CODEWITHSUNDEEP
linuxshellsftp
Sondre
Sondre

Reputation: 1898

Getting shellscript to input password

I'm new to shellscripting (and not well traveled in the world of Linux) and are trying to get a shellscript to automaticly log into an sftp server with my given. Now this is how far I've gotten

#!/bin/bash
HOST='somehost.com'
USER='someusername'
PASSWD='somepass'

sftp $USER@$HOST

Now this is where I run into trouble. At this point I will be prompted for a password. So how do I get the script to automaticly reply with the password when prompted for it? I also tried finding a way to pass along the password with the sftp command, but with no luck. Can anyone help me figure this out?

Upvotes: 2

Views: 6777

Answers (5)

kedar
kedar

Reputation: 1

use sshpass command. you can give password along with command

Upvotes: 0

Sydcul
Sydcul

Reputation: 99

Use this code:

#!/bin/bash
HOST='somehost.com'
USER='someusername'
PASSWD='somepass'

echo $PASSWD | sftp $USER@$HOST

Upvotes: 3

Michał Šrajer
Michał Šrajer

Reputation: 31182

  1. on local host (where the script will be executed) generate ssh key pair:

    scriptuser@scripthost:/~$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/michal/.ssh/id_rsa): {press ENTER!} (...)

  2. copy generated public key from scripthost to the somehost.com and append it to the list of authenticated hosts:

    scriptuser@scripthost:/~$ cat ~/.ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'

  3. now you should be able to use scp or sftp without password:

    scriptuser@scripthost:/~$ scp /any/local/file [email protected]:/remote/location/

Upvotes: 1

Marcin
Marcin

Reputation: 3524

Do not store passwords in script files, unless you are compulsive obsessive about keeping your permissions absolutely tight.

For all things ssh/sftp/scp, use public key authentication. Learn about the settings you can set on both the client and the server ends to make it more secure (ip restrictions, user restrictions, cipher restrictions, number of retries, number of simultaneous logins, etc) That alone should eliminate a lot of insecurity due to scripting issues.

If you absolutely must store a password in a variable, do not export it, and unset it the moment you get done using it.

Upvotes: 2

lecodesportif
lecodesportif

Reputation: 11049

It's not a good idea to include the password in a command line or such a script. Anyone who has access to the list of running processes could see your password, it could end up in your shell history and log files. So this would create a security hole.

There is more info in this thread where key based authentication is recommended over your proposed method.

Upvotes: 2

Related Questions