How to send password using sftp batch file - batch-file

I'm trying to download a file from sftp site using batch script. I'm getting the following error:
Permission denied (publickey,password,keyboard-interactive).
Couldn't read packet: Connection reset by peer
When running the command:
sftp -b /home/batchfile.sftp <user>#<server ip>:<folder>
the batchfile.sftp includes these data:
password
lcd [local folder]
cd [sftp server folder]
get *
bye
Note: It's working when running at the prompt as
sftp <user>#<server ip>:<folder>
But I need the ability to enter the password automatically.

You'll want to install the sshpass program. Then:
sshpass -p YOUR_PASSWORD sftp -oBatchMode=no -b YOUR_COMMAND_FILE_PATH USER#HOST
Obviously, it's better to setup public key authentication. Only use this if that's impossible to do, for whatever reason.

If you are generating a heap of commands to be run, then call that script from a terminal, you can try the following.
sftp login#host < /path/to/command/list
You will then be asked to enter your password (as per normal) however all the commands in the script run after that.
This is clearly not a completely automated option that can be used in a cron job, but it can be used from a terminal.

I advise you to run sftp with -v option. It becomes much easier to fathom what is happening.
The manual clearly states:
The final usage format allows for automated sessions using the -b
option.
In such cases, it is necessary to configure non-interactive authentication
to obviate the need to enter a password at connection time (see
sshd(8) and ssh-keygen(1) for details).
In other words you have to establish a publickey authentication. Then you'll be able to run a batch script.
P.S.
It is wrong to put your password in your batch file.

You mention batch files, am I correct then assuming that you're talking about a Windows system? If so you cannot use sshpass, and you will have to switch to a different option.
Two of such options, that follow diametrically opposite philosophies are:
psftp: command-line tool that you can call from within your batch scripts; psftp is part of the PuTTY package and you can find it here http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Syncplify.me FTP Script: a scriptable FTP/S and SFTP client for Windows that allows you to store your password in encrypted "profile files"; check it out here http://www.syncplify.me/products/ftp-script/
Either way, switching from password to PKI authentication is strongly recommended.

PSFTP -b path/file_name.sftp user#IP_server -hostkey 1e:52:b1... -pw password
the file content is:
lcd "path_file for send"
cd path_destination
mput file_name_to_send
quit
to have the hostkey run:
psftp user#IP_SERVER

You need to use the command pscp and forcing it to pass through sftp protocol. pscp is automatically installed when you install PuttY, a software to connect to a linux server through ssh.
When you have your pscp command here is the command line:
pscp -sftp -pw <yourPassword> "<pathToYourFile(s)>" <username>#<serverIP>:<PathInTheServerFromTheHomeDirectory>
These parameters (-sftp and -pw) are only available with pscp and not scp. You can also add -r if you want to upload everything in a folder in a recursive way.

This command will help you
sshpass -p MYPASSWORD sftp MYUSERNAME#HOST

Related

Using FTP client to send file to FTP server

I would like to create a C program to send a .xml file to a FTP server which I have been given the username and password to periodically. What would be the easiest way to do this?
One idea I had was to just create strings containing the instructions and execute these using system("command") however I have not used FTP before so do not know the correct commands to do so. Is there a better way to go about this? Or if this way is valid what commands would i use to send the file via FTP.
ftp -u ftp://user:passt#ftp.ftpserver.com/local-file.txt local-file.txt
Probably lftp is a better choice here.
lftp ftp://user:password#host -e "put local-file.name; bye"
Rather than a C program, a shell script would be more easier for you to manage and get things done in this case.
Or you can use 'scp' to send file this
$ scp <username>#<ftp-server-ipaddress>:/path/ftp-server/dir <your file>
Or 'sftp', this has an added advantage to surf the ftp server
$ sftp username#<ftp-server-ipaddress>
password:
$ ls
$ pwd
You can use simple linux commands and use the ftp server, incase you need to check your host commands you have to add 'l' as prefix
$lls
$lpwd # working on your machine with sftp login
$ put <your .xml file> # puts your file to ftpserver
$ get <anyfile> # gets files from ftp server

