0

I m trying to connect to SFTP server to fetch the data files regularly using automated shell script. I connect to the server as

user@$server where it asks for password and I enter the password then I can run regular SFTP commands get and mget to fetch files.

The concern is that I have to provide password manually and it opens interactive shell. How can I run all these in just one command or without manual intervention.?

Although How to run the sftp command with a password from Bash script? answers little bit, I don't have privileges to install additional commandline utilities on my server.

I was wondering if there is any other way to solve this issue.

Piyush Patel
  • 1,646
  • 1
  • 14
  • 26
  • If you can set up public key trust, consider scp instead of sftp. It can be pretty easily included in a simple script. sftp is intended for interactive use. – Paul Hodges Jul 03 '18 at 20:30
  • 1
    Try [`lftp`](https://lftp.yar.ru/). It can easily be scripted. – Sean Bright Jul 03 '18 at 20:45
  • I'm not sure how scp can be used! – Piyush Patel Jul 03 '18 at 20:46
  • Our system doesn't have lftp installed on the server. It 's hadoop system where we need to load sftp files from another client. – Piyush Patel Jul 03 '18 at 20:47
  • Set up a key pair for automated, passwordless login. It's fast, simple, easy and secure. Trying to send a password is none of those. – that other guy Jul 04 '18 at 02:49
  • `scp /local/path/to/file user@remoteMachine(orIP):/sameOrDiff/remote/path/to` and many `cp` similar usages are possible. Good luck. – shellter Jul 04 '18 at 02:55
  • I think the most secure method would be using keypairs as has been suggested. Google RSA keys. As for expect; you will have to store your password in plaintext - which would not be recommended. Most remote access tools do not include auto password entry for this very reason. – itChi Jul 04 '18 at 04:33

1 Answers1

2

You can try the expect command: 

  #!/usr/bin/expect -c "
  spawn sftp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no <USER>@<SERVER>
  expect \"*?assword:\"

  send \"<PASSWORD>\r\"
  expect \"sftp>\"

  #more commands

  #exit sftp when you're done
  send \"exit\r\"
  expect -exact \"$\"
  "

It'll enter the password without manual intervention.

UserKnownHostsFile=/dev/null will disable the host key checking and StrictHostKeyChecking=no will disable strict host key checking.

You can add that example in the #more commands section: 

  #Example with get (from remote to local)
  send \"get <remotefilepath> <localfilepath>\r\"
  expect \"sftp>\"
GuiGWR
  • 125
  • 1
  • 20
  • It says `line 2: spawn: command not found` and ` bunch of other errors! Probably you missed sftp before @??? I believe these commands are blocked because I can open the man pages for those commands but it says command not found. – Piyush Patel Jul 04 '18 at 18:11
  • The shebang in `#!/usr/bin/expect` is telling what interpreter shall it be run with. I guess you're using `sh` and the script can't combine 2 interpreters. Try without the shebang: `/usr/bin/expect` – GuiGWR Jul 04 '18 at 18:26
  • Yeah I tried with `expect get_file.sh`, but it says `invalid command name "@"`. Do they have to be like this only? or `sftp @`? – Piyush Patel Jul 04 '18 at 22:55
  • Just to make sure with you: when I write something between `<>`, you have to replace it by something. For example, in this case `@` = `user@your_server_ip_or_remote_hostname`. In this case, you'll open a sftp session in the remote server as user. For ``, you need to replace it by the password required to have access to the remote server. – GuiGWR Jul 05 '18 at 00:06
  • I'm sorry if it wasn't clear I can edit my answer to make it clearer – GuiGWR Jul 05 '18 at 00:08
  • Also, `@` needs to be on the same line as `StrickHostKeyChecking=no` – GuiGWR Jul 05 '18 at 00:19