0

Issue

  1. I want to automate downloading a file via SFTP
  2. I set up an SFTP server and a keying mechanism
  3. I have created a simple bash script - script.sh
  4. I added an entry in cron for the script

The script, script.sh:

#!/bin/bash  
sftp user@server:/home/user/file.txt  
exit 0

Executing the script manually works fine (text file is saved in home directory), but adding script.sh (with proper permissions) to crontab does nothing.

The crontab entry:

* * * * * /home/user/script.sh

For authentication I used ssh-keygen to create a set of keys (private, public) and set up cross authentication to the SFTP server.

For script automation I used keychain for password-less authentication.

Currently

Currently, I have a script called script.sh located in the "user" home directory (/home/user/).

When run by root manually, the script gets the file from the SFTP server, and places it in /home/user/.

It does not perform this action when run from a cron job. In cron, the sftp command gets an error.

Ideas?

Working on it

  1. Changing the HOME variable on /etc/crontab did not solve the issue
  2. Stating full paths in script.sh did not solve the issue
  3. Stating PATH variable in script.sh did not solve the issue
  4. I catched the error from the sftp command - it's 255

executing the script manually (./script.sh) still works flawlessly though...

Zanna
  • 70,465
orangesomethingorange
  • 411
  • 4
  • 8
  • 19
  • please post the crontab entry here – Stef K Jun 04 '17 at 09:03
  • How do you authenticate to the server? What user is running your crontab entry? Where is the script.sh located? – Jakuje Jun 04 '17 at 09:48
  • @StefK, crontab posted :) – orangesomethingorange Jun 04 '17 at 10:49
  • @Jakuje, I use keygen to create authentication keys, and I use keychain to automate the username and password exchange. The crontab job is run by root, and script.sh is located at the user's home directory - /home/user/ – orangesomethingorange Jun 04 '17 at 10:52
  • 4
    The root does not have any access to your keys. You should run the crontab job as your user. – Jakuje Jun 04 '17 at 10:54
  • it may be more convenient to run the job (script) as a non root user as its just a remote request and has nothing to do to your local system administration. – Stef K Jun 04 '17 at 10:56
  • the job is run by root for security reasons. I built the entire keying system so that the root user would be able to perform this. when I say that I execute the script manually - I mean I execute it as the root user. not only the root has access to the keys - he's the only one that has access to them. the user "user" does not hold any ssh keys. – orangesomethingorange Jun 04 '17 at 11:13
  • thanks to both of you for your assistance, BTW :) please note my edit regarding the error from sftp – orangesomethingorange Jun 04 '17 at 11:14
  • @dsblind please [edit] your question to explain exactly how you are running the job and how the authentication is performed. Also please clarify what you mean by "does nothing" - does the job run but fail to authenticate, or not run at all (you may need to look in syslog if you have not arranged for cron output to be mailed to you). As it stands there is not enough information to do anything but guess. – steeldriver Jun 04 '17 at 11:22
  • @steeldriver, I edited my question. What I want the system to do is place the text file in the user's home folder :) – orangesomethingorange Jun 04 '17 at 11:38
  • 1
    Use sftp -vvv and add the output to the question, so we can see what's going wrong. – muru Jun 05 '17 at 04:38
  • Be sure you are using ssh-keygen, then ssh-copy-id -i ~/.ssh/id_rsa.pub in order to have passwordless logins. – SDsolar Aug 04 '17 at 15:04

1 Answers1

1

A working example:

a simple script named hello.sh that appends to a text file the word hello (uses full paths for each command):

note myuser is the name of your user

#!/bin/bash
printf 'hello' >> /home/myuser/hello.txt

Make the script executable using chmod +x hello.sh

The crontab entry that runs every minute you can change that accordingly to your needs:

* * * * * /home/myuser/hello.sh

Some details:

  • Each cron job runs as the user which registered it. If the root user registers a cron job, this job will run with root privileges.

  • If a non root user registers a cron job, this job will run with the aforementioned user's privileges;if the job requires root privileges it will fail because it is initiated by the non root user...

  • Better call commands and script using full paths just to be sure that cron can find and call them correctly, else it may fail without useful feedback.

Zanna
  • 70,465
Stef K
  • 4,836
  • What you're describing here is exactly what I have in my system. I have a bash script (with execution permissions) run though cron. I used this in a million other situations - the only difference is that I now try to sftp. For some reason, this does not work - meaning, the file is not (!) being downloaded from the server or is not placed in home directory. So thanks - but this answer doesn't solve my issue :) – orangesomethingorange Jun 04 '17 at 10:57
  • see @Jakuje comment, if you are invoking the job as root but the keys are generated for the non root user – Stef K Jun 04 '17 at 10:58