HPE Community
Operating System - HP-UX
1834288 Members
2505 Online
110066 Solutions
New Discussion

sample script for scp and sftp

 
SOLVED
Go to solution
Kathy Khaghani
Advisor

‎07-30-2008 02:58 PM

‎07-30-2008 02:58 PM

sample script for scp and sftp

Hi all,

I have a couple of questions reguarding scp and sftp.

1. I was told by out network/security admin that scp is prefered over sftp when it comes to security issues, and to use scp forcing it to use protocol 2. Do you all agree? if so anyone has a sample script using scp with protocal 2 please share.

2. I need to convert all my scripts that run ftp and are like the following example:

#!/usr/bin/sh
ftpfile=/home/kathyk/test.ftp
echo user kathyk sheila22 > $ftpfile
echo cd /home/kathyk >> $ftpfile
echo lcd /home/kathyk >> $ftpfile
echo put newjunk >> $ftpfile
echo put nofile >> $ftpfile
#echo put newjunk >> $ftpfile
echo bye >> $ftpfile
#echo ENDFTP >> $ftpfile
ftp -i -n -v mongo1 < $ftpfile > /home/kathyk/ftp.log 2>&1


To invoke scp or sftp. again if anyone has a sample script please share.


Your assistance is greatley appreciated.

Regards,

Kathy


0 Kudos
Reply
3 REPLIES 3
Ph. LAQUERRIERE
Occasional Advisor

‎07-30-2008 10:25 PM

‎07-30-2008 10:25 PM

Re: sample script for scp and sftp

Hi Kathy,

for using scp, you must copy your public keys in authorized_keys file in host target
and write a command in your script with scp command:
you can use a man page of scp command for more detail.

Regards.

Philippe
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎07-31-2008 12:52 AM

‎07-31-2008 12:52 AM

Solution

Re: sample script for scp and sftp

1.) Because both scp and sftp use the same SSH protocol for encryption, the preference for sftp might not be security-related, but something related to the local setup.

Forcing a HP-supplied scp to use protocol version 2 is very simple: just use option "-2" with the scp command.

2.)
With scp, your script can be reduced to a single command:

scp -2 /home/kathyk/newjunk /home/kathyk/nofile kathyk@mongo1:/home/kathyk

If you're logged in as "kathyk" on the local host, /home/kathyk is your home directory on the host mongo1 and you're currently cd'd to directory /home/kathyk on the local host, you can even simplify it further to:

scp -2 newjunk nofile mongo1:

If you don't have SSH keys set up, these commands will ask for a password.

----------

The usual way to set up SSH keys for one user for unattended/scripted file transfers:

ssh-keygen -t rsa
(accept all the defaults, leave the key passphrase as blank for unattended/scripted operations)
ssh kathyk@mongo1
(password required for authentication)
(the next commands on mongo1)
mkdir .ssh
chmod 700 .ssh
chmod go-w $HOME
exit
(back on the local host)
scp $HOME/.ssh/id_rsa.pub kathyk@mongo1:.ssh/authorized_keys
(this is the last time you'll need a password for this connection)

At this point, you should be able to use ssh/scp/sftp to connect from your current user at the local host to kathyk@mongo1 without any password prompts, unless the admin of mongo1 has disabled the SSH key authentication at the server end.

MK
MK
Reply
Kathy Khaghani
Advisor

‎07-31-2008 08:28 AM

‎07-31-2008 08:28 AM

Re: sample script for scp and sftp

Thank you Matti for the comprehensive answer. To be clear would this part Be on the remote server? (ftp server).

ssh-keygen -t rsa
(accept all the defaults, leave the key passphrase as blank for unattended/scripted operations)
ssh kathyk@mongo1
(password required for authentication)
(the next commands on mongo1)
mkdir .ssh
chmod 700 .ssh
chmod go-w $HOME
exit



Thanks again


Kathy

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.