Midrange News for the IBM i Community


Posted by: Chris Proctor
Programmer Analyst
Columbia Sports Company
Portland, OR
Using a passphrase in a public key in batch....
has no ratings.
Published: 10 Aug 2012
Revised: 23 Jan 2013 - 4082 days ago
Last viewed on: 28 Mar 2024 (5065 views) 

Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.

Using a passphrase in a public key in batch.... Published by: Chris Proctor on 10 Aug 2012 view comments(4)

Happy Friday. Everything I've been reading says not to use a passphrase in a private/public key for an SSH connection if the job is going to run in batch, because someone has to answer it manually. The users that I'm developing the SFTP process for want a passphrase for additional security. Is there a way to automate the entry of the passphrase? Maybe in the script file or something like that? I know that kind of defeats the purpose for "additional security".

Maybe I just need to tell them that unless they want to run the job and enter the passphrase every time it comes up a passphrase can't be used.

Thoughts?????

Return to midrangenews.com home page.
Sort Ascend | Descend

COMMENTS

(Sign in to Post a Comment)
Posted by: BrianR
Premium member *
Green Bay, WI
Comment on: Using a passphrase in a public key in batch....
Posted: 11 years 7 months 17 days 14 hours 18 minutes ago

Let me refer you again to Scott Klement's presentation and read the part about the EXPECT utility which emulates a Unix terminal in batch (starts on page 35).  That may or may not work depending on your requirements, but it's worth a look.

Posted by: chrisp
Premium member *
Portland, OR
Comment on: Using a passphrase in a public key in batch....
Posted: 11 years 7 months 17 days 13 hours 58 minutes ago

Hi Brian. Yeah, I looked at it, but don't think it will work for us. I also tried installing it and it had numerous "file or directory in the path name does not exist" errors.

Posted by: DaleB
Premium member *
Reading, PA
Comment on: Using a passphrase in a public key in batch....
Posted: 11 years 7 months 14 days 20 hours 13 minutes ago

I'm curious, did you try it in the !--script-- file (-b xxx)? What happened?

Posted by: ssonntag
Premium member *
Port Washington WI
Comment on: Using a passphrase in a public key in batch....
Posted: 11 years 7 months 7 days 14 hours 9 minutes ago
Edited: Mon, 20 Aug, 2012 at 17:03:28 (4238 days ago)

Brian,

 

I too just went through the process of setting up sFTP and found that trying to use a passphrase was too much of a hassle and really does provide that extra level of security if someone has to run the process from a terminal session.

The extra time and effort of having to install and use EXPECT in the !--script-- didn't make sense for a process that is already secure.

Unless they really insist, I would not go through the effort.

 

Scott Sonntag