SFTP upload script, there is no key

ssh scripts cron sftp

6,643

Solution 1

Install Expect that lets you script for situations like this.

sudo apt-get install expect

Set up a shell script

#!/bin/bash
HOST=""
USER=""
PASS=""

# Sorry for the offensive "assword", it's to cope with "Password" and "password".

VAR=$(expect -c "
  spawn sftp $USER@$HOST

  expect \"assword:\"
  send \"$PASS\r\"

  expect \"\\\\$\"
  send \"ls\r\"

  expect -re \"$USER.*\"
  send \"exit\"
")

echo "==============="
echo "$VAR"

Solution 2

I think that if you create a ssh key without protecting it with a "passphrase", you can skip the keyboard interactive part and thus easily create the upload script you need. See for example here :

ssh-keygen -t rsa -C "Your Name" -f your_key

This will create the necessary files, you then just have to copy the public one (*.pub) on the remote server.

6,643

BigBoy1337

https://www.linkedin.com/in/brianjg

Updated on September 18, 2022

Comments

BigBoy1337 over 1 year

I need to upload a file to a server.

The server uploads using SFTP. After authentication, any command execution is forbidden, so I cannot SSH directly in, I need to get directly into the SFTP subsystem.

For instance.

ssh -N [email protected] works fine, except I can't SFTP anything.

However, I can do sftp [email protected] just fine.

Problem: I need to automate this, the authentication is keyboard-interactive, not key-based. I don't own the server I'm connecting to, they simply said "Here's the password, upload the files every week." And nobody over there knows anything about keys or stuff like that.

sftp -b Batch scripts won't allow keyboard interactive auth.

I'm sick of manually uploading the file. They sent the 8-charecter password over unencrypted email and it contains 3 of the same numbers at the end and one dictionary word (ie "Words777") -- lets pretend security really isn't an issue here.

Can I make the SSH key from just the password? Remember, I don't have access to the other server. Can I script this some way? I've attempted using different packages, and even rsync to do the upload, but they all want to access SSH directly instead of directly getting into the SFTP subsystem.
BigBoy1337 about 13 years

I don't have access to the other server.
enzotib about 13 years

You only need the password to copy the public key on the server. It remain to check if the server is configured to support key authentication.
BigBoy1337 about 13 years

Where on the server? I only have access to a small sub directory.
enzotib about 13 years

@user11239: You only need access to the file ~/.ssh/authorized_keys under your remote home directory. Here a guide: help.ubuntu.com/community/SSH/OpenSSH/Keys
tuomassalo about 11 years

Not everyone has access to ~/.ssh/, so this is not always an option - unfortunately.