SCP from one server to another without password prompt
up vote
17
down vote
favorite
What is the best way of doing scp from one box to the other without prompting for password?
There are two servers:
Server A (10.152.2.10):
/home/oracle/export/files.txtServer B (10.152.2.11):
/home/oracle/import/
If I want to transfer the files using scp from server A to server B without being prompted to enter a password
[running this from Server A, /home/oracle/export/]
scp files.txt oracle@10.152.2.11:/home/oracle/import
This would prompt me for a password upon entering the command.
I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:
ssh-keygen -t rsa
This gives me two files stored in /home/oracle/.ssh:
id_rsa
id_rsa.pub
1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?
While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.
2. Am I supposed to create this file on my own?
I seem to be confused on what is the right way to do this.
Btw, the two servers are running Suse Linux Enterprise Edition 9...
ssh scp key-authentication
edited May 29 '16 at 13:29
jimmij
30.3k868102
migrated from stackoverflow.com Jun 2 '11 at 0:53
This question came from our site for professional and enthusiast programmers.
add a comment |
up vote
17
down vote
favorite
What is the best way of doing scp from one box to the other without prompting for password?
There are two servers:
Server A (10.152.2.10):
/home/oracle/export/files.txtServer B (10.152.2.11):
/home/oracle/import/
If I want to transfer the files using scp from server A to server B without being prompted to enter a password
[running this from Server A, /home/oracle/export/]
scp files.txt oracle@10.152.2.11:/home/oracle/import
This would prompt me for a password upon entering the command.
I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:
ssh-keygen -t rsa
This gives me two files stored in /home/oracle/.ssh:
id_rsa
id_rsa.pub
1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?
While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.
2. Am I supposed to create this file on my own?
I seem to be confused on what is the right way to do this.
Btw, the two servers are running Suse Linux Enterprise Edition 9...
ssh scp key-authentication
edited May 29 '16 at 13:29
jimmij
30.3k868102
migrated from stackoverflow.com Jun 2 '11 at 0:53
This question came from our site for professional and enthusiast programmers.
1
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18
add a comment |
up vote
17
down vote
favorite
up vote
17
down vote
favorite
What is the best way of doing scp from one box to the other without prompting for password?
There are two servers:
Server A (10.152.2.10):
/home/oracle/export/files.txtServer B (10.152.2.11):
/home/oracle/import/
If I want to transfer the files using scp from server A to server B without being prompted to enter a password
[running this from Server A, /home/oracle/export/]
scp files.txt oracle@10.152.2.11:/home/oracle/import
This would prompt me for a password upon entering the command.
I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:
ssh-keygen -t rsa
This gives me two files stored in /home/oracle/.ssh:
id_rsa
id_rsa.pub
1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?
While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.
2. Am I supposed to create this file on my own?
I seem to be confused on what is the right way to do this.
Btw, the two servers are running Suse Linux Enterprise Edition 9...
ssh scp key-authentication
edited May 29 '16 at 13:29
jimmij
30.3k868102
What is the best way of doing scp from one box to the other without prompting for password?
There are two servers:
Server A (10.152.2.10):
/home/oracle/export/files.txtServer B (10.152.2.11):
/home/oracle/import/
If I want to transfer the files using scp from server A to server B without being prompted to enter a password
[running this from Server A, /home/oracle/export/]
scp files.txt oracle@10.152.2.11:/home/oracle/import
This would prompt me for a password upon entering the command.
I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:
ssh-keygen -t rsa
This gives me two files stored in /home/oracle/.ssh:
id_rsa
id_rsa.pub
1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?
While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.
2. Am I supposed to create this file on my own?
I seem to be confused on what is the right way to do this.
Btw, the two servers are running Suse Linux Enterprise Edition 9...
ssh scp key-authentication
ssh scp key-authentication
edited May 29 '16 at 13:29
jimmij
30.3k868102
edited May 29 '16 at 13:29
jimmij
30.3k868102
edited May 29 '16 at 13:29
jimmij
30.3k868102
edited May 29 '16 at 13:29
jimmij
30.3k868102
edited May 29 '16 at 13:29
jimmij
30.3k868102
30.3k868102
asked Feb 27 '09 at 5:55
N2EE
migrated from stackoverflow.com Jun 2 '11 at 0:53
This question came from our site for professional and enthusiast programmers.
migrated from stackoverflow.com Jun 2 '11 at 0:53
This question came from our site for professional and enthusiast programmers.
