I have a script that that transfers a file (via sftp) and it works fine but we ran into a snag where the target server asked for the ssh key and the script didn't know what to do. I want to add some logic to this script that at least sends an email that it didn't complete as expected or didn't transfer the file.
I'm testing it now on our network and get the following results:
./test_ftp_script
spawn sftp support@target_server.com
Connecting to target_server.com...
The authenticity of host 'target_server.com (10.101.21.34)' can't be established.
RSA key fingerprint is ce:5d:35:c6:57:8d:f5:d5:45:ac:b4:a5:3e:22:e6:f1.
Are you sure you want to continue connecting (yes/no)? support
Please type 'yes' or 'no': /home/root/filename.txt .
Please type 'yes' or 'no': [server:/home/root/]#
Note: I have altered the names on the script via cutting and pasting, so there may be an extra period, etc.. here or there
so it sounds like from what you show'd is that the IP has multiple hosts attached and you may not get the same host (ssh key) in response every time. But since the known_hosts know's part of the information it is trying to auth and fails. And now wants a response to add it to the known_hosts file. Do you have control of the target server(s)?
No, I don't have control of that server. The issue shown above is an anomaly that just happened. I showed it for an example. When I sftp a file is there a return code (especially in that situation above) that I can set a flag on to send me an email that it didn't complete correctly.
It looks to me that - and I'm not sure - but the above error would return ok; it started and it finished. That script is called from another script that does a lot of other things, so that script doesn't hang on that.
So, I guess what I'm asking is -- Is there a way to verify that the file was sent to the other server?
Bonus question:
In the script above, can you put an "if" statement in the code to detect, with expect say - "(yes/no)?" if true answer "yes" if false continue with the log in?
---------- Post updated at 02:24 PM ---------- Previous update was at 02:19 PM ----------
Also, I'm pretty sure you're right about multiple servers attaching to the same Aix-guy. Fast overview, that server is used in our D.R. process and we upload current info on backup tapes etc to it everyday.
if {$count < 0} {
puts "count is less than zero"
} elseif {$count > 0 {
puts "count is greater than zero"
} else {
puts "count is equal to zero"
}
Now for the result of the sftp
I would be looking to output all the results to a separate log file.
the expect call would be done from a shell script and it could call
a expect script file.
so something like
if [ some test in the shell ]
else
echo "Setting password for $x"
expect -f ./chpass.exp $x $1 $2 $3 > $gd_log
res=`egrep "Enter the new password again:" $gd_log |wc -l`
fi
so we call a expect script that outputs to a logger the we start
checking the log for conditions we want and make decisions.
As for sftp there is a list of commands that is allows:
cd path
lcd path
chgrp grp path
chmod mode path
chown own path
help
df [-hi] [path]
lls [ls-options [path]]
ln oldpath newpath
lmkdir path
lpwd
ls [path]
lumask umask
mkdir path
progress
put local-path [remote-path]
pwd
exit
quit
rename oldpath newpath
rmdir path
rm path
symlink oldpath newpath
version
!command
!
?
when I did a sftp here is what returned.
sftp> put test.log
Uploading test.log to /test.log
test.log 100% 69KB 68.9KB/s 00:01
then a second call for during the ftp for this
sftp> !sum test.log
15078 69 test.log
then parse the log for the line and check the sum size of the file you sent
and be sure they are the same.
Perhaps ssh-keyscan could be used? It looks like ssh-keyscan is a way of quickly collecting host keys of a number of ssh servers without having to manually log into each one. You could then compare this list with the existing list of known hosts to ensure the host has not changed its key. If it has the program can die nicely before the sftp command is even executed.
Also, lftp is a script-able ftp client that talks sftp. Using this you could remove the requirement for expect.