Copying file from Linux to Linux through SSH

**datamike** · 06-16-2003, 08:37 PM

Hi , I am trying to set a cron job that will copy two files from one Linux box to another through our VPN. I have about 30 Linux boxes so you can see why I want to automate this. I want to use SSH pub keys so it doesn't ask for a password but I can't find good docs on how to do this. Does anyone know where I can find good ones?, or maybe know of a better way? Thanks.

**demian** · 06-17-2003, 03:08 PM

You mean how to generate passphrase-less keys?

Just do ssh-keygen -b 1024 -t dsa -f your.key.name

on the source machine. The last argument is optional. It defaults to ~/.ssh/id_dsa. This will produce a public/private pair of 1024 bit keys that are saved to the file your.key.name.pub and you.key.name respectively. When it prompts you to enter a passphrase just hit return twice.
Other possible values to the -t switch are rsa1 ans rsa. Frankly I don't know much about the diffenrences.

Then append the public key to the ~/.ssh/authorized_keys file on the target machine (create the file if it's not there already and change the permission to 600 to be secure). Use the user's home dir that you will be logging in as

Then copying from source to target machine is done like so:

scp -i /path/to/you.key.name path/to/source/file user@machine:/path/to/target/file

Again, the -i is optional and defaults to ~/.ssh/id_dsa

As for docs on the subject. I think linux journal is running a series on ssh at the moment. You might want to check that out.

**datamike** · 06-17-2003, 04:42 PM

Hi Demian, I did everything you just told me but I still get prompted for a password. Is there anything else I can check? Is the file authorized_keys really checked? It seems that it is ignoring it.

**gorn** · 06-17-2003, 06:03 PM

maybe this will help

http://www.cs.umd.edu/~arun/misc/ssh.html

good luck

also ssh -v will run verbosely, so you can see if it's checking the authorized key or not

**datamike** · 06-18-2003, 02:45 PM

Thanks for all your help demian and gorn. For some reason the only way I could get it to work was chmod 600 the authorized_keys file. I know that you told me to do that but when I was testing I didn't think it would matter. Kinda wierd, but thanks again. I wrote my script and I am copying away.

**demian** · 06-18-2003, 05:11 PM

[quote author=datamike link=board=1;threadid=7231;start=0#66823 date=1055947556]
...when I was testing I didn't think it would matter. Kinda wierd,...
[/quote]

Ahh I actually didn't know it matters. I just thought it would be a good idea to have nobody be able to snoop around your keys. But I found out that there's a config option in sshd_config: StrictModes and it defaults to 'yes' this tells the server to check the file permission before authorization.

Now that key authentication works you might want to switch off password based authetication altogether. In /etc/ssh/sshd_config

PasswordAuthentication No

Happy scp'ing