0
1160

Written by

Scott Roth
Sr Application Development Analyst at The Ohio State University Wexner Medical Center
Follow
Question Scott Roth · Dec 5, 2016

Using %Net.SSH.Session to do scp

#Ensemble #Callout #Object Data Model #ObjectScript

Does anyone have a good example of using %Net.SSH.Session  to do a scp copy of a file from one server to another? I tried calling do $ZF(-1,"scp /ensemble/Scott/sr1.dat egate@inteng3:/home/egate/Scott/") but did not have any success in getting the system to copy the file over to what I am calling inteng3.

Thanks

Scott

Discussion (6)1
Log in or sign up to continue

Comments

Eduard Lebedyuk · Dec 5, 2016

Why not use SFTP for that?

The following method shows how you can get a list of the files on a server, via SFTP:

Method SFTPDir(ftpserver, username, password) As %Status
{
    set ssh = ##class(%Net.SSH.Session).%New()
    do ssh.Connect(ftpserver)
    do ssh.AuthenticateWithUsername(username,password)
    do ssh.OpenSFTP(.sftp)
    do sftp.Dir(".",.files)
    set i=0
    while $data(files(i))
    {
        write $listget(files(i),1),!
        set i=i+1
        // set st = sftp.Get(files(i), "C:\Temp\myfile.ext")
    }
    quit $$$OK
}

To download file(s) uncomment the line. Documentation.

0
Brendan Batchelder  Dec 12, 2016 to Jeffrey Drumm

Fixing the documentation.  There aren't plans right now to add scp support.

0
Scott Roth  Dec 5, 2016 to Eduard Lebedyuk

This is just another one of our servers that we use. We don't necessarily use SFTP to transfer files between our servers, just SCP. I am wondering if it is an issue with our keys that we have saved off, and not in Ensemble but at the OS Level.

0
Alexey Maslov · Dec 6, 2016

Presumably, it's a security issue. Check effective UID and GID of your Caché processes. To do it, you may check parameters.isc file from Caché install directory for lines like these: 

security_settings.cache_user: cacheusr
security_settings.cache_group: cacheusr

Unlikely user cacheusr has access rights to other user's home directory.

csession processes are the exception from others as they inherit calling user's UID.

IMHO, it's better to use some neutral folder for file exchange, e.g. "/tmp/myexchange", as in this case it's much easier to establish appropriate assess rights for each side involved in exchange.

P.S. UNIX® Users, Groups and Permissions stuff is well-documented, see:  http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY…

0
Brendan Batchelder · Dec 9, 2016

There is a known problem with our documentation, scheduled to be fixed in 2017.1.

The class documentation for %Net.SSH.Session states: "Once connected and authenticated, the SSH object can be used to perform SCP (Secure Copy) operations of single files to and from the remote system".

This is not true.  There is no way to use %Net.SSH.Session to do a secure copy.

0
Jeffrey Drumm  Dec 12, 2016 to Brendan Batchelder

Brendan,

Are you fixing the documentation to remove the reference to scp, or fixing %Net.SSH.Session to support it? From the way your answer is worded, I'm suspecting the former ...

sftp and scp are individually configurable services in ssh, and in my experience you can't be guaranteed that one or the other is available at a given customer site. If scp currently isn't supported, it would be useful to have. Getting sysadmins to turn on services that are purposely disabled can be  ... challenging :)

0