How to write a bash script using sftp command to download files?
I can use the following command to login to the remote machine, however I need to type in the password manually.
bash-3.2$ sftp -o "Port 22022" mike#s-edm-ssh.local.files.stack.com
mike#s-edm-ssh.local.files.stack.com's password:
Connected to s-edm-ssh.local.files.stack.com.
sftp>
How to do the sftp without the password prompt?
If I like to download aaa.txt file at /remote/mike/files to my local directory /local/mike/downloaded, how to build a script to do all of these work?
Since sftp runs over SSH, you can place your public key on the remote server.
If for some reason you can't place your key on the server, then you can write an Expect script to send your password when the prompt appears. See this example.
Related
What I am trying to do is to login to remote Linux server using SSH from my Windows machine by running a shell script via git bash.
I would like to write a script which will be used by an user with basic IT knowledge. This script will execute a bunch of commands on the remote machine, so it does need to establish a SSH connection.
What I have tried to write in this script so far is:
ssh username#ip <password>
EDIT: You should consider installing Jenkins on the remote system.
Running a command on a remote system can be done via:
ssh user#host command arg1 arg2
If you omit the password, a password prompt will appear, to get around the password prompt, you should consider setting passwordless SSH login. https://askubuntu.com/questions/46930/how-can-i-set-up-password-less-ssh-login
Rephrasing what you said, you want to write a script (namely script1.sh) which does the following (in this order):
Start a ssh connection with a remote
Execute some commands, possibly written in another script (namely script2.sh)
Close the connection / Keep it open for additional command line commands
If you want to put the remote commands on script2.sh instead of listing them in script1.sh, you need to consider that script2.sh must be on the remote server. If not, then you may consider to delegate to script1.sh the creation/copy of script2.sh on the remote machine. You may copy it in a temporary folder.
In this case, my suggestion is to write script1.sh as follows:
Copy of script2.sh with
scp /path/to/local/script2.sh user#host:/path/to/remote/script2.sh
Switch bash sheel to remote shell with
ssh user#host
Execution of script2.sh
sh /path/to/remote/script2.sh
Instead, if you prefer to list everything in just one script file, you may want to write:
Switch bash sheel to remote shell with
ssh user#host
Execution of commands
echo "This command has been executed on the remote server"
echo "This command has also been executed on the remote server"
..
Possibly closing the SSH connection to prevent that the user execute additional commands
You may consider to copy the ssh-keys on the remote server so to avoid password prompts. More information here.
I am trying to SSH to a remote Windows machine (an AWS ec2 instance) by using an username and password of the remote machine. I need to automate this connection to run some remote commands from my script (either shell or Power shell) without prompting me for a password, My script shouldn't fail by expecting a password to be prompted
I don't want to use sshpass or any generated keys (by using ssh-keygen). Since the source machine where I run this command/script is not a dedicated machine, I may run it on a different machine everytime. I also gave a try to connect using the .PEM file provided by AWS as below (thought it could be easy while using it the script).
$ssh -i aws_keypair.pem Administrator#10.10.10.10
Administrator#10.10.10.10's password:
It is still expecting me for a password even if I used the .PEM file, I also tried to created an file 'authorized_keys' in the remote Windows machine under the path "C:\Users\Administrator.ssh\". Still it is prompting me for a password.
Expectation :
Connect to remote Windows machine using PEM file and run some remote commands.
(or)
It shouldn't prompt me for a password while I try for the connection from some script (shell/power shell).
Can be done without any 3rd party tools like this:
$env:TMPPW=Get-Content -Path 'secure_file.txt' ; $un='MyUserName'
$j=Start-Job -ScriptBlock{Start-Sleep -Seconds 1
(New-Object -ComObject wscript.shell).SendKeys("$env:TMPPW{ENTER}")}
& ssh.exe -q -4 -l $un 127.0.0.1 'whoami'
$env:TMPPW=([guid]::NewGuid()).Guid ; $env:TMPPW=$null
I am able to achieve this using Plink command (Installation of Putty is required on source machine to execute this command). So now, I am able to successfully pass the username and password with in the script (Shell script) and everything is working as expected.
FYI, I am pasting the exact command which worked for me
$echo y | plink -ssh Administrator#10.10.10.10 -pw abc123 "dir"
I need some files from unix server. So, I am making sftp connection with password from my windows 7 machine to unix server. but, now i want to include all these commands in batch file.
So, I need help on how should make sftp connection from batch file (basically, how to pass password to sftp prompt from batch file)?
Commands I am using:
> C:\Users\e578589>sftp
> server : TSEDCLVSAPPD116.svr.us.jpmchase.net
> user name : a_avatar
>a_avatar's Password:
/home/a_avatar>cd /data/ailsa/archive/open-loans-txns-to-bancs
/dev2/data/ailsa/archive/open-loans-txns-to-bancs> get {$FILENAME}
May be the following solution you can think for your unix/linus server as well.
