solution:


The following script will spawn sftp in batch mode.
The password prompt will be taken care by the expect.

#!/usr/local/bin/expect

spawn sftp -b keybatch kitepilot@hamster
expect "password:"
send "<your password>\n";
interact
# end
#/usr/bin/sh
# Name: batchscp
# Author: Poser CodeMonkey
# Date: April 1, 2009
# Purpose: File scp batch to server list

# Three variables accepted by commandline options
# $1 = first parameter (/source_path/source_filename)
# $2 = second parameter (/target_directory/)
# $3 = third paramter (file that contains list of hosts)

SOURCEFILE=$1
TARGETDIR=$2
HOSTFILE=$3

if [ -f $SOURCEFILE ]
then
printf "File found, preparing to transfer\n"
while read server
do
scp -p $SOURCEFILE ${server}:$TARGETDIR
done < $HOSTFILE
else
printf "File \"$SOURCEFILE\" not found\n"
exit 0
fi
exit 0

your keybatch will contain:

batchscp /source_patch/source_filename /target_directory serverlist.file
bye

It will call this file:

#serverlist.file--
skypilot.kitepilot.com
192.168.41.254
209.67.38.99
hackfest.obnosis.com
#end--


A one step level of security can be encrypting your expect script using gnupg so that your password will be concealed if you want to use expect say called from cron as a backup solution in a production environment.

http://www.gnupg.org/

For more information on expect scripts
http://expect.nist.gov/

A example of automating sftp using expect can be seen at the following link
http://linux-bsd-central.com/index.php/content/view/26/29/


Excerpted for PLUG from:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1237607848092+28353475&threadId=690015

Obnosis | (503)754-4452

PLUG Linux Security Labs 2nd Saturday Each Month@Noon - 3PM



JD Austin  suggested for kitepilot@kitepilot.com's request for "a script or solution that will supply username and password":


write a script that uses expect and scp to put the file in place.
--
JD Austin
Twin Geckos Technology Services LLC
jd@twingeckos.com
480.288.8195x201
http://www.twingeckos.com


On Fri, Mar 20, 2009 at 6:39 PM, Bob Elzer <bob.elzer@gmail.com> wrote:
He has the key, but to login to every machine to copy the file, he has to
type the password first.

Which is what he is trying to avoid.


-----Original Message-----
From: plug-discuss-bounces@lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Bryan
O'Neal
Sent: Friday, March 20, 2009 6:15 PM
To: 'Main PLUG discussion list'
Subject: RE: To have a program to "type" a username/passwordfor me. How?

If SSH without passwords is what your after why not use key based
authentication?  Setting up keys is painfully simple.

Public key encryption
Generating keys for server A (the one with the data to be synced)

a@A:~> ssh-keygen -t rsa
       Enter file in which to save the key (/home/a/.ssh/id_rsa):
       Created directory '/home/a/.ssh'.
       Enter passphrase (empty for no passphrase):
       Enter same passphrase again:
       Your identification has been saved in /home/a/.ssh/id_rsa.
       Your public key has been saved in /home/a/.ssh/id_rsa.pub.
       The key fingerprint is:
       3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Tell Server B to Accept the key
1. Create a directory ~/.ssh as user b on B
       a@A:~> ssh b@B mkdir -p .ssh
       b@B's password::
2. Append a's new public key to b@B:.ssh/authorized_keys
       a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
       b@B's password::
3. Change permissions for b's authorized_keys file
       a@A:~> ssh b@B chmod 0600 .ssh/authorized_keys
       b@B's password::
Done
-----Original Message-----
From: plug-discuss-bounces@lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of
kitepilot@kitepilot.com
Sent: Friday, March 20, 2009 5:30 PM
To: Main PLUG discussion list
Subject: Re: To have a program to "type" a username/passwordfor me. How?

Ah well...
So much for skipping the research:
http://bash.cyberciti.biz/security/expect-ssh-login-script/

Darn it...
ET




kitepilot@kitepilot.com writes:

> To have a program to "type" a password for me. How?
> Hello widespread wisdom...
>
> I want to propagate public keys to several dozens of puters so I can
> login passwordless.
>
> I am not looking forward to typing (or cut'n pasting) a password a
> gazillion times.  They all have the same username/password combination.
>
> I know that expect can be used to "type" a password (or to fool passwd
> to change a password without manual intervention), but I don't know how.
>
> What I want is ti fire a loop to copy my keys to all the machines and
> to have the program to "type" the username and the password to free me
> up from the dull stuff.
>
> This *HAS* to be possible, does anybody know how?
> Thanks!   :)
> ET
>
> PS: No, I haven't researched this, this question is the beginning of
> my research...
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss



Express your personality in color! Preview and select themes for HotmailŪ. See how.