1
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18
add a comment |
1
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18
1
1
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18
add a comment |
5 Answers
5
active
oldest
votes
up vote
15
down vote
- No, you keep
id_rsato yourself; however,id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of~/.ssh/authorized_keys. - Yes, you may create
~/.ssh/authorized_keysif it is not already created; otherwise, just append to the end of the file, usingcat id_rsa.pub >>~/.ssh/authorized_keys.
answered Feb 27 '09 at 6:08
mipadi
25114
add a comment |
up vote
11
down vote
Also there is a tool that sorts all this for you called ssh-copy-id.
It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa
edited Jun 2 '11 at 5:10
alex
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
add a comment |
up vote
5
down vote
You should also check the permissions on the various files and directories:
authorized_keys needs perms of 600 (chmod 600 authorized_keys)
the .ssh directory should be 700
your home directory should be at most 744
Your home directory must not be writable by anyone other than you.
answered Mar 17 '09 at 20:42
dr-jan
41639
add a comment |
up vote
0
down vote
In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:
sftp -v -oPort=22 userid@server
Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
add a comment |
up vote
0
down vote
I would do the following:
On the client:
ssh-keygen -t rsa
ssh-copy-id oracle@10.152.2.11
This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.
- Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.
On the Server:
I would at the vary least, turn off Password Authentication.
answered Nov 26 at 2:36
Michael Prokopec
62115
add a comment |
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
15
down vote
- No, you keep
id_rsato yourself; however,id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of~/.ssh/authorized_keys. - Yes, you may create
~/.ssh/authorized_keysif it is not already created; otherwise, just append to the end of the file, usingcat id_rsa.pub >>~/.ssh/authorized_keys.
answered Feb 27 '09 at 6:08
mipadi
25114
add a comment |
up vote
15
down vote
- No, you keep
id_rsato yourself; however,id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of~/.ssh/authorized_keys. - Yes, you may create
~/.ssh/authorized_keysif it is not already created; otherwise, just append to the end of the file, usingcat id_rsa.pub >>~/.ssh/authorized_keys.
answered Feb 27 '09 at 6:08
mipadi
25114
add a comment |
up vote
15
down vote
up vote
15
down vote
- No, you keep
id_rsato yourself; however,id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of~/.ssh/authorized_keys. - Yes, you may create
~/.ssh/authorized_keysif it is not already created; otherwise, just append to the end of the file, usingcat id_rsa.pub >>~/.ssh/authorized_keys.
answered Feb 27 '09 at 6:08
mipadi
25114
- No, you keep
id_rsato yourself; however,id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of~/.ssh/authorized_keys. - Yes, you may create
~/.ssh/authorized_keysif it is not already created; otherwise, just append to the end of the file, usingcat id_rsa.pub >>~/.ssh/authorized_keys.
answered Feb 27 '09 at 6:08
mipadi
25114
answered Feb 27 '09 at 6:08
mipadi
25114
answered Feb 27 '09 at 6:08
mipadi
25114
answered Feb 27 '09 at 6:08
mipadi
25114
25114
add a comment |
add a comment |
up vote
11
down vote
Also there is a tool that sorts all this for you called ssh-copy-id.
It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa
edited Jun 2 '11 at 5:10
alex
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
add a comment |
up vote
11
down vote
Also there is a tool that sorts all this for you called ssh-copy-id.
It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa
edited Jun 2 '11 at 5:10
alex
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
add a comment |
up vote
11
down vote
up vote
11
down vote
Also there is a tool that sorts all this for you called ssh-copy-id.
It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa
edited Jun 2 '11 at 5:10
alex
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
Also there is a tool that sorts all this for you called ssh-copy-id.
