Solved

SFTP with using password in a shell script

Posted on 2014-02-18
3
1,239 Views
Last Modified: 2014-02-24
Hello,
I am setting up a SFTP connection, however, need to pass a password to the site.

I normal use a key , however, this time need to use a password.  How do I pass a password with the below information.

This is what I use in the script. (when using a key)

cat /dev/null > $ftp_commands_file
cat /dev/null > $ftp_error_file
echo "lcd /dev/tmp" >> $ftp_commands_file
echo "put $file $/home/dev/$file"  >> $ftp_commands_file

sftp -b $sftp_commands_file $user@$nodename >> $sftp_error_file

Thanks for the help.
0
Comment
Question by:bje
3 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
Comment Utility
sftp from OpenSSH does not accept passwords from stdin or from a file.

Check if you have "expect" installed, and if so try something along these lines:


cat /dev/null > $ftp_commands_file
cat /dev/null > $ftp_error_file
echo "lcd /dev/tmp" >> $ftp_commands_file
echo "put $file /home/dev/$file"  >> $ftp_commands_file
echo "exit"  >> $ftp_commands_file

PASS="password"

expect -c "
spawn sftp -b $ftp_commands_file $user@$nodename
expect \"password:\"
send \"$PASS\r\"
interact
" >> $ftp_error_file


I took for granted that the variables "ftp_commands_file", "ftp_error_file", "user" and "nodename" were already set at this point.

Note: I corrected some minor errors/typos in your script.
0
 
LVL 8

Expert Comment

by:Surrano
Comment Utility
OpenSSH (and I believe the foundations of SSH philosophy in general) reject using a password in a non-interactive session for a good reason. Tools like expect may work but I'd say that any such tool goes against what the first letter of the SSH acronym is about, i.e. "Secure".

Whoever restricted you from using keys should think twice and should be persuaded that
- either they go secure and don't force usage of password,
- or they force usage of password and accept the security leak they'd just imposed.

Of course, I can imagine that they accept passwords only because they don't expect any scripts to connect and you are just trying to circumvent their security measures. In that case, you're probably not really concerned about security, just wish to make your script work. Cross fingers they won't lock your user (or even ban your IP) if they reckon your attempts :)
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 500 total points
Comment Utility
this might be more complete

cat <<EOF | expect
spawn rsync -az $verb $lnk -e ssh $src $dst_.part
set timeout -1
while { true } {
	expect	"Password"		{ send "PASSWORD\n" }	\
		"assword:*"		{ send "PASSWORD\n" }	\
		"DSA"			{ send "yes\n" }	\
		"(yes/no)? "		{ send "yes\n" }	\
		eof			{ exit 0 }		\
		"lost connection"	{ exit 6 }		\
		"Warning: Permanently added * to the list of known hosts." { exp_continue }	\
		"Warning:*" { exp_continue }	\
		"*passphrase*"		{ send "***********\n" }	\
		timeout			{ send_user "\n==> session timeout\n" ; exit 1 }		\
		busy       {puts busy\n ; exp_continue} \
		"Connection to * closed." { exit 4 } \
		#"?*"			{ exit 1 }
}
EOF

Open in new window


obviously replace my rsync command with your sftp/scp/ssh or whatever

---

also, you may want to try curl's sftp which allows you to provide the password on the command line
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now