50

The Openssh ssh and scp command provied an -i command line option to specify the path to the RSA/DSA key to be used for authentication.

Looking at the sftp man pages I was not able to find a way to specify the RSA/DSA key.

I am looking for a way to do initiate an sftp session that will use a specified RSA/DSA key, and not the ~/.ssh/id_{dsa,rsa} keys.

I tried OpenSSH sftp client on Linux...but it should have the same options on other platforms.

Improve this question
1
  • 2
    Please specify which sftp client you are using on which platform. Commented May 26, 2011 at 8:51

3 Answers 3

Reset to default
52

One potential option is to use sftp -oIdentityFile=/path/to/private/keyfile. Need more info to say whether that will work for you. Seems to work under Mac/Linux.

Improve this answer
26

You can simply use the -i argument for your sftp or ssh command.

sftp -i /path/to/private/keyfile ...

If the -i option is not available, you can use the -o option with a syntax like:

sftp -oIdentityFile=/path/to/private/keyfile ...
Improve this answer
6
  • 4
    sftp doesn't have a -i option which is presumably why the OP is asking the question. Commented May 26, 2011 at 8:49
  • works under my Linux hosts but not my Mac laptop where the -i option does not seem to exist. Commented May 26, 2011 at 8:49
  • My Ubuntu and CentOS hosts don't have a -i switch for sftp Commented May 26, 2011 at 8:53
  • My CentOS client does: [dmourati@flexo ~]$ cat /etc/redhat-release CentOS release 5.6 (Final) [dmourati@flexo ~]$ which ssh /usr/bin/ssh [dmourati@flexo ~]$ which sftp /usr/bin/sftp [dmourati@flexo ~]$ rpm -qf /usr/bin/sftp openssh-clients-4.3p2-72.el5 [dmourati@flexo ~]$ man sftp [dmourati@flexo ~]$ man sftp|head SFTP(1) BSD General Commands Manual SFTP(1) NAME sftp - secure file transfer program SYNOPSIS sftp [-1246Cpqrv] [-B buffer_size] [-b batchfile] [-c cipher] [-D sftp_server_path] [-F ssh_config] [-i identity_file] Commented May 26, 2011 at 8:57
  • 1
    @dmourati: And mine doesn't [iain@centos ~]$ which ssh /usr/bin/ssh [iain@centos ~]$ which sftp /usr/bin/sftp [iain@centos ~]$ rpm -qf /usr/bin/sftp openssh-clients-4.3p2-72.el5_6.3 [iain@centos ~]$ man sftp|head SFTP(1) BSD General Commands Manual SFTP(1) NAME sftp - secure file transfer program SYNOPSIS sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config] [-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program] [-s subsystem | sftp_server] host sftp [[user@]host[:file [file]]] Commented May 26, 2011 at 9:03
10

You can create an alternate config file for the connection and use the -F switch to tell ssh to use it. create a config file e.g. ~/.ssh/config.sftp with the contents

Host remote.host.tld User RemoteUserName IdentityFile /path/to/atlernate/identityfile

then call sftp like so

sftp -F ~/.ssh/config.sftp remote.host.tld Connecting to remote.host.tld... Enter passphrase for key '/path/to/atlernate/identityfile': sftp>

The config above restricts the use of the alternate key (when this config file is used) to user RemoteUserName on remote.host.tld.

Have a look at the man page for ssh_confg for the usage of the alternate config file

Improve this answer
1
  • Thank you very much for your help! You solution provides a clean alternative to the command line arguments. For now, I prefer to pass all arguments via command line, as I am already using -oPort=ALT_PORT. Commented May 27, 2011 at 7:59

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.