batch job using scp - SSH

This is a discussion on batch job using scp - SSH ; G'day all; I have 2 linux systems each running sshd. I can ssh from/to either one and use a password to get authenticated. That works fine. I've created a script to scp to the other machine, login as myself and ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: batch job using scp

  1. batch job using scp

    G'day all;

    I have 2 linux systems each running sshd. I can ssh from/to either one
    and use a password to get authenticated. That works fine.

    I've created a script to scp to the other machine, login as myself and
    copy a file. That works great too.

    My goal is to automate the process. I've created DSA and RSA public and
    private keys on each side and have copied the public (via scp) to the
    other server in each case. Each server is also in the other server's
    known_hosts file.

    When trying to run the script in verbose batch mode (w/ -B -v) I see the
    keys get accepted but I still prompted for a password. I know I'm missing
    something (probably something simple) but i'm not sure what or where to
    look next.

    Any help would be appreciated.

    TIA,

    Bill

  2. Re: batch job using scp

    Hi,

    it may be a problem related to the permission on
    one of your file (not sure it's your problem, but
    it's a common one).

    What are the permissions on your "authorized keys" file
    on the machine you're trying to copy to ?

    On my system it looks like this (note that
    here file belongs to the root user, so it can't
    be modified by the client):

    [dummy ~/] 0 $ l .ssh/authorized_keys
    -rw-r--r-- 1 root root 1642 Mar 5 20:57 .ssh/authorized_keys
    [dummy ~/] 0 $

    It won't work if the file is group or world writeable.

    For example:

    [dummy ~/] 0 $ ls -l .ssh/authorized_keys
    -rw-r--r-- 1 root root 1642 Mar 5 20:57 .ssh/authorized_keys

    [dummy ~/] 0 $ ssh -2 127.0.0.1 true
    ....(login happens without asking for the password)

    [dummy ~/] 0 $ su
    Password:
    [root /home/dummy/] 0 # chmod 664 /home/dummy/.ssh/authorized_keys
    [root /home/dummy/] 0 # exit
    exit

    [dummy ~/] 0 $ ssh -2 127.0.0.1 true
    dummy@127.0.0.1's password:
    ....(the only thing that changed here is the permission
    .... of one file, now a password is needed)
    [dummy ~/] 0 $

    I have automated file copy procedures going on between
    various systems but providing a "password-less shell" makes
    me nervous so I restrict users allowed to connect without
    providing a password to a single command: sftp-server
    and I use sftp to send the files. I'm not using scp here, but
    it may still help you:

    [dummy ~/] 0 $ echo put /home/public/dl/45.ps | sftp 192.168.42.42:
    Connecting to 192.168.42.42...
    Changing to: /home/dummy/
    sftp> Uploading /home/public/dl/45.ps to /home/dummy/45.ps
    /home/public/dl/45.ps 100% 49KB 48.6KB/s
    00:00
    sftp>
    [dummy ~/] 0 $

    No password is asked and opening an ssh shell is not permitted.

    The archives of this group have lots of infos on this subject,


  3. Re: batch job using scp

    On Sun, 05 Mar 2006 12:28:25 -0800, lewmania942 wrote:

    > Hi,
    >
    > it may be a problem related to the permission on
    > one of your file (not sure it's your problem, but
    > it's a common one).
    >
    > What are the permissions on your "authorized keys" file
    > on the machine you're trying to copy to ?
    >
    > On my system it looks like this (note that
    > here file belongs to the root user, so it can't
    > be modified by the client):
    >
    > [dummy ~/] 0 $ l .ssh/authorized_keys
    > -rw-r--r-- 1 root root 1642 Mar 5 20:57 .ssh/authorized_keys
    > [dummy ~/] 0 $
    >
    > It won't work if the file is group or world writeable.
    >
    > For example:
    >
    > [dummy ~/] 0 $ ls -l .ssh/authorized_keys
    > -rw-r--r-- 1 root root 1642 Mar 5 20:57 .ssh/authorized_keys
    >
    > [dummy ~/] 0 $ ssh -2 127.0.0.1 true
    > ...(login happens without asking for the password)
    >
    > [dummy ~/] 0 $ su
    > Password:
    > [root /home/dummy/] 0 # chmod 664 /home/dummy/.ssh/authorized_keys
    > [root /home/dummy/] 0 # exit
    > exit
    >
    > [dummy ~/] 0 $ ssh -2 127.0.0.1 true
    > dummy@127.0.0.1's password:
    > ...(the only thing that changed here is the permission
    > ... of one file, now a password is needed)
    > [dummy ~/] 0 $
    >
    > I have automated file copy procedures going on between
    > various systems but providing a "password-less shell" makes
    > me nervous so I restrict users allowed to connect without
    > providing a password to a single command: sftp-server
    > and I use sftp to send the files. I'm not using scp here, but
    > it may still help you:
    >
    > [dummy ~/] 0 $ echo put /home/public/dl/45.ps | sftp 192.168.42.42:
    > Connecting to 192.168.42.42...
    > Changing to: /home/dummy/
    > sftp> Uploading /home/public/dl/45.ps to /home/dummy/45.ps
    > /home/public/dl/45.ps 100% 49KB 48.6KB/s
    > 00:00
    > sftp>
    > [dummy ~/] 0 $
    >
    > No password is asked and opening an ssh shell is not permitted.
    >
    > The archives of this group have lots of infos on this subject,



    I'll take a look. than ks for the ideas.

    Bill


  4. Re: batch job using scp

    >>>>> "WBC" == William B Cattell writes:

    WBC> G'day all; I have 2 linux systems each running sshd. I can ssh
    WBC> from/to either one and use a password to get authenticated. That
    WBC> works fine.

    WBC> I've created a script to scp to the other machine, login as
    WBC> myself and copy a file. That works great too.

    WBC> My goal is to automate the process. I've created DSA and RSA
    WBC> public and private keys on each side and have copied the public
    WBC> (via scp) to the other server in each case. Each server is also
    WBC> in the other server's known_hosts file.

    WBC> When trying to run the script in verbose batch mode (w/ -B -v) I
    WBC> see the keys get accepted but I still prompted for a password. I
    WBC> know I'm missing something (probably something simple) but i'm
    WBC> not sure what or where to look next.

    http://www.snailbook.com/faq/general...ging.auto.html

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread