I would recommend Secure Key Exchange. One time and its done. Not that Expect (or something like it) won't work, I just think it'll be more complex and harder to maintain in the long run.
Main Topics
Browse All TopicsHi All,
We are in the process of changing our File transfers to Secure mode using SecureShell.
We already have scripts to Do File transfer using FTP client (i.e, non secure mode) and
iam giving one example, which explains how we automate regular FTP.
Now we are changing all of them to SFTP or Secure transfer mode/encrypted.
Our old regiular scripts are some thing like this
ftp -n -i -v ftp.url.com <<!
user username password
cd /data/shared/
lcd /data/import
mget vcm*.dat
bye
!
In this case, we are giving the password directly or as an argument or in a batch file.
Coming to SFTP,by using -B option(Batch file)
SFTP -B /devl/test.batch user@ftp.url.com
test.batch contains the following data.
user_password
pwd /user/data/shared
get vcm_today.dat
quit
SFTP exceuting the password as a command and coming out as a Bad command.
My question is
How to Automate the SFTP Scripts by passing Password as an argument or in a File.
Responses are highly appreciated.
Thanks in advance,
Rad
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
liddler replied:
2 ways:
Install configure expect scripting language (http://expect.nist.gov/)
or
use secure key exchange instead of passwords
First one, installing Expect is ruled out in our environment.
Could you please explain me in detail about the 2 nd option (Secure Key Exchange).
Thanks a tonn,
Rad
run ssh-keygen -t dsa, with a blank passphrase on source machine
this creates a file under $HOME/.ssh/id_dsa.pub
copy this into $HOME/.ssh/authorized_keys
Note: ssh is very strict about ownership / permissions on the .ssh/ directory
Thanks liddler ,
When I am running ssh -keygen -t dsa , it is coming with a warning
warning: Connecting to dsa failed: No address associated to the name
Iam new to Unix environment, Could you please explain me.
Our Vendors(in this case, Target m/c), they restrict to enter password for every FTP/SFTP connection.
As per your suggestion, I understand that by Key Generation, Secure Shell is going to use the Keys on the both sides and creates a connection with have to out entering a password.
Please let me know, how to generate a Key for a particular Host (lets say ftp.yahoo.com) with
user_name "ftpuser" and password "ftppwd".
And explain me, why we are getting the Warning in running the Keygeneration.
Thanks a lot for your help.
Thanks
Rad
Thanks again liddler. I appreciate your patience.
Few more doubts!!!! I am very new to Unix and know that you guys are DONs in UNix, your help/suggestions in clarifying me in this issue are highly honoured.
I logged on one server (Lets say Source server) as LocalUser
and trying to connect to a Remote Server (Target server) with Host ftp.host.com and
logging into Remote m/c using RemoteUser name and password is RemotePasswd.
When I am doing sftp -B test.bat RemoteUser@ftp.host.com
Its prompting for Password, after entering it, I can do transfer of fiels safely.
As per your suggestion,
I have to generate some Keys on Source m/c. DO we have any mechanism to generate such Keys
with specific Host Name, Remote User and accessing password (in mycase, ftp.host.com, RemoteUser and RemotePasswd)
If I generate such keys, What kind of privileges that connection going to have ?
My UNIX login(LocalUser) privileges or Remote User privileges and How to generate Host Based keys by using the User Name, Password and Host.
Please clarify me.
Thanks,
Rad
Rad
>If I generate such keys, What kind of privileges that connection going to have ?
The priviledges of the remote user, basically you are telling the remote machine that the localuser, coming from the local machine are to be treated as the remote user on the remote machine.
If you look at the .pub file, you will see it specifes the local hostname and username, by putting these in the authorized_keys file on the remote machine you are telling the remote machine to treat that user from that machine, the same as the user whose authorized_keys file you add the entry into.
One more thing, if you copy and paste the .pub key between two telnet or X windows sessions, make sure the paste does not insert line feeds into the key, or ^M characters if you are going via DOS. The key must be all on one line.
your script suggests using the command:
scp user@ftp.url.com/data/shar
You should generate a private and a public key on the machine
where you issue the scp command, and transfer the public key
to the machine where you get the data. Put this public key in a
file called ~/.ssh/authorised_keys (look in the manual of your
ssh-keygen command). Then there will be no need for using
passwords in your script, making the transfer more secure.
Business Accounts
Answer for Membership
by: liddlerPosted on 2003-08-01 at 08:02:20ID: 9048903
2 ways:
Install configure expect scripting language (http://expect.nist.gov/)
or
use secure key exchange instead of passwords