Question
· Dec 5, 2016

Using %Net.SSH.Session to do scp

Does anyone have a good example of using %Net.SSH.Session  to do a scp copy of a file from one server to another? I tried calling do $ZF(-1,"scp /ensemble/Scott/sr1.dat egate@inteng3:/home/egate/Scott/") but did not have any success in getting the system to copy the file over to what I am calling inteng3.

Thanks

Scott

Discussion (6)1
Log in or sign up to continue

Why not use SFTP for that?

The following method shows how you can get a list of the files on a server, via SFTP:

Method SFTPDir(ftpserver, username, password) As %Status
{
    set ssh = ##class(%Net.SSH.Session).%New()
    do ssh.Connect(ftpserver)
    do ssh.AuthenticateWithUsername(username,password)
    do ssh.OpenSFTP(.sftp)
    do sftp.Dir(".",.files)
    set i=0
    while $data(files(i))
    {
        write $listget(files(i),1),!
        set i=i+1
        // set st = sftp.Get(files(i), "C:\Temp\myfile.ext")
    }
    quit $$$OK
}

To download file(s) uncomment the line. Documentation.

Presumably, it's a security issue. Check effective UID and GID of your Caché processes. To do it, you may check parameters.isc file from Caché install directory for lines like these: 

security_settings.cache_user: cacheusr
security_settings.cache_group: cacheusr

Unlikely user cacheusr has access rights to other user's home directory.

csession processes are the exception from others as they inherit calling user's UID.

IMHO, it's better to use some neutral folder for file exchange, e.g. "/tmp/myexchange", as in this case it's much easier to establish appropriate assess rights for each side involved in exchange.

P.S. UNIX® Users, Groups and Permissions stuff is well-documented, see:  http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=...

Brendan,

Are you fixing the documentation to remove the reference to scp, or fixing %Net.SSH.Session to support it? From the way your answer is worded, I'm suspecting the former ...

sftp and scp are individually configurable services in ssh, and in my experience you can't be guaranteed that one or the other is available at a given customer site. If scp currently isn't supported, it would be useful to have. Getting sysadmins to turn on services that are purposely disabled can be  ... challenging :)