Re: SSH SFTP and Automation

From: Nico Kadel-Garcia (
Date: 05/30/02

From: "Nico Kadel-Garcia" <>
Date: Wed, 29 May 2002 23:54:38 GMT

"Mark Fitchett" <> wrote in message
> I am looking to create a secure means of uploading files across the
> Internet.
> I have an SSH server running on Windows, using the F-Secure software.
> Do I need to run SFTP to ensure that the information sent is encrypted
> during upload ?

Use "scp" or use "rsync -e ssh".

> Ideally I'd liek to automate this process but Im told by the supplier that
> the only way to do this is to use null passphrases in the certificates.

The supplier is wrong or left things out. You can also use ssh-agent to
store password using keys for dynamic use, and flush them when the system
reboots. This keeps passwordless keys out of NFS directories or locally
readable files.

> Is this secure or just best practice for this ?
> Thanks in anticipation.
> M

Take a look at also using chroot cages to restrict access to an SSH
directory if you're really worried about potential damage from remote users.