Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AW: sftp question

from [Miro Dietiker, MD Systems] Network Security [Permanent Link]
Subject: AW: sftp question
Date: Tue, 20 Sep 2005 09:52:30 +0200 
The passphrase is to protect a key against stealing.
If you like to use keybased automatic logins, create a key without
a passphrase (enter empty passphrase while asked) and everything
just works fine.

+-------------------------------+  +-------------------------------+
| Miro Dietiker                 |  | MD Systems Miro Dietiker      |
| Dipl. Ing. FH Elektrotechnik  |  | Alte Zürcherstrasse 10        |
|                               |  | 8903 Birmensdorf              |
|                               |  |                               |
| Mobile:   +41 (0)78 707 30 10 |  | Geschäft: +41 (0)43 344 03 56 |
|                               |  | Fax:      +41 (0)43 344 03 57 |
| m.dietiker@md-systems.ch      |  | info@md-systems.ch            |
|                               |  |             www.md-systems.ch |
+-------------------------------+  +-------------------------------+


-----Ursprüngliche Nachricht-----
Von: Joseph Vaughn [mailto:vaughn@chemmail.chem.fsu.edu] 
Gesendet: Freitag, 16. September 2005 21:43
An: secureshell@securityfocus.com
Betreff: sftp question

Hello

I hope someone can help me with the following problem.




Background:  We are using SUN hosts running Solaris9.  For more than 
15 years we have had our users launch a Cshell script to create a tar 
file.   It also does ftp data transfer in the background for 
archiving on remote Macintosh computers.   The users just type the 
name of the script on the command line and then he/she enters a file 
name.  The process uses .netrc which contains the remote password. 
Permissions are set so that the users cannot read the contents of 
.netrc.
   So, the user does not know the password on the archiving host.  Of 
course ftp has huge security problems.  So, I am trying to create a 
similar process using sftp.  I have tried to do this using SUN's 
Solaris9 ssh-keygen, ssh-agent, ssh-add,  etc.  I have tried 
"passwordless" sftp setups I have found on websites.  This 
description is improper.  They don't require your normal password, 
but they do require a new "passphrase" (ie a new password).


My question:   Help?!   Can you tell me how to get Solaris9's version 
of sftp/ssh to work in such a fashion as I described above.   That 
is, sftp launched with a Cshell script and have the 
password/passphrase entered in the background perhaps by another 
shell script, which is called by the first one.


Regards.


Joseph Vaughn
-- 
Dr. Joseph Vaughn
NMR Facility Associate Director
Department of Chemistry and Biochemistry
Florida State University
Tallahassee, FL 32306-4390

850-644-3334   Phone
850-644-8281   Fax
vaughn@chem.fsu.edu
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: sftp question, Chris Clymer
Next by Date:  Re: sftp question, Bryn Smith
Previous by Thread:  Re: sftp question, Chris Clymer
Next by Thread:  Re: sftp question, Bryn Smith
Indexes:  [Date] [Thread] [Top] [All Lists]