Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

SSH shell script to access FTP over explicit TLS/SSL

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting SSH shell script to access FTP over explicit TLS/SSL
# 1  
Old 06-11-2013
SSH shell script to access FTP over explicit TLS/SSL
Hello,

I use the following SSH script to upload *.jpg files via FTP:

Code:
#!/usr/bin/expect
set timeout -1
spawn ftp -v -i [ftp server]
expect "[some word on the last line of server response]"
send "[login]\r"
expect "Password:"
send "[password]\r"
expect "ftp>"
send "mput *.jpg\r"
expect "ftp>"
send "quit\r"

[...] replaced with actual ftp server/account data.

Now I want to modify this script to do the same for FTP over explicit TLS/SSL Smilie

Any ideas?
Moderator's Comments:
Mod Comment Please use CODE tags when displaying code, sample input file contents, and expected output.
Last edited by Don Cragun; 06-11-2013 at 04:54 AM.. Reason: Add code tags
# 2  
Old 06-11-2013
You will need a ftp-client that is able to connect via FTPS. The man-page of your ftp-client should tell you if its possible.
A client that can talk TLS/SSL is lftp.
# 3  
Old 06-11-2013
Sorry if I wasn't clear:

I use the SSH script to transfer jpg files from a remote hosting server to ftp servers. I access the hosting server via SSH client and run the script to initiate the ftp file transfer. Works well. However, now I need to do the same with a FTP server over explicit TLS/SSL.

When I just replace
Code:
spawn ftp ...

for
Code:
spawn lftp ...

it derails the script. I don't know why and how to modify the script accordingly...
Last edited by mrpi007; 06-11-2013 at 05:13 AM..
# 4  
Old 06-11-2013
lftp is an external program you'll have to install on the hosting server if you wish to use it. There are other clients out there that speak ftps, but I found lftp to be the easiest to use.
It is scriptable, so no need to use expect. If you switch to lftp your script could look like this:
Code:
/path/to/lftp -u [login],[password] ftp://[ftp server] <<EOF
# the next 2 lines put you in ftpes mode
set ftp:ssl-force true
set ftp:ssl-protect-data true
mput *.jpg
exit
EOF

# 5  
Old 06-11-2013
lftp is not a drop-in replacement for ftp, but may serve your purposes anyway.
# 6  
Old 06-11-2013
Thank you cero & corona,

lftp is a big step forward. Found my host has it installed by default, anyway. Very nice.

I found that the ssl certificate the ftp server I want to connect to is outdated. So I had to add the line
Code:
set ssl:verify-certificate no

to the script. It logs in the ftp server no problems and attempts to transfer file but doesn't succeed. Here's what I get with debug option:
Code:
---> PASV
<--- 227 Entering Passive Mode ([...ip...]).
---- Connecting data socket to ([...ip...]) port 49556
**** Socket error (Connection timed out) - reconnecting
---- Closing data socket
---- Closing control socket

Any idea what I must do to navigate around this error?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

SSL/TLS with openldap

Hello to all, I'm beguinner in Linux instalations and I'm trying to Communicate from Web Sites that i have running under apache with openLDAP for users authentication using SSL mediation that seems to be connected with LDAPS. Can someone advise me how to do this, I have already installed... (1 Reply)
Discussion started by: CPMarco
1 Replies

2. UNIX for Advanced & Expert Users

ldap over tls -- ssl cert help

Hey Guys, I am trying to setup ldap over tls in our lab. I am generating a self signed cert on the ldap server and importing that into the ldap system so it will use ldap over port 636. The clients will be a mix of solaris and redhat. I am lost on what I need to do on the client side to get... (0 Replies)
Discussion started by: s ladd
0 Replies

3. Red Hat

HOW TO DISABLE SSL/TLS RENEGOTIATION?

Hi guys, Those who work on Apache may help me on this. I have following problem Description: The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the... (3 Replies)
Discussion started by: manalisharmabe
3 Replies

4. Shell Programming and Scripting

connection of JSP using SSH to access Shell script

Hello, I am not sure if I am posting in the right forum. A website is running on a server with <ip1> in unix. It's written in JSP. I need to add a link on the page, which will on-clicking ask for username and password to enter into another server <ip2> and gets all the files from a... (1 Reply)
Discussion started by: shekhar2010us
1 Replies

5. Linux

SSL/TLS uses the public key to encrypt data ?

Hi, I have a doubt..whether the SSL/TLS protocol uses the public key of the web server to encrypt data before sending it. I knew the browser verifies the public key of the web server using the digital certificate (by verifying the signature of the certificate using trusted authority). whether... (2 Replies)
Discussion started by: chaitus.28
2 Replies

6. UNIX for Dummies Questions & Answers

TLS/SSL Openldap Centos 5.5

hi guys I configured my openldap but now I want to implement SSL-TLS This is my basic slapd.conf configuration include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include ... (2 Replies)
Discussion started by: karlochacon
2 Replies

7. Cybersecurity

TLS/SSL vulnerability explained

Here's a pretty good, and even PHB-compatible, explanation of the current TLS/SSl protocol vulnerability, including samples. (0 Replies)
Discussion started by: pludi
0 Replies

8. UNIX and Linux Applications

FTP client for HP-UX that supports SFTP/SSL/SSH

Can anyone recommend some good/reliable FTP clients for HP-UX that support SFTP/SSL/SSH and have a command line interface? They need not be "free" (license). Thanks! (2 Replies)
Discussion started by: maxshop
2 Replies

9. UNIX for Dummies Questions & Answers

Secure ftp using ssl/tls

We have a requirement to setup secure ftp between our AIX v5.3 system and our mainframe. We don't want to use openssh with sftp and scp. Our mainframe uses ftp over ssl/tls so we have to use this on our AIX box. We have openssl on our AIX system but I'm not sure how to setup ssl/tls over ftp on... (4 Replies)
Discussion started by: DANNYC
4 Replies

10. UNIX for Advanced & Expert Users

implicit ssl vs explicit ssl

Can someone explain the difference between the two. Thanks (1 Reply)
Discussion started by: jerardfjay
1 Replies
Login or Register to Ask a Question