sftp automation script

sftp automation script

 

一觉亮天

 

If you want to download or upload some files from several sftp server, and the files have pattern in common, some kinds of tools to automate the process is meaningful. I give an example script to make this thing happen.

 

/code begin

#get.sh

ips="10.68.104.205 10.68.104.206 /

10.68.104.207 /

10.68.104.208 /

10.68.104.155 /

10.68.104.156 /

10.68.104.157 /

10.68.104.158 /

10.68.104.159 /

10.68.104.160"

 

 

usr=sc

 

for ip in $ips; do

           sftp -bbatch.txt ${usr}@${ip}

done

 

/code end

 

/code begin

#batch.txt

cd /the/path/where/you/prefer

get *.tar

bye

/code end

 

The script get.sh loop through several hosts to login, and after that commands in batch.txt will be executed. Unfortunately things do not go on that smooth. Each time you login a host, you have to input password manually. Even though, the scripts do help you in some extent. You can call it half-automation.

 

If you want to get rid of the step for inputing password, you have to do some preparation works in advance. sftp uses public/private key mechanism for authorization. You can ommit the step for inputing password benefiting from the mechanism. E.g., suppose this script is running in server A, and you need to fetch files in server B. After the steps followed, you do not need to input password anymore.

 

#running in server A

>ssh-keygen -t rsa

>scp ~/.ssh/id_rsa.pub root@(server B’s IP):.ssh

 

#running in server B

>touch /root/.ssh/authorized_keys #skip this step if it already exists

>cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

 

Troubleshooting

1)check the permissions of the user's home directory on the Linux system. The group and worldpermissions should only have read and execute. If you put a writepermission on either, SSH will prompt you for the password.

2)Also, the'.ssh' subdirectory should only have read, write, and executepermmission for the owner permission. Permissions can make or breakyou if all else is set up correctly, at least this is what I havefound with OpenSSH implementations.

3)One other thing I always do is force SSH version 2 connectivity (i.e.in OpenSSH's 'sshd-config' file the line would be "protocol 2" insteadof "#protocol 2,1" [which is the default]). (ssh -2)