Secure FTP using Windows batch script
How about PSCP - PuTTY Download Page? It is easy to use in batch script.
pscp.exe -P PORT -pw PASSWORD USERNAME#IPADDRESS:SOURCE_PATH DEST_PATH
Perhaps you can use PSFTP (PuTTY Download Page) in the same way.
I am very new in shell scripting , i want to download some files from linux remote server ,so how can i proceed for that.That remote server is ssh based .
first of all, ftp service is better choice to get files from remote server.
If only sshd service is available, then you may use ssh based command sftp or scp.
However, using sftp or scp commands will invoke an interactive password prompt, which is a problem in shell script --> You have to ask for help to expect command. see Automate scp file transfer using a shell script .
Besides expect, you may also set up trust relationship between two servers, then you may use scp without password. See http://www.linuxproblem.org/art_9.html
This question already has answers here:
How to run the sftp command with a password from Bash script?
(12 answers)
Closed 7 years ago.
I am trying to write a script to back up a file over SFTP. The problem is, it requires a password, and I see no way to manually specify a password to SFTP. I've heard about requiring no password by using public keys, but that requires being able to ssh into the remote server and modify some configuration files, which I cannot do.
Currently my solution is to use cURL, but that is insecure (uses normal FTP). I also looked at the .netrc file, but that seems to be for FTP instead of SFTP. How do I manually specify a password for sftp?
Lftp allows specifying passwords for both ftp and sftp and does not require public keys at all. Your sh sync script may look like this:
#!/bin/sh
# Define folders
THEFOLDER='/mnt/my/folder'
# List files
THEFILES=`ls -p $THEFOLDER | grep -v "/"`
for file in $THEFILES
do
echo "Processing $file"
lftp -u login,password -e "put $THEFOLDER/$file;quit" theftp/sub/folder
done
cURL can support sftp, as documented by the manual:
USING PASSWORDS
FTP
To ftp files using name+passwd, include them in the URL like:
curl ftp://name:passwd#machine.domain:port/full/path/to/file
or specify them with the -u flag like
curl -u name:passwd ftp://machine.domain:port/full/path/to/file
FTPS
It is just like for FTP, but you may also want to specify and use
SSL-specific options for certificates etc.
Note that using FTPS:// as prefix is the "implicit" way as described in the
standards while the recommended "explicit" way is done by using FTP:// and
the --ftp-ssl option.
SFTP / SCP
This is similar to FTP, but you can specify a private key to use instead of
a password. Note that the private key may itself be protected by a password
that is unrelated to the login password of the remote system. If you
provide a private key file you must also provide a public key file.
You might also want to consider using python (the paramiko module), as it can quickly be called from the shell.
Install the Module
pip install paramiko
Example FTP Upload Script
import paramiko
username = 'my_username'
password = 'my_password'
transport = paramiko.Transport((server, 22))
transport.connect(username=username, password=password)
sftp = paramiko.SFTPClient.from_transport(transport)
local_filename = '/tmp/filename'
remote_filename = 'MyFiles/temp.txt'
sftp.put( local_filename, remote_filename )
Bash program to wait for sftp to ask for a password then send it along:
#!/bin/bash
expect -c "
spawn sftp username#your_host
expect \"assword\"
send \"your_password_here\r\"
interact "
Put that in a file called sftp_autologin.sh. The \r sends an to sftp to execute the command. I don't include the 'p' in password because on some systems it's uppercase, others lowercase. expect spawns the sftp command. Waits for the string 'assword' to be seen and sends a command. Then ends.
To get this to work:
Install expect, I'm using 5.44.1.15
Make sure you can sftp to your box in interactive mode and supply a password.
Make sure this bash script has executable permissions.
Then run it:
chmod +x sftp_autologin.sh
./sftp_autologin.sh
It should drop you into the sftp commandline without prompting you for a password.
Is it insecure?
It's about the most unsecure command you can run. It exposes the password to the commandline history, to anyone else who can read 'ps' output, and basically defeats the entire purpose of passwords all together.
But hey what's another log on the fraud fire, it's only about 250b dollars in victim losses per year. Lets go for 500b.
This automatically runs some commands with the sftp shell and exits automatically when done:
#!/bin/bash
expect -c "
spawn sftp myuser#myserver.com
expect \"assword\"
send \"yourpassword\r\"
expect \"sftp\"
send \"get your_directory/yourfilename.txt\r\"
expect \"sftp\"
send \"exit\r\"
interact "
In order to use public keys you do not need to modify any "configuration files". You merely need to leave a copy of your public key in a place where ssh knows to look (normally ~/.ssh/authorized_keys). You can do this with sftp. If you haven't established any authorized_keys file on the server, you can simply put your id_rsa.pub file in its place.
You can't specify a password to ssh / scp or sftp from the command line. The only way to connect without prompting for a password is to use public key authentication.
You say that you can't ssh to the server to modify configuration files but if you can sftp to the server you can probably upload your public key.
Your public key just has to go under the .ssh directory in your home directory.