Restic and sftp via Crontab

I try to use restic with sftp repository with auto cron jobs
the problem is that restic sftp ask for password for each action
there is any solution to auto insert the sftp password on restic init / backup commands?



that’s actually not a restic-specific problem but a question of using ssh/sftp in a secure manner. The solution is to use ssh keys. Check this out, for instance, on some basic tipps. In case restic also asks for the repository password, you can set that in your wrapper script or in .bashrc or some place like that.

An alternative would be using rest-server instead of sftp if you can influence that.

Hope that helps a little!

for example, with sftp I can run StrictHostKeyChecking=no
over sftp
but with restict -o sftp.command=“StrictHostKeyChecking=no” not working

also sshpass not work so well with restic


You can put it in ~/.ssh/config like so:

Host xyz
User root
Port xyz
StrictHostKeyChecking no

(Indent the last three lines)

I want to be able deploy that on many servers with minimal touch they SSH config


sftp.command expects the complete command to open a sftp connection including hostname etc. So the command should look like this:
restic -o sftp.command="ssh <hostname> -l <username> -s sftp" -r sftp::/path/on/server. Then you can add the ssh options using something like -o StrictHostKeyChecking=no to the command.

But I don’t think that disabling the host key checking is a good idea. You should rather use something like StrictHostKeyChecking=accept-new. Or properly setup the hostkey by connecting to the sftp server once using the user account used to run the cronjobs.

many thanks for that explanation :slight_smile: