When SSH Tectia Server is used for automated file transfer, we recommend creating separate user accounts for file transfer purposes. When such user accounts are used only for non-interactive file transfers, it is advisable to disable terminal access on the server side. See instructions in Restricting Terminal Access.
Non-interactive authentication with public keys and scripted commands can be set for the SFTP accounts. For non-interactive batch jobs, it is recommended to use public-key authentication without a passphrase.
Running the client non-interactively requires that you have already saved the server host key on the client and set up a non-interactive method for user authentication. Batch mode should be used non-interactively with command-line tools.
Generate an RSA key pair with an empty passphrase by giving the following command:
Client$ ssh-keygen-g3 -t rsa -P
The options have the following meaning:
-t rsa
generates an RSA key pair (default is DSA)
-P
generates the private key with an empty passphrase.
The default key length (2048 bits) is used.
For uploading the keys, see instructions in Uploading Public Key Manually.
Caution | |
---|---|
Make sure your private key is not accessible to others. This is especially important when the key is stored without a passphrase. |
For more information on other non-interactive authentication methods, see Authentication in SSH Tectia Server Administrator's Manual.