How to implement SSH_ASKPASS to automate SFTP

A discussion of Co:Z sftp, a port of OpenSSH sftp for z/OS
Post Reply
Posts: 13
Joined: Thu Jul 23, 2009 11:02 am

How to implement SSH_ASKPASS to automate SFTP

Post by wm212333 » Wed Aug 12, 2009 4:59 pm

I am attempting to run the following automated sh program (non-interactive). The requirement is to read/enter the sftp password from a secure dataset and not setup public/private keypairs. When I run the shell it prompts me for the password. Once I enter the password it completes the sftp. How can I get this to run without being prompted for the password?

#! /bin/sh

export PASSWD_DSN="//FB.PWDSN" # contains the sftp password
export SSH_ASKPASS=$coz_bin/
export DISPLAY=none
export SSH_TTY=/dev/null

ssh_opts="$ssh_opts -oConnectTimeout=60"
ssh_opts="$ssh_opts -oServerAliveInterval=60"
ssh_opts="$ssh_opts -oStrictHostKeyChecking=no"

$coz_bin/cozsftp $ssh_opts -b- $remoteuser@$server <<EOB
put $localdsn $remotefile

Site Admin
Posts: 1807
Joined: Thu Jul 29, 2004 12:12 pm

Post by dovetail » Wed Aug 12, 2009 6:28 pm

Note: the unfortunate way that passwords are handled is done in ssh (Ported Tools), which is invoked by Co:Z SFTP. Otherwise, I would fix it :-)

I have noticed that even though you specify SSH_ASKPASS, that if a tty (interactive terminal) is connected to the process ssh will *not* use it and prompt you for a password instead. So, if you try to run this script under a batch job (under a shell using say COZBATCH), it will likely work.

If that doesn't work, you can add the "-vvv" option to the sftp command and you will get a debug log that might help us figure out what is wrong.

Hope this helps.

Posts: 13
Joined: Thu Jul 23, 2009 11:02 am

Post by wm212333 » Mon Sep 21, 2009 3:48 pm

Works as designed in batch mode. Thanks! :D

Post Reply