Using psexec.exe in jenkins, handle is invalid

I am using Jenkins on a Windows7 system. I would like to use it to execute a batch script on a remote Windows system. The batch script will be used to flash a development board and run some tests. I came across psexec.exe. That works well through a command prompt window--I can connect and run the script without any issues, but when I try to have Jenkins do it, I get the following output:
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
The handle is invalid.
Connecting to ABCDEFG...
Couldn't access ABCDEFG:
Connecting to ABCDEFG...
Build step 'Execute Windows batch command' marked build as failure
The command I am using in both cases is:
psexec.exe \\ABCDEFG -u "DOMAIN\username" -p "password" "C:\test.bat"
The user associated with username has administrator privileges on the remote system (ABCDEFG is not the real name of the system).
Can anyone help me figure out why it is not working through Jenkins? Or, is there an easier/better way to execute a batch script on a remote Windows system through Jenkins?
Thanks to all your help, especially Technext, I have a solution.
I needed run "services.msc", find "Jenkins", right click on it, and go to "Properties". Once the properties windows appeared, I had to click the "Stop" button to stop Jenkins, open the "Log On" tab, enter in my username and password (the username I used when running through command prompt), and start Jenkins again. That got rid of the "handle is invalid" message in Jenkins.
Update:
A better solution was to go onto the system I was using psexec.exe to get onto, go to Control Panel > User Accounts > Give other users access to this computer. Click on "Add..." and type in the username and domain Jenkins uses to run its commands (to find this, open your Jenkins in a browser window, go to Manage Jenkins > System Information and look for USERNAME and USERDOMAIN under Environment Variables). Make sure you give it Administrator rights. Then click ok. Now psexec.exe shouldn't have the "handle is invalid" issue.
Sorry, I don't have enough reputation for comments, but is the single \ a typo? Since
The handle is invalid.
probably means that the computer address is invalid. Try
psexec.exe \\ABCDEFG -u "DOMAIN\username" -p "password" "C:\test.bat"
Notice the two backslashes to access a locally mapped computer.
otherwise if that does not work i recommend the # tag
psexec.exe #servername.txt -u "DOMAIN\username" -p "password" "C:\test.bat"
where #servername.txt is a textfile containing only the servernames, one per line. The file parameter handles the formatting of \
ex servername.txt
ABCDEFG
COMPUTER2
EDIT: also found after some quick googling that it can be related to windows security.
Check out that a simple restart of the remote machine doesn't solve the problem. Also, adding parameters -h and -accepteula may help. Modified command:
psexec.exe \\ABCDEFG -u "DOMAIN\username" -p "password" -h -accepteula "C:\test.bat"
I execute below code from Jenkins pipeline groovy script to connect dynamically created VM as a resource on Jenkins master. Below code connect dynamically created VM as resource on Jenkins master with 4 executors. You can change the number of executors based on your requirement.
bat label: 'ConnectResource', script: """
#echo OFF
C:\\apps\\tools\\psexec \\\\${machine_ip} -u ${machine_ip}\\${machine_username} -p ${machine_password} -accepteula -d -h -i 1 cmd.exe /c "cd C:\\apps\\jenkins\\ & java -jar C:\\apps\\jenkins\\swarm.jar -master http://pnlv6s540:8080 -username ${jenkins_user_name} -password ${jenkins_user_password} -name ${machine_ip}_${BUILD_NUMBER} -labels ${machine_ip}_${BUILD_NUMBER} -deleteExistingClients -disableClientsUniqueId -executors 4" & ping 127.0.0.1 -n 60 > nul
"""

putty from a batch file and a script?

I have a batch file that opens putty just fine.
c:\putty.exe root#192.168.12.34 -pw boyhowdy. But to make this work for me I need to understand how to include a script of a command so it will run under the putty tool. Like mount –o remount,rw / . Or is this something I can do with a tool called pscp. I am a nube to these tools and really could use some guideance. I have a bunck of these scripts and would really like to automate them. Thankyou
If your goal is to execute shell commands remotely through putty, you should probably look at plink (putty without the gui, in other words an ssh client for windows) and then apply the standard here-doc techniques to plink.
plink is part of the putty collection and is also downloadable from the same page as putty.
If you want to execute a local script you would use
plink user#host -m local_script.sh
For instance. Assuming you're running on some Windows box (fyi the putty suite also runs on Linux) and want to execute a batch of commands on some remote box you would create a shell script on your local machine (say mount.sh) and run it like this:
C:\> type mount.sh
whoami
hostname
/usr/sbin/mount -t iso9660 -o ro /dev/cdrom /mnt
/usr/sbin/mount | grep mnt
C:\> plink remoteuser#remotehost -pw secret -m mount.sh
remoteuser
remotehost
/dev/cdrom on /mnt type iso9660 (ro)
Also, it's probably better to copy your public key over so that the password is not coded in some batch file.
Finally, be aware that not all environment variable defined in an interactive shell process will be available in the remote shell process. You might need to 'source' some profile script at the beginning of your script.

windows, Putty, pscp combined in to a single batch file, is it possible?

