This question already has answers here:
How to ftp with a batch file?
(10 answers)
Closed 4 years ago.
I have a FTP file to connect a FTP site.
ftp -i -sc:\PATH\batchFile.txt IP.IP.IP
This files call a second file file, which contains user name and pass.
Username
PAss
And I want to use this credentials for another file.
How can I use an external command to use & reference that credential file for multiple FTP operations?
Instead of using a username/password in a file , it is better to use ssh keys and the secure version of ftp based on ssh which is sftp
https://www.freebsd.org/cgi/man.cgi?query=sftp&apropos=0&sektion=0&manpath=FreeBSD+6.2-RELEASE&format=html
If you are on windows, then I believe winscp also provides a scriptable sftp command line client
https://winscp.net/eng/docs/scripting
Related
Here's what I want to do:
I have a hosted website on a Linux server.
This site is pointed to a GitHub repository.
I want to be able to push changes to the repository, then be able to log into my website and click a button to have the site pull the new code in order to update itself.
Here's how I do it manually:
I created a file on the Linux server called update_site
I log into my Linux server via ssh and type .\update_site which goes to the site's directory and executes a fetch and pull
the first time it asked me to enter my login and password which I did
but since I had set git config --global credential.helper store, it never asks me again
Here's how I want to automate it:
I created a PHP file which executes the file update_site
However, since the PHP website is apparently executing code as another user, it doesn't have my credentials for GitHub
Here's my question:
How can I automate the process so that when the website executes the update_site file, my GitHub login and password are sent as well. And needless to say, how can I do this as securely as possible, i.e. without saving my GitHub password somewhere as plain text?
One possible way to do this automation is to use cron. Edit your cron record (with crontab -e command) and add line like this:
*/5 * * * * /path/to/update_site
In above line 5 mean every 5 minutes
I'm making an service that will allow users to post files to my web server which will then copy that file (after a few checks) to the image server. The main way of communicating between my web server and my image server will be scp. However, I also want to maintain user filenames, so it would look like this:
User posts their file to web server
Web server checks if the file is supported
Web server checks if file is under file size limit
Web server says OK and tries to send to image server
Web server runs ("scp " + filepath + " root#imageServer:~/images")
Image server receives the file and is ready to send the file to user on request (the folder is public and will be served by nginx)
the dangerous part here is the scp command. I'm not an expert on security, but is there a way that this command can get hijacked the same way a database can get SQL injection? What if somebody named their file to be malicious. Is there a way to safely join the filename to the script? To safely "escape" the command?
I'm using express (node.js) for the web server. Is there another way to send files from the web server to a simple Ubuntu install without unix commands or writing up a REST api for the image server? Is there is, then I might not need to "escape" at all
Btw, the reason why I'm choosing to have the image server and the web server separate is because I want to scale the application in the future. For example, if there were 10 web servers and no central image server, then it would be impossible to retrieve files if the file isn't on the web server you request from.
You can run an external command without a shell (and therefore without issues with shell metacharacters) using child_process.spawn (or other methods in child_process). (Obviously, you must not specify the shell option as anything other than the default false.)
That lets you not worry about metacharacters in the filepath, but it seems to me that there are plenty of other issues with letting the user provide a filepath name to be used as such on a live filesystem. Personally, I'd autogenerate safe, short names and keep the correspondence from user name to filesystem name in a database somewhere.
I want to add the temporary prefix or suffix while streaming the file from a remote directory using SFTP.
I have tried to add temporaryFileSuffix to outboundGateway while streaming the file but it is not adding any suffix later I checked it is documented that
"Set the temporary suffix to use when transferring files to the remote system."
.handle(Sftp.outboundGateway(sftpSessionFactory(), GET, "payload.remoteDirectory + payload.filename").options(STREAM).temporaryFileSuffix("_reading"))
Do I need to Rename the file using Rename gateway or there is a better way to do it.
Your question is not clear - do you mean you want to copy it with a temporary name locally? Or, do you mean you want to rename it on the remote server before copying?
If the former, use the localFilenameGeneratorExpression.
If the latter, you would have to use the MV gateway first.
I wrote a script that is using slack API to parse AWS S3 files looking for strings or samples. As this is in testing, I'm using my local machine and ngrok to forward localhost traffic.
The thing is that the generated files are getting stores in my machine and will be stored in server once the script is ready for production.
Ideally, I'd like to avoid users needing to grab files from server. Do you think it's possible to store directly in user local machine?
No. Slack does not allow you to access the local machine of their users through a Slack app / API.
Solution 1: Download via browser
The easiest solution would be to offer a direct download link in a Slack message, e.g. via a Link button. Once the user clicks it he is prompted to download the file to his local machine.
Here is an example from one of my apps:
And once you click it you get this window:
To enable downloading via browser you need to set appropriate headers and send the file contents to the browser.
One approach is to have a helper script for the actual download and include a link to the helper script in the link button (you may also want to include some parameters in the link that defines what which file is downloaded).
The helper script then does the following:
Fetch the file to be downloaded (e.g. an PNG image)
Set headers to enable downloading via browser
Send the file to the browser
Here is an example in PHP:
<?php
$filename = "demo.png";
$file = file_get_contents($filename);
header('Content-Disposition: attachment;filename=' . $filename);
header('Content-Type: image/png');
echo $file;
die();
For more infos on download headers see also this answer on SO.
Solution 2: Upload to Slack
Alternatively you could upload the file to the user's Slack workspace via file.upload API method. That way the user does not need to download anything and and you can remove the file from your server after your app has finished processing.
I am completely new to sFTP (Secure File Transfer Protocol) Servers and would like to know how to send data to one.
Imagine I have set up an sFTP server, could someone provide me with the pseudo code (as I am not sure what specifics I'm required to give) for sending a .zip file to it using a Linux box on the command line.
Also could you provide me with the pseudo code that would be needed to extract that same data once it has been uploaded from that server.
Could I please ask that any code supplied be heavily commented (as I really want to understand this!)
Please be gentle with your comments, I am VERY new to all of this. I imagine I will have missed out something key that someone will need to no. If any additional information is required please let me know and I will of course supply it.
Thanks in advance. I really will appreciate any help/advise!
For a GUI, you need an SFTP client like FileZilla. There is a lot of them free.
Linux has a sftp command for bash.
From your client, you can use curl to upload and/or download files to/from your sftp server.
To upload a file:
curl -T /name/of/local/file/to/upload -u username:password sftp://hostname.com/directory/to/upload/file/to
To download a file:
curl -u username:password sftp://hostname.com/name/of/remote/file/to/download -o /name/of/local/directory/to/download/file/to