[NTLUG:Discuss] Unattended ssh/scp/sftp transfers...
Tom Woody
woody at nfri.com
Wed May 22 10:16:22 CDT 2002
SSH is great but it hurts my head sometimes...
currently I am getting a "Permission denied (publickey,keyboard-interactive)." when trying this...
Host1 where I am trying to scp the files to is RH7.2 (OpenSSH_3.1p1 from RPM)
Host2 where I am trying to scp the files from is RH7.1 (OpenSSH_3.1p1 from RPM)
Host2 has RSAAuthentication set to yes, password authentication set to no, empty passwords set to no, with only protocol 2
1) I generate the ssh key on Host1 with 'ssh-keygen -t dsa' it prompts me for the name and I make it '.ssh/emptypassphrase' for ease, with an empty passphrase
2) I ftp the emptypassphrase.pub to Host2, and rename it .ssh/authorized_keys2
3) for giggles I restart ssh on both hosts
then I try (from host1): ssh -i .ssh/emptypassphrase backup at host2
I get the above permission denied
Is there anything I am missing?
On 21 May 2002 17:15:23 -0500
MadHat <madhat at unspecific.com> wrote:
> On Tue, 2002-05-21 at 17:02, Tom Woody wrote:
> > I want to use SSH to automate some regular backups and am having the worst time at it...
> >
> > I have various hosts that I need to either retrieve files from, or perform backups
> >
> > I know that I can use ssh,sftp,scp,etc to do these-as I have done them...but there is no way I have found to handle the authentication for the automated tasks.
> >
> > 1) I have tried doing RSAAuthentication but since I need to do this in a crontab I can't use the ssh-agent to store the passphrase, and I haven't found a way to provide the passphrase as an argument to scp/ssh
> > 2) I have tried using the SSH1 Rhosts authentication but that doesn't seem to want to work either
> >
> > Anyone have any other suggestions...I am all ears!
> >
>
> use a passphrasless key and the -I to specify the identify file.
>
> so you create a key with ssh-keygen, but don't make it the defaul
> identity file, use another name, the take the pub and add it to the
> remote host, but add what can be run and where they can connect from use
> the command and host directives in the authorized_keys file. Then you
> can use cron by saying
> scp -I identity_file user at host:file /local/path
>
>
> if oyu need more details, let me know.
>
> > --
> > Woody
> >
> > _______________________________________________
> > http://www.ntlug.org/mailman/listinfo/discuss
> >
> --
> MadHat at Unspecific.com
> gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98
> Key fingerprint = E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
--
Tom Woody
Systems Administrator
NationWide Flood Research, Inc.
phone: 214-631-0400 x209
fax: 214-631-0800
If you have any trouble sounding condescending,
find a Unix user to show you how it's done.
--Scott Adams
More information about the Discuss
mailing list