How can I automate pulling files via putty's psftp?
Solution 1
I realize there's already an accepted answer for this question, but I thought I'd throw in the answer to where the SYSTEM account's user registry hive is located. It's actually in HKEY_USERS\.DEFAULT
which most people incorrectly assume is the default user hive for newly created accounts. More info on the history and background of the key is on Raymond Chen's MSDN blog here:
The .Default user is not the default user
Solution 2
I believe the solution to the first problem is to have the scheduled task run as SYSTEM. Is that correct?
Generally you should only run something as SYSTEM if it actually needs that absolute level of privileges. A much better choice might be to setup a service account just for this task. Then you may want to disable password expiration for the account, or setup a notification schedule to remind you to update the service account password & task details.
You You can of course temporarily login to this service account so you can accept the SSH key the first time.
Solution 3
Use pscp.exe -batch -load PROFILE
on the command line. Set up a profile for your connection using a ssh-key-pair for that profile and then use that profile.
The user-account you use for this should be local, but it does not require any special privileges (just read for the key and write for the files).
Try pscp -h
for all command switches.
Related videos on Youtube
cwd
Updated on September 18, 2022Comments
-
cwd over 1 year
I have a Windows Server 2003 box and it is using
psftp
to connect to a remote linux machine and download files every hour.I have two main challenges with this machine:
First
Scheduled tasks are currently set to run as a user on this box, which I believe requires storing the user's password in the task scheduler. However when the user's password changes the task fails to run. I'd like to have this task always run regardless.
- I believe the solution to the first problem is to have the scheduled task run as
SYSTEM
. Is that correct? If so, how do I set this up? Just typeSYSTEM
in the "Run as" box? And do I need to set a password forSYSTEM
because I believe I tried with no password and it said the job did not run because the password was incorrect. Perhaps I am doing this wrong.
Second
Putty requires that the remote key for a server is stored in the registry to verify the server's authenticity. However this seems to be stored on a per-user basis and so if I switch the script to run as a different user it seems the user must run the script interactively the first time so that the key is stored in the registry.
-
Instructions on the putty website mention that keys should be added to the following registry location:
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys
But judging from "HKEY_CURRENT_USER" I don't think that will be for the
SYSTEM
user. If I do set up this task to run asSYSTEM
, how can I make sure that the appropriate key is stored in the registry for the host? I don't mind manually adding it (there is a perl script to convert a known_hosts file), but where should it go?ps:
myscript.bat
just uses psftp.exe to pull files from a remote server. Nothing special. There is no flag to skip checking authorized hosts, and the folks at putty mention that this would be a bad idea anyhow.-
djangofan over 12 yearsDont forget to consider using Putty's PSCP.exe copy tool.
-
Tim over 12 yearsheh, SSH keys in the registry... Windows..
- I believe the solution to the first problem is to have the scheduled task run as
-
cwd over 12 yearsI think the user account for tasks is a great solution, thanks! Out of curiosity though, is it possible to schedule it as SYSTEM, and do you need a password?
-
Zoredache over 12 yearsIt is possible, SYSTEM does not have a password. I haven't used xp/2003 in a while, I am not sure the correct method to create a SYSTEM task. Try machinename\SYSTEM maybe?
-
cwd over 12 yearsthis looks looks pretty good. i will have to give it a try. any links on how to set up a profile? have not done that yet.
-
Nils over 12 yearsI would use interactive Putty to set up the profile. The most important settings are target machine-name, type of ssh-protocol (2 only should work nowadays), compression on/off, login-name, private key file.
-
cwd over 12 yearsThis seems to be the best answer. I set up a profile in putty, ran the script manually, accepted the key, and then copied the values from
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys
into the corresponding default user @Ryan Bolger mentions, and it is working very well. Tried setting up another user on the system, but with the way permissions are set they would need to be an administrator to run scheduled tasks and I don't want to add a local administrator account, nor do i wish to rewrite user permissions with group policy or something like that. Running as system seems ok. thx!