Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SFTPing a File From stdin

30 views
Skip to first unread message

Me

unread,
Apr 12, 2006, 3:33:23 PM4/12/06
to
Is there a way to securely transfer a file from standard in? I know it's
possible when connecting to a UNIX server by doing this:

cat localFile | ssh user@host cat \> remoteFile

But I'm connecting to WinSSHD and there's no cat or dd command. I've tried
using the DOS "copy con:" command with no success. Anybody have any ideas?
I can't use temp files for reasons of security. Thanks!

--chris

Darren Dunham

unread,
Apr 12, 2006, 4:02:40 PM4/12/06
to

I believe that WinSSHD is based on cygwin/OpenSSH. Presumably you could
install bash/cat/dd into the cygwin bits.

Or you could use a more complete cygwin installation and run OpenSSH
from it directly. Then you'd definitely have the file manipulation
capabilities.

Do you have activestate perl installed? Maybe push it into a perl
program?

cat localFile | ssh user@host 'perl -pe "1" > newfile' or
cat localFile | ssh user@host 'perl -e "$file=qq(>newfile);open(F,$file); while(<>) {print F $_;}"'

Sorry I'm not sure of the particulars of WinSSHD and how it interacts
wit the command shell.

--
Darren Dunham ddu...@taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >

Me

unread,
Apr 12, 2006, 5:00:09 PM4/12/06
to
Unfortunately, I have no control over the server I'm connecting to.
WinSSHD is not based on cygwin so I have no unix commands at my disposal.
I was hoping there'd be some obscure option in sftp of scp that would
allow me to do this from the client. It seems like my only way out is to
write my own sftp client. This is what I get for proposing a "easy"
solution to my management. Thanks though!

--chris

Per Hedeland

unread,
Apr 13, 2006, 5:29:19 AM4/13/06
to

Well, assuming the server really supports sftp, as suggested by your
Subject line, it should be possible without doing anything special on
the server side (scp can't do it, since it wants to send the file size
before the content). For the client side, on typical *nix boxes it
*should* be just a matter of

echo "put /dev/stdin remoteFile" > /tmp/sftp.bat
sftp -b /tmp/sftp.bat user@host

However, for reasons that I'm not sure about, OpenSSH's sftp client
doesn't like that. First, it insists that the source should be a regular
file - very un-*nix-ish and certainly not required by the protocol - see
diff 1 below how to get rid of that. Second, in a semi-recent version
someone decided that using -b with sftp implies a non-interactive
session, limiting your choices of authentication methods - might be a
sensible default, I'm not sure, but in any case it should be possible to
override by using

sftp -b /tmp/sftp.bat -o "batchmode no" user@host

- I haven't verified this though - see diff 2 below if you just don't
like the idea. (And btw, the man page is wrong - 'sftp -b' doesn't "lack
user interaction" *for authentication*, but you might want to use it in
a scenario that can't provide user interaction. Maybe that semi-recent
change was just an attempt to make the code agree with the man page?:-)

--Per Hedeland
p...@hedeland.org


Diff 1 =====================================================

diff -ru ssh.orig/sftp-client.c ssh/sftp-client.c
--- ssh.orig/sftp-client.c Mon Mar 14 13:08:12 2005
+++ ssh/sftp-client.c Tue Aug 23 17:03:11 2005
@@ -1009,12 +1009,16 @@
close(local_fd);
return(-1);
}
+ stat_to_attrib(&sb, &a);
if (!S_ISREG(sb.st_mode)) {
+ /* Don't be so squeamish - /dev/stdin works fine... */
+#if 0
error("%s is not a regular file", local_path);
close(local_fd);
return(-1);
+#endif
+ a.perm = 0644;
}
- stat_to_attrib(&sb, &a);

a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID;
diff -ru ssh.orig/sftp.c ssh/sftp.c
--- ssh.orig/sftp.c Mon Mar 14 13:08:12 2005
+++ ssh/sftp.c Tue Aug 23 18:08:38 2005
@@ -600,11 +600,14 @@
}

for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
+ /* Don't be so squeamish - /dev/stdin works fine... */
+#if 0
if (!is_reg(g.gl_pathv[i])) {
error("skipping non-regular file %s",
g.gl_pathv[i]);
continue;
}
+#endif
if (infer_path(g.gl_pathv[i], &tmp)) {
err = -1;
goto out;


Diff 2 =====================================================

diff -ru ssh.orig/sftp.c ssh/sftp.c
--- ssh.orig/sftp.c Mon Mar 14 13:08:12 2005
+++ ssh/sftp.c Tue Aug 23 18:08:38 2005
@@ -1479,7 +1482,9 @@
fatal("%s (%s).", strerror(errno), optarg);
showprogress = 0;
batchmode = 1;
+#if 0
addargs(&args, "-obatchmode yes");
+#endif
break;
case 'P':
sftp_direct = optarg;

Per Hedeland

unread,
Apr 13, 2006, 8:50:21 AM4/13/06
to
In article <pan.2006.04.12....@here.com> Me <M...@here.com> writes:
>Unfortunately, I have no control over the server I'm connecting to.
>WinSSHD is not based on cygwin so I have no unix commands at my disposal.
>I was hoping there'd be some obscure option in sftp of scp that would
>allow me to do this from the client. It seems like my only way out is to
>write my own sftp client.

Well, if that is an option, I think using the trivial mods to the
OpenSSH client in my other followup would be "slightly" simpler. I
wasn't sure whether they would be useful to you, since some people "just
say no" when it comes to doing anything with source code, but I thought
I should post them anyway...

--Per Hedeland
p...@hedeland.org

Chuck

unread,
Apr 13, 2006, 12:05:35 PM4/13/06
to

An easy solution would be to install CopSSH which is based on cygwin.
Then you *will* have unix-like commands available. At least the basic
ones anyway. And if you want them all just do a full install of cygwin.
Tell the managers it's free, fast, and reliable, and that open source
doesn't mean no support. With open source you have access to the
developers and if something does go wrong it's usually fixed immediately.

I've been running CopSSH for about 6 months now without a single
problem. I wish more of my commercial software was this reliable.

0 new messages