sftp in batch mode without psssword prompt - SSH

This is a discussion on sftp in batch mode without psssword prompt - SSH ; I would like to use (SSH) ftp from a solaris 2.9 box to another solaris 2.9. Requirments are that password authentication needs to be used (I know public/private key is more secure, but customer is king). I've been looking through ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: sftp in batch mode without psssword prompt

  1. sftp in batch mode without psssword prompt


    I would like to use (SSH) ftp from a solaris 2.9 box to another solaris
    2.9. Requirments are that password authentication needs to be used (I
    know public/private key is more secure, but customer is king).

    I've been looking through the archives and seen different hacks to get
    around the password prompting but I've not found the final answer. I've
    paged through "SSH, the definitive guide" and beside mentions a couple
    of hundred times that password is less secure it doesn't mention
    solutions.

    On my Windows PC I can uses something as "sftp user@host -pw password"
    and that works. But the -pw option is not in Solaris 2.9 (and no I
    can't install a new version of SSH).

    The most common "hacks" I've found are:
    - using expect to supply the password
    - using SSH_ASKPASS

    Is there a more regular way of using password authentication with sftp.
    When I run sftp with -v I can see that I can I use password
    authentication, keyboard innteractive and the usual.

    Regards,
    Ogmios


  2. Re: sftp in batch mode without psssword prompt

    >>>>> "ogmios01" == ogmios01 writes:

    ogmios01> The most common "hacks" I've found are: - using expect to
    ogmios01> supply the password - using SSH_ASKPASS

    ogmios01> Is there a more regular way of using password authentication
    ogmios01> with sftp.

    Nope, that's pretty much it. There is no option to do it because it's
    such a bad idea. Co-opting the askpass mechanism is pretty easy to do,
    though, and equivalent to what would probably be done otherwise: accepting
    the password on a pipe (cf gpg --passphrase-fd).

    I'll make a note to add this FAQ to the next edition of the Snail book; I
    thought we had mentioned it, but apparently not.

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread