Read SFTP credentials from separate file using WinSCP and Windows batch file

1
votes

I am writing a batch script to connect to SFTP server having private key and passphrase.

I have developed a script using WinSCP. But if we use WinSCP we need to hard code passphrase which I feel is not the secured way to implement.

Is there any way to store passphrase in a file and pass that file name as argument or can we create a batch script to achieve this without using WinSCP?

Below is the script that I have implemented using WinSCP.

Batch file:

winscp.com /script=script.txt

Below is the content that I have included in script.txt file:

option echo off 
option batch on 
option confirm off 
open sftp://username:password@hostname -privatekey="filename" -passphrase "passphrase"
put "filename" /
exit
1
batch-filescriptingsftpwinscp

1 Answers

0
votes

Quoting "Scripting" section of WinSCP article Protecting credentials used for automation:

In script, you can replace actual credentials with reference to environment variables. You can then call WinSCP from a batch file that sets these variables. The batch file itself then serves as a "configuration file".

For example, following script (example.txt):

open sftp://%USERNAME%:%PASSWORD%@example.com
...

can be called from this batch file ("configuration file"):

@echo off
set USERNAME=martin
set PASSWORD=mypassword
winscp.com /script=example.txt

(though you better read the whole article)