i have a working sftp command to upload file to remote openwrt dumbAP.
is it possible to use public/private(ssh) keys for below command instead of username/password. if yes, please provide example (am already aware of standard steps for ssh key generation and adding private key using /user). does below work with just providing user attribute if ssh keys are setup?
/tool fetch upload=yes url="sftp://10.10.10.24/tmp/dhcp.leases" user="root" password="test" src-path="dhcpleases.txt"
Re: using public/private keys for sftp [SOLVED]
just checked myself. works with key authentication too. marking as solved
Re: using public/private keys for sftp
Hi I am glad you could solve it how? I am trying SFTP with keys between two Miltrotiks with no luck. I can do it with user password. And I can SSH with keys to the Tiks.
#create keys in Linux
ssh-keygen -t ed25519 -f id_ed25519 -N ""
mv id_ed25519 id_ed25519.pem
SERVER
scp -P 22222 id_ed25519.pub [sshuser]@[server_ip]:/
ssh -p 22222 [sshuser]@[server_ip] "\
/user ssh-keys import public-key-file=id_ed25519.pub user=[sshkeyuser]\
"
Clients
scp -P 22222 id_ed25519.pem [sshuser]@[client_ip]:/
/tool fetch url="sftp://[server_ip]/junk.backup" user=[sshkeyuser] upload=yes keep-result=no src-path=junk.backup key-file=/id_ed25519.pem
Doesn't work because the key-file= doesn't work with fetch? How do I use the private key in the client?
Regards,
Pipe .
#create keys in Linux
ssh-keygen -t ed25519 -f id_ed25519 -N ""
mv id_ed25519 id_ed25519.pem
SERVER
scp -P 22222 id_ed25519.pub [sshuser]@[server_ip]:/
ssh -p 22222 [sshuser]@[server_ip] "\
/user ssh-keys import public-key-file=id_ed25519.pub user=[sshkeyuser]\
"
Clients
scp -P 22222 id_ed25519.pem [sshuser]@[client_ip]:/
/tool fetch url="sftp://[server_ip]/junk.backup" user=[sshkeyuser] upload=yes keep-result=no src-path=junk.backup key-file=/id_ed25519.pem
Doesn't work because the key-file= doesn't work with fetch? How do I use the private key in the client?
Regards,
Pipe .
Re: using public/private keys for sftp
here is how i invoke SFTP with key based authentication:Hi I am glad you could solve it how? I am trying SFTP with keys between two Miltrotiks with no luck. I can do it with user password. And I can SSH with keys to the Tiks.
#create keys in Linux
ssh-keygen -t ed25519 -f id_ed25519 -N ""
mv id_ed25519 id_ed25519.pem
SERVER
scp -P 22222 id_ed25519.pub [sshuser]@[server_ip]:/
ssh -p 22222 [sshuser]@[server_ip] "\
/user ssh-keys import public-key-file=id_ed25519.pub user=[sshkeyuser]\
"
Clients
scp -P 22222 id_ed25519.pem [sshuser]@[client_ip]:/
/tool fetch url="sftp://[server_ip]/junk.backup" user=[sshkeyuser] upload=yes keep-result=no src-path=junk.backup key-file=/id_ed25519.pem
Doesn't work because the key-file= doesn't work with fetch? How do I use the private key in the client?
Regards,
Pipe .
/tool fetch upload=yes url="sftp://$currentAP/tmp/dhcp.leases" user="root" src-path="sd1-part1/dhcp.leases"
when you specify user attribute(root in my example), it picks up the private key for that user from what you imported under /system/users/ssh private keys (make sure to have keyowner same as user attribute in fetch command)
also, you may run into issue with importing private key file into mikrotik when generated from linux (ssh-keygen) . you may have to convert to right format. i use sshpk-conv to convert ssh-keygen generated keys to openssl format that mikrotik needs)