Using sftp in a Script (with RSA Authentication)
Technote (FAQ)
Question
Using sftp in a Script (with RSA Authentication)
Answer
This document applies to AIX Versions 5.2 & 5.3 and above.
To use sftp in a script without user interaction, you will need to set up RSA Authentication and then pass a batch file containing the transfer commands to sftp.
In this example, the local machine's hostname is machineA, and the remote machine's hostname is machineB. The username of the user who will be doing the sftp is sftpuser.
NOTE: Bold text indicates user input.
  1. Generate RSA key pair and verify that the keys are there.
   sftpuser@machineA# ssh-keygen -t rsa
   Generating public/private rsa key pair.
   Enter file in which to save the key (/home/sftpuser/.ssh/id_rsa): <ENTER>
   Enter passphrase (empty for no passphrase): <ENTER>
   Enter same passphrase again: <ENTER>
   Your identification has been saved in /home/sftpuser/.ssh/id_rsa.
   Your public key has been saved in /home/sftpuser/.ssh/id_rsa.pub.
   The key fingerprint is:
   b7:95:f7:a0:e1:52:01:d5:ec:48:e3:73:f7:45:40:46 sftpuser@machineA
  
sftpuser@machineA# cd ~/.ssh

sftpuser@machineA# ls -l
   total 32
   -rw-------   1 sftpuser     staff          883 Nov 07 11:41 id_rsa
   -rw-r--r--   1 sftpuser     staff          222 Nov 07 11:41 id_rsa.pub
   -rw-r--r--   1 sftpuser     staff          915 Nov 06 12:30 known_hosts
   -rw-------   1 sftpuser     staff         1024 Nov 07 11:40 prng_seed

  1. Copy the public key to the remote machine.
sftpuser@machineA# scp id_rsa.pub
sftpuser@machineB:.ssh/id_rsa.pub.machineA
sftpuser@machineB's password: <password>
id_rsa.pub            100% |*****************************|   222      
00:00   

NOTE: The $HOME/.ssh must exist on the remote machine for the above scp to work. Also, the directory should have permissions of 700 and be owned by the user.
  1. Log in to remote machine to add key to authorized_keys file.
sftpuser@machineA# ssh sftpuser@machineB
sftpuser@machineB's password: <password>
sftpuser@machineB# cd ~/.ssh

sftpuser@machineB# ls -l
total 16
-rw-r--r--   1 sftpuser     staff          222 Nov 07 11:57
id_rsa.pub.machineA
-rw-r--r--   1 sftpuser     staff          677 Oct 31 09:52 known_hosts
sftpuser@machineB# cat id_rsa.pub.machineA >> authorized_keys

sftpuser@machineB# ls -l
total 24
-rw-r--r--   1 sftpuser     staff          222 Nov 07 12:03 authorized_keys
-rw-r--r--   1 sftpuser     staff          222 Nov 07 11:57
id_rsa.pub.machineA
-rw-r--r--   1 sftpuser     staff          677 Oct 31 09:52 known_hosts

sftpuser@machineB# rm id_rsa.pub.machineA

sftpuser@machineB# exit

Connection to machineB closed.

  1. Test the RSA Authentication.
 sftpuser@machineA# ssh sftpuser@machineB
 sftpuser@machineB#

NOTE: You should not be prompted for the password.
 sftpuser@machineB# exit
 Connection to machineB closed.

  1. Create batch script to test sftp.
  sftpuser@machineA# echo "put /etc/motd /home/sftpuser/motd.txt" > /tmp/test.batch
   sftpuser@machineA# cat /tmp/test.batch
   put /etc/motd /home/sftpuser/motd.txt

  1. Test sftp.
   sftpuser@machineA# sftp -b /tmp/test.batch sftpuser@machineB
   Connecting to machineB...
   sftp> put /etc/motd /home/sftpuser/motd.txt
   Uploading /etc/motd to /home/sftpuser/motd.txt
   sftp>
   sftpuser@machineA#

  1. Verify that the file was transferred.
      sftpuser@machineA# ssh sftpuser@machineB
      sftpuser@machineB# ls -l /home/sftpuser/motd.txt
      -r-xr--r--   1 root     staff         1441 Nov 07 13:08
      /home/sftpuser/motd.txt
     
      sftpuser@machineB# exit
      Connection to machineB closed.

You can now use the sftp command, similar to the one in Step 6, in your script.