> You're right, this isn't pretty. :-( Any progress since then? Well, I had a good idea: set up a shared (ControlMaster) ssh connection first, in order to get the authentication out of the way, then have the sftp batch step use the shared connection.
Unfortunately it seems that that idea isn't going to work, because although I didn't know it at first, ssh shared connections don't work in Cygwin. (Unless something has changed - no answer yet to https://cygwin.com/ml/cygwin/2015-01/msg00010.html .) Other possible ideas: * Write an expect script to look for a password prompt, pass it on to the user if it comes, otherwise go on with the batch sftp. * Start sftp as a bash coproc, and write bash code to look for the password prompt in the output. I tried this a bit but again it seems that sftp suppresses the password prompt if it detects that its stdin isn't coming from a TTY. Even if those ideas can be made to work, none of them is clearly better than the one I described before. All add complexity and depend on screen scraping. It's vexing that it's so hard to find a solution to such a simple problem: prompt the user for a password if and only if one is needed. If none of that seems worth the extra work, then I guess the fallback is to use lftp sftp://cygwin:@cygwin.com so that the user will always be prompted for a password, whether one is needed or not. Personally I would hate that, because I always have a running ssh-agent exactly so that I don't have to answer password prompts all the time. But it would work. PITA Andrew