Hello. I recently encountered the following scenario. We rented SFTP cloud storage from a data centre, without physical access via SSH. We were only provided with the URL, port, user name and password for the storage. Later, when we decided to use it for restic storage, we encountered a problem: restic itself does not support sftp password authentication. It always requires an ssh key to work correctly. We later solved this problem with a workaround using rclone+restic. But the question remained open. Is it possible to connect to an sftp storage via password? If not, why not implement this feature?
Many providers of value provide a way for you to give them an SSH key for authentication. Maybe check if this one does?
Regarding why, it’s mentioned here:
Passwordless login is important since automatic backups are not possible if the server prompts for credentials
Unfortunately my ISP replied that there is no such feature yet, and I have submitted a proposal to them to fix it. In fact, the problem was solved with rclone, but this whole situation was very frustrating(.
Can you tell me if it is technically problematic to pass the password to the ISP?
I can’t, sorry. Maybe someone else who knows more about how restic makes use of SSH can 
At the end of the day, not being able to use SSH keys, which are so incredibly established, is quite a niche case. But I get that it was frustrating.
1 Like
Unlike for ssh keys, there’s no clean interface in openssh to enter a password. A program basically has to somehow detect that there’s a password prompt by parsing the output. That’s a rather messy endeavor.
In addition, passwords can be phished whereas ssh keys can’t.
I’d like to add that I would have used rclone anyway, because it is multi-threaded (and so is restic). I have benchmarked sftp vs rclone in the early days of using restic (shortly after compression was added, which is when I switched from borg), and – while I don’t have those numbers handy – I distinctly recall a difference in how long the backup takes.
Of course assuming your network pipe is fat
Older versions of restic had SFTP that wasn’t very optimized, and a regression happened in 0.12.1 that made things slower, but since restic 0.17.0 the SFTP backend performance is greatly improved so you might want to try it again.
2 Likes
Give a chance to sshpass
https://www.cyberciti.biz/faq/noninteractive-shell-script-ssh-password-provider/