I'm having trouble getting an answer to my question, in laymens terms. It is probably my lack of knowledge on the subject so, I'm dumbing down the question. I have a windows machine that I run the putty tool from and connect to a linux box. I run " killall /bob/bin/myfile.out " then close putty then type in a cmd prompt pscp.exe myfilet.out.2.3.4 root#192.168.1.1:/bob/bin/myfile.out . Can someone show me how to combine these into a single windows batch file? thank you
You could use the free command line tool Plink to run commands on external servers via SSH.
#echo off
Plink root#192.168.1.1 "killall /bob/bin/myfile.out"
pscp.exe myfilet.out.2.3.4 root#192.168.1.1:/bob/bin/myfile.out || echo an error occurred when copying the file.
the command after || on the second line will only run if an error level is set by the previous command.
I can't add comments yet, but can you elaborate on how you login with putty, but not do the exact same thing with plink? Plink not only accepts all the same options as putty, but if you have a saved session in putty, you can access it from plink. Without any subcommands, plink should essentially make you CMD shell look like a crude putty window, with subcommands, it will execute them and return:
C:\Users\riglerjo>plink savedputtysession
Using username "rigler".
# hostname
s9-chicago.accountservergroup.com
-bash-3.2$ exit
logout
Run the remote command as an option on plink:
C:\Users\riglerjo>plink savedputtysession hostname
s9-chicago.accountservergroup.com

How to copy file from SSH remote host to Jenkins Server

We are using Jenkins server for our daily build process and executes some bash scripts on remote hosts over SSH. This scripts are generating html log files on remote hosts.
We are using Copy to slave plugin to copy files on slave machines and Publish over ssh plugin to manage SSH sessions in build process.
Now the question is, We want to copy some files (log files of Scripts) from remote ssh host to Jenkins Server.
Which will be possible and better option for the same (plugin will be better if any).
EDIT :
sshpass is an option, but looking for any plugin or better way to do the job.
use sshpass command to send file in
Build Environment -> Execute Shell script on remote host using ssh ->
Post build script
sample command :
sshpass -p "password" scp path/of/file <new_server_ip>:/path/of/file
This will skip password prompt for scp command and will provide password to scp.
I think you can generate ssh keypair and pass it to the slave as a parameter with, for example, Config File Provider Plugin
Then just use scp to retrieve files using this keypair for authentication process.
Obviously way too late, but in case you're already using publish-over-ssh, want to avoid duplicating the credentials and have a shared library you can use this piece of groovy to obtain the host configuration:
import jenkins.plugins.publish_over_ssh.*
#NonCPS
def getSSHHost(name) {
def found = null
Jenkins.instance.getDescriptorByType(BapSshPublisherPlugin.Descriptor.class).each{
it.hostConfigurations.each{host ->
if (host.name == name) {
found = host
}
}
}
found
}
As mentioned, this either requires a Global Shared Library (so that your code is trusted) or (probably) a number of admin approvals, sorry for that.
This returns a BapSshHostConfiguration.
For a password connection you can do:
def sshHost = getSSHHost('Configuration Name')
def host = [host: sshHost.hostname, user: sshHost.username, password: sshHost.password]
sshHost = null
sh("""
set +x
sshpass -p "${host.password}" scp -o StrictHostKeyChecking=no ${host.user}#${host.host}:filename.extension .
set -x
""")
This copies the file to your local work directory.
Probably not the best code ever, but I'm not a groovy specialist. It works and that is enough for me. (the set +x is to avoid it echoing the command in the log, showing the password). Getting rid of anything Non-CPS (sshHost = null) before you perform a CPS call saves you a lot of headaches :)
Since it took me quite a while to figure out I wanted to share this for whoever comes next.

Resources