LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-28-2014, 11:28 AM   #1
30467659
LQ Newbie
 
Registered: Jan 2014
Posts: 1

Rep: Reputation: Disabled
SFTP From Linux to Windows with Keys


Hello,

I've been searching through similar threads and can't find the scenario that I'm encountering.

We use a Windows server running an SFTP program for our external partners to access necessary files. I have a script which runs on a RedHat Linux server and generates a file that needs to be sent to the Windows server so an external vendor can pick it up.

I would like the script to take advantage of keys and avoid putting the password in the scripts. On the Linux server, I log in and run the script as user "jobsub".

Our Windows Admin set up an account for me in the Windows server SFTP program with credentials "ftpuser", "password". I do not have an actual logon account to the Windows server itself. I can successfully log in from Linux using "sftp ftpuser@WindowsServer" and then providing the password when prompted from the command line in Linux.

Our Windows Admin also supplied me with a public and private key which was generated from the Windows Server. I took the public key and added the contents on the Linux server to the authorized_keys file of the "jobsub" user in location /home/jobsub/.ssh/authorized_keys. However, this does not work and when I type sftp ftpuser@WindowsServer on the Linux command line, I'm still prompted for the password.

I'd be very appreciative if someone would advise me on the errors that I'm making.

Thank you.
 
Old 01-28-2014, 01:05 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,353
Blog Entries: 55

Rep: Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541
Usually to avoid having to authenticate each and every time you would first run ssh-agent after logging in and load your keys. Another way would be to wrap a script around it using the expect language but that would defeat the whole authentication thing as you store your pass phrase on disk. Another way (usability depends on policies, data confidentiality, risk, etc, etc) could be to use a pass phrase-less key but then you'd have to enable auditing, logging and reporting on both sides to detect tampering, limit access by user and IP address, by commands it can execute and by chrooting it. Another way (if quite surprisingly things would be easier to set up on the mcrsft side ;-p) could be to pull the file instead of your Linux server pushing it?.. Another way (maybe too far-fetched) could be to use just plain 'ol anonymous chrooted FTP but over a VPN tunnel?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SFTP from windows to Linux server sras Linux - General 3 11-18-2013 07:08 AM
SFTP with both SSH keys and password 2buck56 Linux - Software 2 08-31-2013 03:40 PM
setup sftp to use ssh keys + LDAP hophilip Red Hat 1 07-05-2012 02:30 AM
ssh/sftp from U/Linux to Windows unix1adm Linux - Software 1 04-05-2010 03:09 PM
SFTP config on linux access required from windows client through Authorization keys abduljabbar_11 Linux - Newbie 3 06-25-2009 05:28 AM


All times are GMT -5. The time now is 06:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration