Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Passwordless SFTP - SCP Option?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Passwordless SFTP - SCP Option?
# 1  
Old 07-23-2012
Passwordless SFTP - SCP Option?
I have read documentation on SCP and just trying to figure out how go about doing this - below are two pieces of code, one is SFTP and one is SCP. My goal is to have this done via password-less authentication, fully automated. Currently we use SFTP and the script asks for the password of the account we are connecting to, but we are trying to skip that.

Code:
# Connect to SFTP
echo ""
sftp -b /dev/stdin ${INPUT_APP_LOW}proc@$(hostname) <<EOF
cd $BATCHFILEPATH
lcd /home/etladmin/deploy/$INPUT_APP_LOW/KSH
put $SHELLSCRIPT
chmod 755 $SHELLSCRIPT
quit
EOF

Code:
# Use SCP instead of SFTP
cd /home/etladmin/deploy/$INPUT_APP_LOW/KSH
scp $SHELLSCRIPT ${INPUT_APP_LOW}proc@$(hostname):$BATCHFILEPATH
chmod 755 $BACTCHFILEPATH/$SHELLSCRIPT

Can anyone let me know if my SCP code is correct? Also is there a good link on how to setup password-less authentication so that either SFTP or SCP requires no user input at all.
# 2  
Old 07-23-2012
The code looks OK, but without knowing the values of the variables, how can we know for sure? (I would just say that you're scp'ing a file to a remote server, then chmod'ing it locally).

I'd be surprised if you Googled "password-less authentication using SSH" and didn't get a good answer.
# 3  
Old 07-23-2012
Quote:
Originally Posted by Scott
The code looks OK, but without knowing the values of the variables, how can we know for sure? (I would just say that you're scp'ing a file to a remote server, then chmod'ing it locally).

I'd be surprised if you Googled "password-less authentication using SSH" and didn't get a good answer.
I will take a look at Google to see if I can come up with something that helps.

Basically we are SCPing a file onto the same server, just with a different account as the files are owned by (app)proc and we are logged in with the application account that initiates the launch of the script.

Is this the proper way to move files owned by a different account or is there something else we should be doing to have this as the end result?
# 4  
Old 07-23-2012
OK Smilie It's a very common question, which is why I suggested searching it.

Logged into a server as the user I want to connect from, generate an SSH key (if one doesn't already exist).

Put it in the authorised keys file of the user on the server I want to connect to.

ssh on virtual box (4.0.4)
# 5  
Old 07-25-2012
I tried to set it up based on that thread and got the following when I try to ssh/scp into the other account on the server.

Any idea what might be causing this?

Quote:
ssh -v edwproc@SERVER
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090705f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to SERVER [148.112.76.106] port 22.
debug1: Connection established.
debug1: identity file /home/etladmin/.ssh/identity type -1
debug1: identity file /home/etladmin/.ssh/id_rsa1 type -1
debug1: identity file /home/etladmin/.ssh/id_rsa type 1
debug1: identity file /home/etladmin/.ssh/id_rsa2 type -1
debug1: identity file /home/etladmin/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: cs-CZ,de,de-AT,de-CH,de-DE,de-LU,en-CA,en-GB,en-IE,en-US,es,es-MX,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,hu-HU,nl-BE,nl-NL,pl,pl-PL,cz,hu,nl,sk-SK,i-default
debug1: Peer sent proposed langtags, stoc: cs-CZ,de,de-AT,de-CH,de-DE,de-LU,en-CA,en-GB,en-IE,en-US,es,es-MX,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,hu-HU,nl-BE,nl-NL,pl,pl-PL,cz,hu,nl,sk-SK,i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 127/256
debug1: bits set: 1658/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'SERVER' is known and matches the RSA host key.
debug1: Found key in /home/etladmin/.ssh/known_hosts:2
debug1: bits set: 1549/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
........................................................................

This system is for the use of authorized users only.
Individuals using this computer system without authority, or in
excess of their authority, are subject to having all of their
activities on this system monitored and recorded by system
personnel.

In the course of monitoring individuals improperly using this
system, or in the course of system maintenance, the activities
of authorized users may also be monitored.

Anyone using this system expressly consents to such monitoring
and is advised that if such monitoring reveals possible
evidence of criminal activity, system personnel may provide the
evidence of such monitoring to law enforcement officials.

