Midrange News for the IBM i Community


Posted by: Chris Proctor
Programmer Analyst
Columbia Sports Company
Portland, OR
Using a password with SFTP?
has no ratings.
Published: 20 Apr 2016
Revised: 20 Apr 2016 - 402 days ago
Last viewed on: 27 May 2017 (776 views) 

Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.

Using a password with SFTP? Published by: Chris Proctor on 20 Apr 2016 view comments(1)

Good morning, everyone. I am working on an SFTP process and the vendor supplied a user ID and password. The only SFTP job that I've ever created was just generating the keys myself, sending the vendor the public to add to their known hosts file and it worked. This was for a process where they would access our IFS to grab files.

With this new SFTP vendor, we need to put files on their server from our IFS. I guess my first question is, do I still send them the public key, or do I have to send a different one because it's going out rather than coming in this time? Next, how would I handle supplying a password as well in the SFTP?

Any advice would be greatly appreciated. Examples would be even more appreciated! Lol. Thanks!

Return to midrangenews.com home page.
Sort Ascend | Descend

COMMENTS

(Sign in to Post a Comment)
Posted by: chrisp
Premium member *
Portland, OR
Comment on: Using a password with SFTP?
Posted: 1 years 1 months 6 days 7 hours 8 minutes ago

Disregard this question. I found the following info:

Using password authentication for batch sftp processes is a bad practice, and violates good security practices.  Best thing to do is to talk to the person managing the sftp server, and ask them to switch to the correct authentication method for batch , which is public key.

So when they tell you "no", your best alternative is to use Expect.  We use this with backward, uninformed trading partners who can't be bothered to implement public key authentication for sftp and insist we use password authentication.

Expect lets you perform interactive "conversations" in batch.

Thanks, anyway!! wink