{"id":347,"date":"2018-06-04T14:10:47","date_gmt":"2018-06-04T04:10:47","guid":{"rendered":"http:\/\/stevoz.com\/myweatherblog\/?p=347"},"modified":"2018-06-04T14:30:36","modified_gmt":"2018-06-04T04:30:36","slug":"changing-my-weathercam-uploads-from-ftp-to-sftp","status":"publish","type":"post","link":"https:\/\/stevoz.com\/myweatherblog\/2018\/06\/changing-my-weathercam-uploads-from-ftp-to-sftp\/","title":{"rendered":"Changing my weathercam uploads from ftp to sftp"},"content":{"rendered":"\r\n

My weathercam has been running well now for over two and a half years (see\u00a0this post<\/a> for my setup).<\/p>\r\n\r\n\r\n\r\n

This all came to a stop last week when the camera images stopped uploading to my website. For some reason, the Raspberry Pi wouldn\u2019t connect to the web server via ftp. For the past couple of years, I\u2019ve been successfully uploading a jpg file from a Raspberry Pi to my web server every 15 minutes using wput<\/a>. The command I used was:\r\n\r\n

wput -B -u -nc \/home\/pi\/camera\/weathercam.jpg ftp:\/\/myusername:mypassword@server.webhost.com\/public_html\/weather\/weathercam.jpg<\/pre>\r\n<\/p>\r\n\r\n\r\n\r\n
This is the error I now get:\r\n\r\n
--19:48:11-- `\/home\/pi\/camera\/weathercam.jpg' => ftp:\/\/myusername:xxxxx@xxx.xx.xxx.xxx:21\/public_html\/weather\/weathercam.jpg\r\nConnecting to xxx.xx.xxx.xxx:21... connected! TLS handshake failed\r\nSSL_ERROR_ZERO_RETURN-Bug\r\n\r\nLogging in as myusername ... Receive-Error: read() failed. Read '' so far. (errno: Broken pipe (32))\r\nReceive-Error: Connection broke down.\r\nWaiting 10 seconds... Receive-Error: read() failed. Read '' so far. (errno: Broken pipe (32))\r\nReceive-Error: Connection broke down.\r\nConnecting to xxx.xx.xxx.xxx:21... connected! TLS handshake failed\r\nSSL_ERROR_ZERO_RETURN-Bug<\/pre>\r\n<\/p>\r\n\r\n\r\n\r\n
I tried for a short time to fix this but as I have never been happy having my password in a text file, I started thinking about another way to upload the camera image to the web server. SFTP (secure FTP) seemed to be the way to go. It is a command-line program for transferring files securely over a network connection.<\/p>\r\n\r\n\r\n\r\n
One issue with SFTP running as part of a CRON job, I won’t be around to enter the password every fifteen minutes when it goes to upload the file. Therefore I needed to look for a secure way to automate this. Enter Public Key Authentication<\/p>\r\n\r\n\r\n\r\n
Public Key Authentication lets you to log into a remote server securely without the need for a password. To get it to work, you generate a private key and a public key on your system. The public key gets copied to the remote server with the private key staying on the local machine. The two files are compared when you log into the remote machine and if they match, you are connected without typing in a password.<\/p>\r\n\r\n\r\n\r\n
A good example on how to set this up is given on Computer Hope’s page ‘Linux sftp command’<\/a>. But basically, this is what I did:<\/p>\r\n\r\n\r\n\r\n
First off I generated the public and private keys by running the command:\r\n
ssh-keygen<\/pre>\r\nThis creates the files id_rsa<\/code> and id_rsa.pub<\/code> in the folder \/home\/username\/.ssh\/<\/code>. I then changed the attributes of these files so only I could access them.\r\n
chmod 700 ~\/.ssh\/id_rsa*\r\nchmod 700 ~\/.ssh<\/pre>\r\n<\/p>\r\n\r\n\r\n\r\n
The next step is copying the public key to the server. The contents of the file id_rsa.pub<\/code> need to be appended to the file authorized_keys<\/code> in the folder \/home\/username\/.ssh\/<\/code> on the server. If this file doesn’t exist, you just need to create it.\r\n<\/p>\r\n\r\n\r\n\r\n
First, I opened id_rsa.pub<\/code>. It should look something like this (this example isn’t mine, just one I found on the web):<\/p>\r\n
ssh-rsa AAAB3NzaC1yc2EAAAADAQABAAABAQDTiP0LXi74qgpp6VBqzro67QOGtum10t2epYsOm6kKncf62JVMSlwYH7QwAskxkA6ripvo+TlwRBqqLaF2ACX4CivQkoabqsdFAduGcKVICUFZaexUmw2eIEKF4qCOvRDP\/uol1S+ID1glYJRSqDcmAb3jApTRDMXM\/w7Tl3qz5\/cp3MINKM3+apBfe7F7iDezjQ\/U0HqtH2+Np83u4X2G+LIFnpV0RdalkqCuM6tSv2Cm4FdPazsIwSmFptBKnw00IdIqYpnkQmOJMk47cGDzqczii7KMCy3wRNqkaLwefRB0MZeJipz4+a27kQEqerAIHt37\/MMT5XNqn3mqbI myuser@myhostname<\/code><\/p>\r\n
I copied this text into my clipboard. Then I logged into the web server and opened the file \/home\/username\/.ssh\/authorized_keys<\/code> in a text editor and pasted the above text at the end of the file as a new line. Note, this text all goes on one line below any existing text. I saved the file and closed it.<\/p>\r\n\r\n\r\n\r\n
Everything is now set up to upload files. The SFTP<\/code> command takes the list of files to upload from a batchfile. I created this file by simply typing the following into a new file imgList.txt<\/code>.\r\n
put \/home\/pi\/camera\/weathercam*.jpg<\/pre><\/p>\r\n\r\n\r\n\r\n
Then I just needed to modify my bash file upimg.sh<\/code> to:\r\n
#1\/bin\/bash\r\n\r\n#Upload images to web server\r\nsftp -P 9999 -b \/home\/pi\/imgList.txt myusername@server.webhost.com:\/public_html\/weather\/<\/pre>\r\nNote, the -P argument is the port with 9999 being the port number (not the real number) and -b is the batchfile.<\/p>\r\n\r\n\r\n\r\n
My CRON job calls the file upimg.sh<\/code> every fifteen minutes after taking a new photo and the image is copied to the webserver ready for it to be available to me webpage.<\/p>\r\n\r\n\r\n\r\n
This has worked well and is much more secure than simple FTP so I am just going to run with this from now on.<\/p>\r\n\r\n","protected":false},"excerpt":{"rendered":"
My weathercam has been running well now for over two and a half years (see\u00a0this post for my setup).This all came to a stop last week when the camera images stopped uploading to my website. For some reason, the Raspberry Pi wouldn\u2019t connect to the web server via ftp. For […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[10],"tags":[],"class_list":["post-347","post","type-post","status-publish","format-standard","hentry","category-weather-site"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5uBIO-5B","_links":{"self":[{"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/posts\/347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/comments?post=347"}],"version-history":[{"count":2,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/posts\/347\/revisions"}],"predecessor-version":[{"id":370,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/posts\/347\/revisions\/370"}],"wp:attachment":[{"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/media?parent=347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/categories?post=347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stevoz.com\/myweatherblog\/wp-json\/wp\/v2\/tags?post=347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}