[lug] Using "ask-pass" With sftp?

Simos blug at chinesetearoom.com
Sat Jun 18 14:01:35 MDT 2016

On Sat, 18 Jun 2016 18:36:51 +0000 (UTC)
stimits at comcast.net wrote:

> Hi,
> I have a bit of a conundrum, how do I use sftp from any (Ubuntu or other) machine to an embedded Ubuntu machine to download root-access-only files using only password, and not customizing each Ubuntu machine for allowing this? Can this be done on the command line?
> If I were using ssh, I could use force pseudo-terminal allocation and embed the sudo command into a single command over ssh, such as with scp.  If I were using a local Fedora host, I could possibly ssh to the Ubuntu machine, sudo, and sftp in reverse from remote Ubuntu to local Fedora...but there is the possibility that both machines are Ubuntu. Is the only way to use sftp with an Ubuntu environment needing root access at both ends to customize the remote Ubuntu system itself?
> Side note: I'm thinking of renaming some Ubuntu machines to something like "RubiksCubuntu". :P


If you have the option to set PermitRootLogin in sshd_config on the embedded Ubuntu machine, then you can use pub key auth.

Another option, if you don't want to set keys on all the non-embedded client machines, is to create another user on the embedded Ubuntu machine with a 0 uid and a password so that it has access to the root-owned files.

You can use expect to automate any password or sftp input if you must use sftp, but given the above you should be able to just use scp.



More information about the LUG mailing list