49

The Openssh ssh and scp command provied an -i command line option to specify the path to the RSA/DSA key to be used for authentication.

Looking at the sftp man pages I was not able to find a way to specify the RSA/DSA key.

I am looking for a way to do initiate an sftp session that will use a specified RSA/DSA key, and not the ~/.ssh/id_{dsa,rsa} keys.

I tried OpenSSH sftp client on Linux...but it should have the same options on other platforms.

Shiko
  • 105
  • 5
Adi Roiban
  • 793
  • 3
  • 7
  • 12

3 Answers3

52

One potential option is to use sftp -oIdentityFile=/path/to/private/keyfile. Need more info to say whether that will work for you. Seems to work under Mac/Linux.

dmourati
  • 24,720
  • 2
  • 40
  • 69
25

You can simply use the -i argument for your sftp or ssh command.

sftp -i /path/to/private/keyfile ...

If the -i option is not available, you can use the -o option with a syntax like:

sftp -oIdentityFile=/path/to/private/keyfile ...
slubman
  • 2,247
  • 16
  • 11
  • 4
    sftp doesn't have a -i option which is presumably why the OP is asking the question. – user9517 May 26 '11 at 08:49
  • works under my Linux hosts but not my Mac laptop where the -i option does not seem to exist. – dmourati May 26 '11 at 08:49
  • My Ubuntu and CentOS hosts don't have a -i switch for sftp – user9517 May 26 '11 at 08:53
  • My CentOS client does: [dmourati@flexo ~]$ cat /etc/redhat-release CentOS release 5.6 (Final) [dmourati@flexo ~]$ which ssh /usr/bin/ssh [dmourati@flexo ~]$ which sftp /usr/bin/sftp [dmourati@flexo ~]$ rpm -qf /usr/bin/sftp openssh-clients-4.3p2-72.el5 [dmourati@flexo ~]$ man sftp [dmourati@flexo ~]$ man sftp|head SFTP(1) BSD General Commands Manual SFTP(1) NAME sftp - secure file transfer program SYNOPSIS sftp [-1246Cpqrv] [-B buffer_size] [-b batchfile] [-c cipher] [-D sftp_server_path] [-F ssh_config] [-i identity_file] – dmourati May 26 '11 at 08:57
  • 1
    @dmourati: And mine doesn't [iain@centos ~]$ which ssh /usr/bin/ssh [iain@centos ~]$ which sftp /usr/bin/sftp [iain@centos ~]$ rpm -qf /usr/bin/sftp openssh-clients-4.3p2-72.el5_6.3 [iain@centos ~]$ man sftp|head SFTP(1) BSD General Commands Manual SFTP(1) NAME sftp - secure file transfer program SYNOPSIS sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config] [-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program] [-s subsystem | sftp_server] host sftp [[user@]host[:file [file]]] – user9517 May 26 '11 at 09:03
  • looks I need to patch and lose this functionality, bizarre – dmourati May 26 '11 at 09:13
10

You can create an alternate config file for the connection and use the -F switch to tell ssh to use it. create a config file e.g. ~/.ssh/config.sftp with the contents

Host remote.host.tld
User RemoteUserName
IdentityFile /path/to/atlernate/identityfile

then call sftp like so

sftp -F ~/.ssh/config.sftp remote.host.tld
Connecting to remote.host.tld...
Enter passphrase for key '/path/to/atlernate/identityfile':
sftp>

The config above restricts the use of the alternate key (when this config file is used) to user RemoteUserName on remote.host.tld.

Have a look at the man page for ssh_confg for the usage of the alternate config file

user9517
  • 114,104
  • 20
  • 206
  • 289
  • Thank you very much for your help! You solution provides a clean alternative to the command line arguments. For now, I prefer to pass all arguments via command line, as I am already using -oPort=ALT_PORT. – Adi Roiban May 27 '11 at 07:59