Script Control of sftp

Alan Little openssh at holotech.net
Sat Oct 18 23:09:20 EST 2003 

> You have to abuse the SSH_ASKPASS mechanism.
Could you give me a quick rundown of how to do that and/or where I
could find more information?

> Works fine for me, but it's not recommended
> to have passwords in scripts.
The password won't be stored in the script or anywhere else for that
matter; the user will be entering it over a secure connection.

-- 
Alan Little
Holotech Enterprises

On Saturday, October 18, 2003, 8:38:45 AM, you wrote:


> You have to abuse the SSH_ASKPASS mechanism.
> Works fine for me, but it's not recommended
> to have passwords in scripts.

> On Fri, Oct 17, 2003 at 02:12:37PM -0400, Alan Little wrote:
>> I am trying to conduct a full sftp session using the proc_open()
>> function of PHP:
>> 
>> http://www.php.net/manual/en/function.proc-open.php
>> 
>> Once I get past the authentication stage, everything works fine: the
>> script is able to write to sftp's stdin and capture its stdout.
>> However, during the auth stage, these are apparently bypassed somehow,
>> and IO takes place directly with the terminal. That is, the password
>> prompt appears on the screen, and the password is accepted directly
>> from the keyboard, while the password submitted by the script is
>> ignored. Any ideas why, and/or how I can control the IO through the
>> auth stage? Here is my code:
>> 
>> #!/usr/www/users/holotech/cgi-bin/php4.cgi
>> <?php
>>   $descriptorspec = array(
>>     0 => array("pipe", "r"),
>>     1 => array("pipe", "w"),
>>     2 => array("file", "/tmp/error-output.txt", "a")
>>   );
>> 
>>   $Server = "myserver.pair.com";
>>   $User   = "holotech";
>>   $Pass   = "########";
>> 
>>   $sftp   = "/usr/bin/sftp";
>> 
>>   $process = proc_open(
>>     "$sftp $User@$Server",
>>     $descriptorspec,
>>     $pipes
>>   );
>> 
>>   if (is_resource($process)) {
>>     fwrite($pipes[0], $Password."\n");
>>     fclose($pipes[0]);
>> 
>>     while(!feof($pipes[1])) {
>>       echo fgets($pipes[1], 1024);
>>     }
>>     fclose($pipes[1]);
>>     $return_value = proc_close($process);
>> 
>>     echo "\ncommand returned $return_value\n";
>>   }
>> ?>
>> 
>> -- 
>> Alan Little
>> Holotech Enterprises
>> 
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev

More information about the openssh-unix-dev mailing list