Open leo-unglaub opened 4 years ago
From a quick look at it it should be possible.
How would you store the key? as file? as secret?
I think as a secret would be the best way to go. The only "problem" i see is that you would have to write the secret somewhere down into a temporary file and then specify a link to it in the lftp command. Because as far as i have seen its impossible to supply the ssh key as an argument. (propobly because its multiline)
I had some success with the ssh-agent and reading it from an env var through stdin. Trying to throw something together soonish. Something like
eval $(ssh-agent)
echo "$SSH_KEY" | tr -d '\r' | ssh-add -
lftp -c 'set sftp:auto-confirm yes; set sftp:connect-program "ssh -v"; ...
Using ssh-agent
is a brilliant idea. That looks great! Thanks for the research/work.
I thought about this and i think using echo "$SSH_KEY"
is a security problem. Other processes could see the key. There is printenv for that. I did a try with the following and it worked fine.
eval $(ssh-agent)
printenv SSH_KEY | ssh-add -
Hey, when i use your tool to deploy to SFTP servers, sometimes they dont allow username/password authentication and they demand the use of public/private keys.
What are your thoughts on that? Whould you be open to supporting that as well? Thanks so much and greetings Leo