Non-Interactive SFTP

Sabari_Nath_S · March 11, 2010, 4:20pm

Hi,

I need to sftp from one Unix Server (source) to another (destination) (both SunOS) non-interactively.

I did the following :

1) Generated public key in source server in $HOME/.ssh dir without giving any passphrase
2) Added the contents of the public key generated to authorized_keys2 file in destination server's $HOME/.ssh directory
3) Permissions for the .ssh dir's is 0700 and the key files is 0600
4) Created a file named "confg" in source $HOME/.ssh dir which has the below contents.

Host *
BatchMode yes
PasswordAuthentication no

Still its asking me for a password (not passphrase) when I give sftp destinationuserid@destinationservername in client

When I give the password, its getting connected. But I want non-interactive login where the sftp command should not be prompting me for any password ?

Please help me what I need to do here or if I am doing anything wrong here ?

Thanks,
Sabari Nath S

jim_mcnamara · March 11, 2010, 5:23pm

The home directory of the remote account has to be 755. For starters. And the key file gets named authorized_keys. If there are more than one key file just use

cat keyfile1 keyfile2 ... keyfilen > authorized_keys

If that doesn't help post the output of

ssh -vvv  remotebox

fpmurphy · March 11, 2010, 11:08pm

Also the permissions on the .ssh subdirectory should be set to 700 and the permissions of every file in the .ssh subdirectory should be 600.

Sabari_Nath_S · March 12, 2010, 4:31am

Hi,

I had already changed the permissions for all files under .ssh to 600 and the .ssh dir to 700

Client:

$ ls -ld .ssh
drwx------   2 cdbcdi   other        512 Mar 12 00:04 .ssh

$ cd .ssh

$ ls -l
-rw-------   1 cdbcdi   other         47 Mar 11 14:42 config
-rw-------   1 cdbcdi   other        883 Mar 11 12:48 id_rsa
-rw-------   1 cdbcdi   other        332 Mar 11 12:49 id_rsa.pub

$ cat config
Host *
BatchMode yes
PasswordAuthentication no

Server (Host):

$ ls -ld b2cint (Home Directory)
drwxr-xr-x   3 b2cint   custapp      512 Mar 11 11:05 b2cint

$ cd b2cint/.ssh

$ ls -ld ../.ssh
drwx------   2 b2cint   custapp      512 Mar 11 14:39 ../.ssh

$ ls -l
-rw-------   1 b2cint   custapp      332 Mar 11 14:39 authorized_keys
-rw-------   1 b2cint   custapp      332 Mar 11 14:38 authorized_keys2

But still it asks for a password.

markdjones82 · March 12, 2010, 2:02pm

The source needs to have the id_rsa.pub key of the user that will be sending the file copied to the destination server user's home/.ssh/authorized_keys or authorized_keys2

Sabari_Nath_S · March 16, 2010, 11:50am

It already has. I have already placed the contents of id_rsa.pub to authorized_keys2 file under $HOME/.ssh dir in the host.

Corona688 · March 16, 2010, 12:00pm

authorized_keys2 has been depreciated for 8 years now. Just cat all of them together into authorized_keys.

markdjones82 · March 16, 2010, 1:22pm

Make sure the directory and files are owned by the correct user.

Set permissions to 600 or 644

Try using 777 temporarily to see if it is permissions issue.

check your /etc/ssh/sshd_config and make sure RSA authentication is enabled.
# RSAAuthentication yes