Comment by jolmg
5 hours ago
> -PuTTY pscp allows raw passwords on the command line, or from a file. OpenSSH is unreasonable in refusing to do this.
You can use `sshpass` to force it through a command line argument. However, arguments can be viewed by any process through `/proc`, `ps`, etc. It's pretty reasonable to not support exposure of the password like that, especially since you can force it through using another tool if you really, really need to.
Both pscp and psftp have -pwfile.
It is not reasonable to insist on keys for batch use.
Not at all.
It's completely crazy to use passwords when you needn't. Passwords are a human readable shared secret, they were already obsolete when SSHv1 was invented last century.
From the outset SecSH (SSHv2, the thing you actually use today and if you're younger, likely the only thing you ever have used) has public key authentication as a Mandatory To Implement feature. Implementations where that doesn't work aren't even SSH, they're garbage.
I am forced by external vendors and internal security to use password authentication for SFTP.
I do not have a choice!
This grew out of FTP less than a decade ago. Everyone has always known password auth; it cannot die.
Are you on the same planet as the rest of us?