AutoSFTP ( or
simply asftp ) is a Linux based package to allow user to use batch mode to
transfer files between Linux machine and other systems through SFTP service
without compromising the security of the password or private key/passphrase.
It also enables you to allow a person to transfer files with a server but
not log on to that server to access the command line.
It also enables you to allow a person to transfer files with a server but not log on to that server to access the command line.
AutoSFTP provides the most secure way for you to automate SFTP process: the strong and sophisticated password/passphrase encryption algorithm gives you much better protection than using Hostbased authentication, using PubkeyAuthentication with null passphrase for private key, using "expect" to auto feed password or passphrase, and even more secure than using ssh-agent. And AutoSFTP will also protect you from system call tracing attack and better protect you from sftp/ssh program trojan horse attack, which is even more secure than you manually run sftp program.
This command will ask you the password for Uftp on Mftp or passphrase for the private key, depending on what authentication methods you will use, and then it will encrypt the password/passphrase using DES and save to a file which can only be used by Ua account. After that, Ua can run
to transfer files using SFTP service without need to key-in the password or passphrase.
And to prevent Trojan horse attack, when you run asftp, it will first check both ssh and sftp programs to make sure they are properly certified by asftpcreg program, if not, asftp will not continue to decrypt the encrypted password/passphrase file.
This built-in program file verification is much more secure then ways that depend on external security program's (such as tripwire) periodic check: by temporaryly disable the check, a person with root privilege can easily use Trojan horse to capture secret password or passphrase without being detected.