Skip to Content

For numerous customers I have had to implement a solution, which could integrate via SFTP as way to exchange documents.  Unfortunately none of the SFTP solutions have been the one based on SSL (Secure Socket Layer) which the PI supports. All the integrations have been for the SSH (Secure SHell), which is not supported by default.

One option is to buy the Seeburger SFTP adapter, which is rather expensive. I have therefore not seen a situation where there was a business case, for this solution. Therefore I have always tried to find other communication methods, to something both parties understand.

I have now found a way to use scripting and the build openssh sftp service, to create a connection and download the files. The script can be scheduled with the communication channel.

The parameters of the script is the following.

  1. The name of the script.
  2. Then the target Filename.
  3. Then the host and user.
  4. A filter for which files to download.
  5. And a list of ssh properties. In the manual there is a long list of possible properties. The most important is which key file to use, to it is possible to login without password.

The script first creates a batch file, which can execute the sftp transaction. Then sftp is called with the batchfile and fetches all the files. The downloaded files are then concatenated into the target file. If there are no files the target file will be empty.

To be able to execute this script, the key file should be place in a directory, where pi server has access and without a protecting password. And this is the problem with this solution. The SSH key is not secured in any other way than by the file system; therefore Unix administrators can get the file and use it for logon. The SSH account, for which the key exists, must therefore not contain sensitive information.

In the communication channel it looks like the following.

image

There should be pointed to a named file, in the file selection. This file should always exists otherwise the script is not executed.  Processing Mode is set to Test, so the file is not deleted. If you want archiving of the files consider to build them into the sftp script. The empty-file handling is set to Do Not Create Message and then the command line is placed in the before message processing area.

This script does not support Windows, but suspect that it will be easy to write bat file which can do the same.

One large problem with this script is that it does not report errors to the user. I have tried with the command exit 1, but the file adapter just says the command was executed successfully. I don’t know if there is a solution to this problem.

To report this post you need to login first.

10 Comments

You must be Logged on to comment or reply to a post.

  1. Uwe Schieferstein
    Hello Daniel

    Thanks for this blog because these days I am facing the challenge to connect to a FTP share via sFTP/ssh for the first time.
    I will try out your solution and let you know about my success (or failure).

    Regards
      Uwe

    (0) 
  2. Nidhi Bansal
    This is very gud blog but can you please provide some more details as what parameters are to be passed and what is $4,$5……that u have used in your script.
    Thanks in advance
    (0) 
    1. Daniel Graversen
      sure.
      4 is filter for searching via sftp. This could be *.txt or M*.edi if you want to find filenames which matches.
      5 to 9 is a list of parameters to be used in ssh like keyfile or port.

      Hope this clarifies the points a bit
      /daniel

      (0) 
      1. Nidhi Bansal
        Thanks a lot for ur information..
        just one more doubt
        what is parameter there
        and what all parameters you need to make this script run please elaborate a bit more…

        Regards,

        (0) 

Leave a Reply