How to copy files from local machine to server using SSH file transfer protocol?

Question

I have an Ubuntu 9.10 desktop machine which I use locally. I am setting up a server on a hosting provider. The server will run a very minimal version of Ubuntu server LTS (only LAMP and email server no GUI).

I want to write a script (scheduled as a cron job) that will allow me to upload local files onto the server. I want to use [SFTP][1], for security reasons.

I am new to shell scripting - but I guess shell scripting is the way to do this (unless I am mistaken).

Can anyone provide me with the initial pointers on how to go about writing such a script, in order to SECURELY upload local files to the server?

Ideally, I would like to compress the files before the transfer (to save on bandwidth)

[1]: http://SSH file transfer protocol

Answer 1

Whether you spell it 'SECURE' or 'secure,' we can't read your mind and tell what you want to secure against. So I'll give a basic recipe and tell you what it's good for. This probably should all move to superuser.

1. learn basic bourne shell. A tutorial for that can't fit into a stackoverflow answer.
2. run ssh-keygen to make an ssh key pair. Since you want to run scp from cron, you can't use a passphrase, AFAIK. Which means that you have to be quite sure that the machine you are copying from is safe from intruders.
3. copy the public key from the ssh key pair to your .ssh/authorized_keys on the target machine.
4. prove that this works by running 'ssh target-machine' and successfully logging on sans-password.

Now, you can make a shell script that uses the scp command to do the actual copies. Start from:

#!/bin/sh
scp PATHNAME_OVER_HERE target-host:/PATHNAME_OVER_THERE

This is secure against basic password spying and against randoms connecting to target-host with telnet. It is not secure if the source system is not secure, and I cannot vouch for the security of ssh protocol, though it certainly is widely used.

Answer 2

How to copy files from local machine to server using SSH file transfer protocol?

Use scp.

I want to do it in a cron job.

The main issue with using scp in a cron job is this: where do you get your credentials? Putting your password in the clear is not a good idea. A better idea is to have an ssh-agent process running on your machine. To find an appropriate ssh-agent you can run this script:

#!/bin/sh

for i in $SSH_AUTH_SOCK /tmp/ssh*/agent*
do
  if [ -r "$i" -a -w "$i" ]; then
    case `SSH_AUTH_SOCK="$i" ssh-add -l` in
      *:*:*) echo "$i"; exit 0 ;;
    esac
  fi
done

exit 1

If the script succeeds, you get a value you can put into the SSH_AUTH_SOCK environment variable before running scp.

When you bring up the client, you should present your credentials by launching ssh-agent and running ssh-add.