudo, will accept passwords passed this way without severe coercion and exploitation.

The proper method for noninteractive authentication is passwordless, i.e. keys.
Last edited by Corona688; 10-04-2016 at 06:08 PM..
This User Gave Thanks to Corona688 For This Post:
rbatte1
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Passwordless sftp from UNIX to windows site

Hallo all , I researched many article in this forum as well as googled. But could not get any help. I request the forum to extend some help. Issue: Want to do a passwordless sftp from an unix machine to windows action taken : 1) on local unix machine ssh-keygen -t dsa 2) Next step ,... (2 Replies)
Discussion started by: konark
2 Replies

2. Shell Programming and Scripting

Passwordless SFTP

Hi, When Iam trying to do SFTP it is asking for password everytime. Can I have any alternative where I can provide the password in script itself. Because there are some control-M jobs which runs without user interaction. So please let me know the script where we can provide the password in the... (2 Replies)
Discussion started by: manneni prakash
2 Replies

3. Shell Programming and Scripting

passwordless authentication of SFTP script

Dear All I need to discuss about the problem which has been discussed so many times here. I need to transfer a file from server A to server B via passwordless SFTP script. By reading the threads on this topic here, I followed the below steps but still it's not working .. Pls find the steps... (13 Replies)
Discussion started by: uday.shankar
13 Replies

4. Shell Programming and Scripting

keypair generation for passwordless sftp

Hi, I want to establish a passwordless sftp between the two servers. I've searched the net and know the steps to be taken; which are as follows: $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (~/.ssh/id_rsa): ~/.ssh/id_rsa already... (3 Replies)
Discussion started by: dips_ag
3 Replies

5. Shell Programming and Scripting

passwordless sftp with debug options

Hi, In our project we already have a passwordless sftp with -b (batchfile) option working but there have been some new application rolled out at the client site and they want us to raise the DEBUG option somebody suggested to use following options with sftp command -oLogLevel=DEBUG... (4 Replies)
Discussion started by: dips_ag
4 Replies

6. Shell Programming and Scripting

automatic SFTP without doing passwordless key with ssh-keygen

I need to automate a file transfer thru SFTP. But I cannot do a passwordless key with ssh-keygen between the servers. Is there any other way like we do something like below in FTP??? ftp -n hostIP << EOF user userid password get filename EOF Please use code tags! (5 Replies)
Discussion started by: Vidhyaprakash
5 Replies

7. Cybersecurity

SFTP passwordless (kind of works)

Hi, I set up the keys on local and remote server. If I simply do: sftp xxx.xxx.xxx.xxx It works without asking for a password. But if I change the command to: sftp user@server it prompts me for password. Anybody know how to rectify this? Thanks a bunch. EDIT: I copied the key... (3 Replies)
Discussion started by: tetra
3 Replies

8. Shell Programming and Scripting

Passwordless SFTP - SCP Option?

I have read documentation on SCP and just trying to figure out how go about doing this - below are two pieces of code, one is SFTP and one is SCP. My goal is to have this done via password-less authentication, fully automated. Currently we use SFTP and the script asks for the password of the... (20 Replies)
Discussion started by: Stigy
20 Replies

9. Shell Programming and Scripting

Passwordless file transfer using sftp

Hello all, I have a requirement, in which we need to stage a package to Unix remote server in an automation (we cant use ssh key generation) , do u have any idea how we can transfer the package to remote server using sftp .if you have any script plz share it to me (4 Replies)
Discussion started by: Ramji Sundaram
4 Replies

10. Solaris

Passwordless sftp issue

Hello Experts, I am trying to setup passwordless sftp from one of linux box to solaris box. I have generated key-pair and below is the permissions of the respective files. drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .ssh drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .... (16 Replies)
Discussion started by: sai_2507
16 Replies

LEARN ABOUT NETBSD

pam_ssh

PAM_SSH(8)						    BSD System Manager's Manual 						PAM_SSH(8)

NAME

     pam_ssh -- authentication and session management with SSH private keys

SYNOPSIS

     [service-name] module-type control-flag pam_ssh [options]

DESCRIPTION

     The SSH authentication service module for PAM provides functionality for two PAM categories: authentication and session management.  In terms
     of the module-type parameter, they are the ``auth'' and ``session'' features.

   SSH Authentication Module
     The SSH authentication component provides a function to verify the identity of a user (pam_sm_authenticate()), by prompting the user for a
     passphrase and verifying that it can decrypt the target user's SSH key using that passphrase.

     The following options may be passed to the authentication module:

     use_first_pass  If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password
		     is used to authenticate the user.	If this fails, the authentication module returns failure without prompting the user for a
		     password.	This option has no effect if the authentication module is the first in the stack, or if no previous modules
		     obtained the user's password.

     try_first_pass  This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is
		     prompted for another password.

     nullok	     Normally, keys with no passphrase are ignored for authentication purposes.  If this option is set, keys with no passphrase
		     will be taken into consideration, allowing the user to log in with a blank password.

   SSH Session Management Module
     The SSH session management component provides functions to initiate (pam_sm_open_session()) and terminate (pam_sm_close_session()) sessions.
     The pam_sm_open_session() function starts an SSH agent, passing it any private keys it decrypted during the authentication phase, and sets
     the environment variables the agent specifies.  The pam_sm_close_session() function kills the previously started SSH agent by sending it a
     SIGTERM.

     The following options may be passed to the session management module:

     want_agent  Start an agent even if no keys were decrypted during the authentication phase.

FILES

     $HOME/.ssh/identity  SSH1 RSA key
     $HOME/.ssh/id_rsa	  SSH2 RSA key
     $HOME/.ssh/id_dsa	  SSH2 DSA key
     $HOME/.ssh/id_ecdsa  SSH2 ECDSA key

SEE ALSO

     ssh-agent(1), pam.conf(5), pam(8)

AUTHORS

     The pam_ssh module was originally written by Andrew J. Korty <ajk@iu.edu>.  The current implementation was developed for the FreeBSD Project
     by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
     (``CBOSS''), as part of the DARPA CHATS research program.	This manual page was written by Mark R V Murray <markm@FreeBSD.org>.

SECURITY CONSIDERATIONS

     The pam_ssh module implements what is fundamentally a password authentication scheme.  Care should be taken to only use this module over a
     secure session (secure TTY, encrypted session, etc.), otherwise the user's SSH passphrase could be compromised.

     Additional consideration should be given to the use of pam_ssh.  Users often assume that file permissions are sufficient to protect their SSH
     keys, and thus use weak or no passphrases.  Since the system administrator has no effective means of enforcing SSH passphrase quality, this
     has the potential to expose the system to security risks.

BSD
								 December 16, 2011							       BSD
All times are GMT -4. The time now is 11:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy