Hi,

Yes, what you want to do is definitely possible, but the “best” solution depends a bit on how the 2FA is implemented on the server.

In general, constantly polling the server every 5 minutes with a fresh login is usually not ideal, especially with OTP-based authentication.

A few thoughts:

• If the server allows SSH key authentication together with 2FA, you may be able to establish a long-lived authenticated session and reuse it.
  
• Another common approach is using rsync or scp with SSH keys and a scheduled task/cron job instead of an infinite loop.
  
• Some systems also support SFTP automation tools that can maintain sessions or cache authentication tokens temporarily.
  

You could also look into:

• ssh-agent for keeping keys loaded
  
• SSH multiplexing (ControlMaster) to reuse a single authenticated connection
  
• file synchronization tools like lsyncd, syncthing, or rclone
  

If your 2FA solution expires immediately after login and requires a new OTP for every new SSH connection, then fully unattended automation may intentionally be blocked by the security policy.

In that case, one workaround is:

1. Manually authenticate once
   
2. Keep the SSH session alive
   
3. Reuse that existing tunnel/session for transfers during the day
   

Another option is to ask the server admin whether a service account/API token/key-based exception exists specifically for automated transfers.

Also, instead of “copy then delete,” be careful with data integrity. Usually it’s safer to:

• copy
  
• verify transfer success
  
• then remove the original file
  

Otherwise partial transfers can become painful.

Overall, your idea is reasonable — I’d just recommend moving away from the infinite loop approach and toward scheduled sync tools or persistent SSH sessions.

Unfortunately, it is not possible.

This feature is being tracked already:
Issue 1928 – Support for multiple passwords in automation
You can vote for it there.

First it asks for the OTP, then for the password, so there are two prompts in succession. How can I differ between a regular and a additional prompt?

Thanks a lot

How does the server prompt for the OTP? Is it a regular password prompt? Or is it an additional prompt (after password)?

Hello,
I want to move data from a server to my local machine (and vise versa) in an automatic way. Every time if there is a new file created in a certain folder of the server, it should be moved (or copy and deleted) to the local machine. My suggestion is to have a script running on my local machine with a infinity loop, which checks if there is anything new on the server every 5 min and than do the movement stuff. The problem is, that I have to use 2FA to connect to my server. Is there any possibility to login to the server once a day with a OTP and than use the established connection? I tried a bit around with scripting and the .NET assembly but nothing worked.

Thansk a lot for your help and best regards,

Johannes