5

I am trying to automate an application deployment as part of this I need to upload a file to a server. I have created a minimal user and configured chroot for the SFTP server but I can't work out how to upload a file non interactive.

At present I am doing scp myfile buildUser@myserver.com:newBuilds/

I tried sftp buildUser@myserver.com myfile (newBuilds is the chroot dir) but this didn't upload anything but it did connect.

The reason for favouring this aproach and NOT using scp is that its a lot more difficult to restrict scp access (from the information I have learned).

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
Alex Edwards
  • 1,613
  • 3
  • 24
  • 48

3 Answers3

7

If you are using OpenSSH server, chrooting works for both SCP and SFTP.

For instructions see:
https://www.techrepublic.com/article/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/

So I believe your question is irrelevant.

Anyway, sftp (assuming OpenSSH) is not really designed for command-line-only upload. You typically use -b switch to specify batch file with put command.

sftp buildUser@myserver.com -b batchfile

With batchfile containing:

put /local/path /remote/path

If you really need command-line-only upload, see:

So basically, you can use various forms of input redirection like:

sftp buildUser@myserver.com <<< 'put /local/path /remote/path'
Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
5

You can pass inline commands to SFTP like this:

sftp -o PasswordAuthentication=no user@host <<END
lcd /path/to/local/dir
cd /path/to/remote/dir
put file
END
demisx
  • 7,217
  • 4
  • 45
  • 43
0

I resolved this issue by approaching it from a different side. I tried configuring chroot for sftp but could not get this to work. My solution was to use rssh and only allow scp. This works for me because the user I am trying to restrict is known and authenticated user.

Alex Edwards
  • 1,613
  • 3
  • 24
  • 48