I need to copy a file from Windows to Linux using SCP (FTP is not installed on the Linux machine, but SSH and SCP are).
In a Windows command prompt I can enter
scp [path to source] root:@[target IP address] [target dir]
and it works fine but asks for a password, whose entry I need to automate:
root@[IP address]'s password:
scp doesn’t seem to accept embedded passwords e.g. root:[password]@[IP address].
I thought the Xojo Interactive Shell would be perfect, but when I enter the scp command into the example program I see no output at all.
I would like to avoid messing with key pairs and such - this is for a production line application where device after device needs to be programmed. I just want to programmatically answer the password request, which I thought would be a simple matter, silly me.
I would also prefer to avoid using external apps like putty, plink, WinSCP etc if possible and just implement a Xojo (+ MBS if necessary) -only solution.
Should I be using a sync or async shell instead of interactive? It’s only one command. Like look for the password request string in the shell’s output and then write the password to the shell?
While this works the first time, subsequent logins fail because putty presents a notification that the host key has changed. To work around this, I call Echo to pipe a response of “n” to the query as to whether or not to update the host key. Works every time now.
Unfortunately -batch does not disable this prompt. You also get this prompt the first time running it, and it took me a while to work out what was happening when running the compiled app for the first time on a new machine. Julia’s method does seem to workaround this. Initially I was just opening putty once to accept the key then running the program.
Yeah, the Putty guys have publicly gone on record saying they will never provide a mechanism for bypassing host key checks, and indeed one is hard pressed to find postings or articles on the 'net that don’t give a stern finger-wagging about password authentication being a Bad Thing. Another case of people assuming that everyone else’s use case must be like theirs. Mine is production-line programming of thousands of devices - it’s just my PC and the device being programmed, security is a total non-issue.
I just downloaded the source and had a quick look. All the key checks are in common.c, looks like not too much work to implement auto accepting of keys, Im just reading up on what I will need to compile it.
Please, don’t. If you want to play with this problem, play with Xojo and the official pscp.
Here is a problem, 2 steps in Xojo:
Find a pscp sequence of parameters to print the host key. In your Xojo GetHostKey() code use it and return the key or “” if not necessary.
If one is found, in subsequent calls to UploadFile() insert “-hostkey <previously obtained key>” in the list of the parameters.
Done. Handling the problem from Xojo side preserving the tools in the standard form.
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's ssh-ed25519 key fingerprint is:
ssh-ed25519 255 3e:97:63:80:fe:b1:ed:31:16:28:d4:1b:dd:f2:24:1f