questions of FTP argument

O

OlgaD

Guest
Hi Linux Professional,
there is a command in Shell script that I have some question about,could you please kindly check and provide detailed knowldge for me?is it for downloading END_SCRIPT from the $HOST?
ftp -n $HOST << END_SCRIPT
thanks.

 


No.

If you look at the script, this is running an FTP command, then taking standard input from the script as FTP commands up until the END_SCRIPT label.

It could / should look something like this. This assumes you don't have a .rhost file that supplies usernames and passwords (you never should do that - very insecure!)

ftp -n $HOST << END_SCRIPT
someusername
somepassword
ls
bin
get filename
exit
END_SCRIPT

This will run FTP, then supply someusername as the ftp username, somepassword as the ftp password, do an ls command, set binary mode, get file filename, and exit.

Once the script sees END_SCRIPT, is "stops redirecting standard in" as lines in the script itself.

Kind of a cool construct once you get used to it, and kind of dangerous and insecure all at the same time. This is really useful for CGI HTML - especially in Perl - as it allows you to output static HTML code without escaping quotes and special characters.
 
No.

If you look at the script, this is running an FTP command, then taking standard input from the script as FTP commands up until the END_SCRIPT label.

It could / should look something like this. This assumes you don't have a .rhost file that supplies usernames and passwords (you never should do that - very insecure!)

ftp -n $HOST << END_SCRIPT
someusername
somepassword
ls
bin
get filename
exit
END_SCRIPT

This will run FTP, then supply someusername as the ftp username, somepassword as the ftp password, do an ls command, set binary mode, get file filename, and exit.

Once the script sees END_SCRIPT, is "stops redirecting standard in" as lines in the script itself.

Kind of a cool construct once you get used to it, and kind of dangerous and insecure all at the same time. This is really useful for CGI HTML - especially in Perl - as it allows you to output static HTML code without escaping quotes and special characters.
thanks,unixifish(this is only nickname I have),this is exactly same as my scripts (not written by my self):
ftp -n $HOST << END_SCRIPT | tee temp.txt
quote USER $USER
quote PASS $PWD
verbose
cd /send
put $FILE
status
quit
END_SCRIPT

information.another question generated:
1,why not just run these FTP commands directly?I mean ignore the ENG_SCRIPTS.
appreciated!
 
If you ran the FTP command directly in the script without the "<< END_SCRIPT", the script would prompt you for username, password, and "what to to" once you were in FTP. Note END_SCRIPT is just a label; it does not mean anything, it just looks for a line with only END_SCRIPT on it as the end of standard input redirection. It could have been ZZZWOW if you wanted.

The script uses the "<< LABEL" to "redirected standard input". If the FTP was the only thing in the script, you still need the redirect; if you did not have that, the FTP command would go back to the terminal device for input (/dev/pts/0, /dev/tty0 for instance) rather than receiving it from the running script; it would prompt the user at the terminal, rather than reading from the script. the "<<" allows input to be read from the script. This is especially needed if this FTP is run from cron, or run in the background where a terminal device may not be defined.

Some people will also use .netrc files, which are the same thing - a list of FTP server names or aliases, with the username, password, and FTP commands embedded.

The issue with both of these approaches is that there is a plain text username and password embedded into a "human readable text file" - which is highly insecure and can be used as an attack point. At my employer, we cannot use FTP or telnet, because the plain text username and password is sent over the network, let alone read these values from a plain text file.
 
much appreciated for your information,have a nice day(night)~~;)
 
Yeah, I am GMT-5. I get the feeling you are in a completelg different region...
 


Top