........................................................................

debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Trying private key: /home/etladmin/.ssh/identity
debug1: Trying private key: /home/etladmin/.ssh/id_rsa1
debug1: Trying public key: /home/etladmin/.ssh/id_rsa
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying private key: /home/etladmin/.ssh/id_rsa2
debug1: Trying private key: /home/etladmin/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
# 6  
Old 07-25-2012
What exactly did you do when you set up the keys?
# 7  
Old 07-25-2012
Quote:
Originally Posted by Corona688
What exactly did you do when you set up the keys?
Basically followed these directions, found via Google (tried authorized_keys and authorized_keys2, based on different results)

Code:
etladmin@SERVER> ssh-keygen -t rsa
etladmin@SERVER> cat .ssh/id_rsa.pub | ssh edwproc@SERVER 'cat >> /home/edwproc/.ssh/authorized_keys'
etladmin@SERVER> cat .ssh/id_rsa.pub | ssh edwproc@SERVER 'cat >> /home/edwproc/.ssh/authorized_keys2'

It says at this point a request to ssh edwproc@SERVER should auto-connect and not prompt for a password, which it does as per the above post.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

How to use passwordless sftp in script?

Hi I am trying to do SFTP in shell script in such a way that it should not ask for password. for this is use below script but it prompt for password. here I am not abled to understand where I am making mistake. #!/bin/bash # SFTP TO remote server USER="ITO" PASSWORD="abcd@1234"... (4 Replies)
Discussion started by: scriptor
4 Replies

2. Shell Programming and Scripting

SUEXEC with passwordless option

Hi, I am using the below command in suexec -u webuser /local/Tomcat7//0/tc7u/tomcat7.sh status But it prompts for the password of executing user. Let me know if any options available for passwordless or supplying password in script. (0 Replies)
Discussion started by: pravinbtech
0 Replies

3. UNIX for Dummies Questions & Answers

Passwordless SSH works, scp does not

I know the "how to setup passwordless SSH" question is asked probably 5 times a week. I know how to setup passwordless SSH, it's not tough, however after reinstalling linux on my server, I found a problem. I could SSH into my server just fine, no password required, however SCP still required a... (4 Replies)
Discussion started by: corrado33
4 Replies

4. Solaris

Passwordless sftp issue

Hello Experts, I am trying to setup passwordless sftp from one of linux box to solaris box. I have generated key-pair and below is the permissions of the respective files. drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .ssh drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .... (16 Replies)
Discussion started by: sai_2507
16 Replies

5. Shell Programming and Scripting

Passwordless file transfer using sftp

Hello all, I have a requirement, in which we need to stage a package to Unix remote server in an automation (we cant use ssh key generation) , do u have any idea how we can transfer the package to remote server using sftp .if you have any script plz share it to me (4 Replies)
Discussion started by: Ramji Sundaram
4 Replies

6. Cybersecurity

SFTP passwordless (kind of works)

Hi, I set up the keys on local and remote server. If I simply do: sftp xxx.xxx.xxx.xxx It works without asking for a password. But if I change the command to: sftp user@server it prompts me for password. Anybody know how to rectify this? Thanks a bunch. EDIT: I copied the key... (3 Replies)
Discussion started by: tetra
3 Replies

7. Shell Programming and Scripting

passwordless sftp with debug options

Hi, In our project we already have a passwordless sftp with -b (batchfile) option working but there have been some new application rolled out at the client site and they want us to raise the DEBUG option somebody suggested to use following options with sftp command -oLogLevel=DEBUG... (4 Replies)
Discussion started by: dips_ag
4 Replies

8. Shell Programming and Scripting

keypair generation for passwordless sftp

Hi, I want to establish a passwordless sftp between the two servers. I've searched the net and know the steps to be taken; which are as follows: $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (~/.ssh/id_rsa): ~/.ssh/id_rsa already... (3 Replies)
Discussion started by: dips_ag
3 Replies

9. Windows & DOS: Issues & Discussions

Passwordless SCP for windows

Hi, I installed OpenSSH for Windows v3.8.1 on a Windows Server 2003 R2. From my pc (which is running windows XP), I can run commands like scp to the server. But its prompting me for a password. I googled some more and found out about the public/private keys which i set up. But... (2 Replies)
Discussion started by: wala_lang
2 Replies

10. Shell Programming and Scripting

Passwordless SFTP

Hi, When Iam trying to do SFTP it is asking for password everytime. Can I have any alternative where I can provide the password in script itself. Because there are some control-M jobs which runs without user interaction. So please let me know the script where we can provide the password in the... (2 Replies)
Discussion started by: manneni prakash
2 Replies
Login or Register to Ask a Question