It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa
edited Jun 2 '11 at 5:10
alex
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
edited Jun 2 '11 at 5:10
alex
4,18931827
edited Jun 2 '11 at 5:10
alex
4,18931827
edited Jun 2 '11 at 5:10
alex
4,18931827
4,18931827
answered Jun 2 '11 at 4:42
mauilion
39646
answered Jun 2 '11 at 4:42
mauilion
39646
answered Jun 2 '11 at 4:42
mauilion
39646
39646
add a comment |
add a comment |
up vote
5
down vote
You should also check the permissions on the various files and directories:
authorized_keys needs perms of 600 (chmod 600 authorized_keys)
the .ssh directory should be 700
your home directory should be at most 744
Your home directory must not be writable by anyone other than you.
answered Mar 17 '09 at 20:42
dr-jan
41639
add a comment |
up vote
5
down vote
You should also check the permissions on the various files and directories:
authorized_keys needs perms of 600 (chmod 600 authorized_keys)
the .ssh directory should be 700
your home directory should be at most 744
Your home directory must not be writable by anyone other than you.
answered Mar 17 '09 at 20:42
dr-jan
41639
add a comment |
up vote
5
down vote
up vote
5
down vote
You should also check the permissions on the various files and directories:
authorized_keys needs perms of 600 (chmod 600 authorized_keys)
the .ssh directory should be 700
your home directory should be at most 744
Your home directory must not be writable by anyone other than you.
answered Mar 17 '09 at 20:42
dr-jan
41639
You should also check the permissions on the various files and directories:
authorized_keys needs perms of 600 (chmod 600 authorized_keys)
the .ssh directory should be 700
your home directory should be at most 744
Your home directory must not be writable by anyone other than you.
answered Mar 17 '09 at 20:42
dr-jan
41639
answered Mar 17 '09 at 20:42
dr-jan
41639
answered Mar 17 '09 at 20:42
dr-jan
41639
answered Mar 17 '09 at 20:42
dr-jan
41639
41639
add a comment |
add a comment |
up vote
0
down vote
In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:
sftp -v -oPort=22 userid@server
Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
add a comment |
up vote
0
down vote
In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:
sftp -v -oPort=22 userid@server
Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
add a comment |
up vote
0
down vote
up vote
0
down vote
In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:
sftp -v -oPort=22 userid@server
Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:
sftp -v -oPort=22 userid@server
Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
edited Sep 2 '16 at 7:58
Kevdog777
2,087123259
2,087123259
answered Sep 2 '16 at 7:16
Raj
1
answered Sep 2 '16 at 7:16
Raj
1
answered Sep 2 '16 at 7:16
Raj
1
1
add a comment |
add a comment |
up vote
0
down vote
I would do the following:
On the client:
ssh-keygen -t rsa
ssh-copy-id oracle@10.152.2.11
This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.
- Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.
On the Server:
I would at the vary least, turn off Password Authentication.
answered Nov 26 at 2:36
Michael Prokopec
62115
add a comment |
up vote
0
down vote
I would do the following:
On the client:
ssh-keygen -t rsa
ssh-copy-id oracle@10.152.2.11
This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.
- Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.
On the Server:
I would at the vary least, turn off Password Authentication.
answered Nov 26 at 2:36
Michael Prokopec
62115
add a comment |
up vote
0
down vote
up vote
0
down vote
I would do the following:
On the client:
ssh-keygen -t rsa
ssh-copy-id oracle@10.152.2.11
This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.
- Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.
On the Server:
I would at the vary least, turn off Password Authentication.
answered Nov 26 at 2:36
Michael Prokopec
62115
I would do the following:
On the client:
ssh-keygen -t rsa
ssh-copy-id oracle@10.152.2.11
This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.
- Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.
On the Server:
I would at the vary least, turn off Password Authentication.
answered Nov 26 at 2:36
Michael Prokopec
62115
answered Nov 26 at 2:36
Michael Prokopec
62115
answered Nov 26 at 2:36
Michael Prokopec
62115
answered Nov 26 at 2:36
Michael Prokopec
62115
62115
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f14196%2fscp-from-one-server-to-another-without-password-prompt%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18