I am trying to automate an application deployment as part of this I need to upload a file to a server. I have created a minimal user and configured chroot for the SFTP server but I can't work out how to upload a file non interactive.
At present I am doing scp myfile buildUser#myserver.com:newBuilds/
I tried sftp buildUser#myserver.com myfile (newBuilds is the chroot dir) but this didn't upload anything but it did connect.
The reason for favouring this aproach and NOT using scp is that its a lot more difficult to restrict scp access (from the information I have learned).
If you are using OpenSSH server, chrooting works for both SCP and SFTP.
For instructions see:
https://www.techrepublic.com/article/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/
So I believe your question is irrelevant.
Anyway, sftp (assuming OpenSSH) is not really designed for command-line-only upload. You typically use -b switch to specify batch file with put command.
sftp buildUser#myserver.com -b batchfile
With batchfile containing:
put /local/path /remote/path
If you really need command-line-only upload, see:
Single line sftp from terminal or
Using sftp like scp
So basically, you can use various forms of input redirection like:
sftp buildUser#myserver.com <<< 'put /local/path /remote/path'
Or simply use scp, instead of sftp. Most servers support both. And actually OpenSSH scp supports SFTP protocol since 8.7.
Since OpenSSH 9.0 is even uses SFTP by default. In 8.7 through 8.9, the SFTP has to be selected via -s parameter. See my answer to already mentioned Single line sftp from terminal.
You can pass inline commands to SFTP like this:
sftp -o PasswordAuthentication=no user#host <<END
lcd /path/to/local/dir
cd /path/to/remote/dir
put file
END
I resolved this issue by approaching it from a different side. I tried configuring chroot for sftp but could not get this to work. My solution was to use rssh and only allow scp. This works for me because the user I am trying to restrict is known and authenticated user.
Related
I want a fast and flexible file server but I don't need encryption or authentication. How can I use SFTP for this on Linux systems?
SFTP happens to be used by SSH servers but it's a well-developed protocol that works well on its own. The sftp-server developed by OpenSSH has no dependency on an SSH server; sftp-server uses standard input/output. (Other SFTP servers are similar.)
It is trivial to share a filesystem via SFTP, similar to what you might do with NFS but without the need for root access. I'll use socat as the daemon for this ad-hoc example, but xinetd would make a more permanent solution. The location of sftp-server is from my Ubuntu installation of the openssh-sftp-server package.
On the server:
$ mkdir shared_to_the_world
$ cd shared_to_the_world
$ socat tcp-listen:1234,reuseaddr,fork exec:/usr/lib/openssh/sftp-server
On the client:
$ mkdir /tmp/sftp_test
$ sshfs -o reconnect,ssh_command="nc my_sftp_server_address 1234 --" : /tmp/sftp_test
$ cd /tmp/sftp_test
Now your client (and anyone else's!) can seamlessly work with the files in the shared directory on the server. Both read and write are enabled, so be careful.
Consider using socat listen's "bind" and "range" options to limit the access to your server.
You can’t use SFTP without SSH. Take a look at : https://www.ssh.com/ssh/sftp/ (emphasis mine) :
“ SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol.. It supports the full security and authentication functionality of SSH.
...
SFTP port number is the SSH port 22 ... It is basically just an SSH server. Only once the user has logged in to the server using SSH can the SFTP protocol be initiated. There is no separate SFTP port exposed on servers. “
I'm trying to write a perl script which copies a directory with files from other machine to current machine.
I can use the scp command in shell but it requires a password. Also I don't have the following modules insatlled on my work area (and unfortunately I cant install them):
Net::OpenSSH
Net::SSH::Perl
Net::SCP
Net:: FTP
I do have installed Net::SSH
My mission is to copy the files from other machine to current machine. The main problem is that it requires a password to use scp on shell. Is there any elegant way to solve this problem?
The elegant way is to use public key authentication.
If you really need password authentication, well, besides the ones you listed there are other modules which would allow you to automate it. Check if you have available Net::SSH2, Expect or IO::Pty.
You may also be able to use use some ssh/scp client accepting the password from the command line or from an environment variable* as plink, pscp or lftp.
Another possibility is using the utility sshpass.
(* Note that passing passwords in the command line or in environment variables is a very insecure practice!)
I've configured Apache2 for a specific directory, so that it lists all its contents over HTTP (I put +Indexesin config).
I was wondering if it is possible to list the contents of that folder from my terminal? So basically instead of opening up a browser and visiting that directory over HTTP, is it possible to do it just from terminal?
Some ideas:
use ssh to connect to the webserver: ssh user#host ls /path/to/dir; requires ssh access obviously
add a cgi script to generate the output you want in a format (test/plain) you want
I am a junior front-end developer and I am working on my process using command line. I would like to push my local changes to my server without having to use an FTP client like Filezilla. I am manually dragging and dropping files using the client and would like to learn how developers perform this process. I am building a static site using SiteLeaf on a Mac. Thanks in advance for help with this workflow.
If your target has SSH installed you can use SCP:
$ scp -r your_remote_user#remote_address:/path/to/save/dir /local/dir/to/transfer
This can also be used to transfer single files: just remove the -r (recursive) option and specify files path instead of directories.
I use to navigate my remote servers with ssh. Sometimes i would like to download a file to open in my computer.
But the only way i know how to do it is to open a new command line window and use scp from local to remote.
is there a way to do this directly from the ssh server?
like a command that know my current ip so can set up everything automatically?
(wonderful would also be to do the upload in such a way...)
There is no easy way to do it - I used ssh & scp many years the way you just described. But, you may configure ssh & scp in such a way that they don't require password each time, which is very comfortable! For this, you need:
generate keys by ssh-keygen - they can be also passphrase (= password) protected
copy the keys to remote machine to ~/.ssh/authorized_keys
And then, each time you start a session, you run ssh-agent and ssh-add. You just enter the password once. And then you can just run scp/ssh many times, from scripts, etc., without the need to enter the password each time!
I don't remember the exact way how to configure all this, but have a look at manpages of all those useful tools! Many things can be automatized by placing them into ~/.bash_profile or ~/.bashrc files.
I found this while trying to answer your question for myself:
https://askubuntu.com/a/13586/137980
Just install zssh and use Ctrl-# to go into file transfer mode.