scp in unattended batch mode
From: LRW (deja_at_celticbear.com)
Date: 06/16/04
- Next message: Richard E. Silverman: "Re: Connection reset by peer , but success on Virtual NIC"
- Previous message: Clayton Weaver: "Re: tar backup/ssh problem"
- Next in thread: Ville Mattila: "Re: scp in unattended batch mode"
- Reply: Ville Mattila: "Re: scp in unattended batch mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 16 Jun 2004 12:02:00 -0700
I'm wanting to set up a cron on a server to copy some backed up files
from it to a remote server. So I looked at man ssh and scp, and asked
some questions elsewhere, and yet I still can't get it to work.
Here's the instructions I followed from "Amadeus W.M." to the letter.
Then after, is the result I get:
1) On the LOCAL machine, generate a private/public pair of keys:
ssh-keygen -t dsa
This creates two files:
id_dsa # the private key - remains local
id_dsa.pub # the public key - must be put on the REMOTE machine.
Both of these are created in .ssh in the user's home directory,
e.g. /home/joeuser/.ssh.
2) Put the public key on the REMOTE machine:
scp id_dsa.pub joeuser@remote.machine.com:.
This will put id_dsa.pub in the home directory of "joeuser" on the
remote machine. Any existing id_dsa.pub will be overridden!
3) On the REMOTE machine, append the newly transfered id_dsa.pub
to the authorized_keys2 file:
ssh joeuser@remote.machine.com
cat id_dsa.pub >> .ssh/authorized_keys2
Note the >> (rather than >)!
So I did all that (except on the remote server there was not an .ssh
directory already. I had to ssh into the source server in order for
the recipient server to get an .ssh for that account name that will be
used.)
I understand it's not completely secure, using an empty passphrase,
but right now I don't care. I'm certain about the rest of the
security, so I doubt anyone will get in to get my empty passphrase,
so, that not withstanding....
And when I try to run SCP I get the following when I use verbose:
[backup@server1 backup]$ scp -vB .ssh/* backup@(destination
IP):/home/backup/
Executing: program /usr/bin/ssh host (destination IP), user backup,
command scp -v -d -t /home/backup/
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 557 geteuid 0 anon 1
debug1: Connecting to (destination IP) [(destination IP)] port 22.
debug1: temporarily_use_uid: 557/554 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 557/554 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/backup/.ssh/identity type -1
debug1: identity file /home/backup/.ssh/id_rsa type -1
debug1: identity file /home/backup/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.1p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 131/256
debug1: bits set: 1582/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '(destination IP)' is known and matches the RSA host key.
debug1: Found key in /home/backup/.ssh/known_hosts:1
debug1: bits set: 1658/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/backup/.ssh/identity
debug1: try privkey: /home/backup/.ssh/id_rsa
debug1: try pubkey: /home/backup/.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x8063510(0x0)
lost connection
[backup@server1 backup]$
And when I don't use batch mode, it still prompts me for a passphrase.
Any suggestions about what I'm doing wrong?
Thanks!
Liam
- Next message: Richard E. Silverman: "Re: Connection reset by peer , but success on Virtual NIC"
- Previous message: Clayton Weaver: "Re: tar backup/ssh problem"
- Next in thread: Ville Mattila: "Re: scp in unattended batch mode"
- Reply: Ville Mattila: "Re: scp in unattended batch mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
