Changing my weathercam uploads from ftp to sftp

My weathercam has been running well now for over two and a half years (see this post for my setup).

This all came to a stop last week when the camera images stopped uploading to my website. For some reason, the Raspberry Pi wouldn’t connect to the web server via ftp. For the past couple of years, I’ve been successfully uploading a jpg file from a Raspberry Pi to my web server every 15 minutes using wput. The command I used was:

wput -B -u -nc /home/pi/camera/weathercam.jpg

This is the error I now get:

--19:48:11-- `/home/pi/camera/weathercam.jpg' =>
Connecting to connected! TLS handshake failed

Logging in as myusername ... Receive-Error: read() failed. Read '' so far. (errno: Broken pipe (32))
Receive-Error: Connection broke down.
Waiting 10 seconds... Receive-Error: read() failed. Read '' so far. (errno: Broken pipe (32))
Receive-Error: Connection broke down.
Connecting to connected! TLS handshake failed

I tried for a short time to fix this but as I have never been happy having my password in a text file, I started thinking about another way to upload the camera image to the web server. SFTP (secure FTP) seemed to be the way to go. It is a command-line program for transferring files securely over a network connection.

One issue with SFTP running as part of a CRON job, I won’t be around to enter the password every fifteen minutes when it goes to upload the file. Therefore I needed to look for a secure way to automate this. Enter Public Key Authentication

Public Key Authentication lets you to log into a remote server securely without the need for a password. To get it to work, you generate a private key and a public key on your system. The public key gets copied to the remote server with the private key staying on the local machine. The two files are compared when you log into the remote machine and if they match, you are connected without typing in a password.

A good example on how to set this up is given on Computer Hope’s page ‘Linux sftp command’. But basically, this is what I did:

First off I generated the public and private keys by running the command:

This creates the files id_rsa and in the folder /home/username/.ssh/. I then changed the attributes of these files so only I could access them.
chmod 700 ~/.ssh/id_rsa*
chmod 700 ~/.ssh

The next step is copying the public key to the server. The contents of the file need to be appended to the file authorized_keys in the folder /home/username/.ssh/ on the server. If this file doesn’t exist, you just need to create it.

First, I opened It should look something like this (this example isn’t mine, just one I found on the web):

ssh-rsa AAAB3NzaC1yc2EAAAADAQABAAABAQDTiP0LXi74qgpp6VBqzro67QOGtum10t2epYsOm6kKncf62JVMSlwYH7QwAskxkA6ripvo+TlwRBqqLaF2ACX4CivQkoabqsdFAduGcKVICUFZaexUmw2eIEKF4qCOvRDP/uol1S+ID1glYJRSqDcmAb3jApTRDMXM/w7Tl3qz5/cp3MINKM3+apBfe7F7iDezjQ/U0HqtH2+Np83u4X2G+LIFnpV0RdalkqCuM6tSv2Cm4FdPazsIwSmFptBKnw00IdIqYpnkQmOJMk47cGDzqczii7KMCy3wRNqkaLwefRB0MZeJipz4+a27kQEqerAIHt37/MMT5XNqn3mqbI myuser@myhostname

I copied this text into my clipboard. Then I logged into the web server and opened the file /home/username/.ssh/authorized_keys in a text editor and pasted the above text at the end of the file as a new line. Note, this text all goes on one line below any existing text. I saved the file and closed it.

Everything is now set up to upload files. The SFTP command takes the list of files to upload from a batchfile. I created this file by simply typing the following into a new file imgList.txt.

put /home/pi/camera/weathercam*.jpg

Then I just needed to modify my bash file to:


#Upload images to web server
sftp -P 9999 -b /home/pi/imgList.txt
Note, the -P argument is the port with 9999 being the port number (not the real number) and -b is the batchfile.

My CRON job calls the file every fifteen minutes after taking a new photo and the image is copied to the webserver ready for it to be available to me webpage.

This has worked well and is much more secure than simple FTP so I am just going to run with this from now on.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.