LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 12-04-2014, 09:51 AM   #1
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Rep: Reputation: 39
SCP command giving permission denied message


Hi guys,

I am getting an error like this:
"permission denied, please try again
permission denied, please try again
permission denied (gssapi-keyex, gssapi-with-mic,password)"

the scenario is:
I logged into my config server X and from there I am running the script to login to several servers where they are missing some packages which I will scp from Server Z. The scp command is giving me this error.

Code:
ssh $1 '
cd /rpm;
scp john@serverY1:/opt/rpm/src/package.rpm;
exit;
'
wondering why its getting permission denied as I am giving the right credentials.

Thanks in advance.
 
Old 12-04-2014, 09:54 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,630

Rep: Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265
probably you give correct user/pass for ssh, but scp has no right to go further (to server Z).
I think you can copy it to your current server and scp from here to the targets.
 
Old 12-04-2014, 10:03 AM   #3
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
I just ran the scp command manually from ServerY1 to pull file from serverZ and worked.

so why not work from the script !! weird..
 
Old 12-04-2014, 10:19 AM   #4
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,123

Rep: Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260Reputation: 1260
You are only giving one arg to scp - it needs a source and dest.
 
Old 12-04-2014, 10:29 AM   #5
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
my bad I missed to put the . in my first post ..

is it because I am using sudo, would that be the reason?

Code:
sudo ssh $1 '
cd /rpm;
scp john@serverY1:/opt/rpm/src/package.rpm .;
exit;
'
 
Old 12-04-2014, 10:33 AM   #6
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,630

Rep: Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265
yes, sudo will change the user, probably root has no right to ssh
 
Old 12-04-2014, 10:48 AM   #7
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
I login to config server as normal user but from there when I do sudo ssh to any of those serverY1/2/3, I become root over there.

So now after logging in as root when I try to grab file from serverZ its trying as my username and not root, I believe as I said that in the script to use my username and not root.

PHP Code:
scp john@serverZ:/opt/rpm/src/package.rpm .; 
may be here where its messing things up.

any way to resolve this ?
 
Old 12-04-2014, 10:51 AM   #8
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,630

Rep: Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265
scp works with two users. One the client (local) and the other is on the server (remote) side.
The authentication needs both of them. So your local user is able to scp to john@server, but root is not allowed to scp to john@server (at least as I understood)
 
Old 12-04-2014, 11:00 AM   #9
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
this is the part I am a bit lost.

if I do the whole steps manually like:
john@serverX]$ sudo ssh serverY1
after giving my password, i login as root in there
root@serverY1]# scp john@serverZ:/opt/rpm/src/package.rpm .;
it works and I have access to that location as John to grab the rpm file.
is it for any reason trying to grab it as root instead of John??

the same thing, I wrote via script but its says permission denied
 
Old 12-04-2014, 11:08 AM   #10
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,630

Rep: Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265Reputation: 7265
sorry, I can only guess. but actually you can try ssh -v and scp -v to see more information about what's happening.
 
Old 12-04-2014, 11:16 AM   #11
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
yeah already did.

It seems like the first 2 failure is happening due to gssapi-keyex and gssapi-with-mic
and then it asks for my password and after I give it .. success. so this is the manual process.

but when run in a script its failing the first two times and then its not asking me for my password and directly giving the last denied message "permission denied (gssapi-keyex, gssapi-with-mic,password)"

interesting ...
 
Old 12-04-2014, 11:34 AM   #12
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,568

Rep: Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865
I noticed that your script has:
Code:
scp john@serverY1:/opt/rpm/src/package.rpm;
and the manual command is
Code:
scp john@serverZ:/opt/rpm/src/package.rpm .;
Is that a typo or does the script have the wrong server?
 
Old 12-04-2014, 11:41 AM   #13
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
typo
serverZ has the rpm repository.
ServerX is my config server from where I login to other servers like ServerY1/2/3 as root and ServerY1/2/3 are the servers I want to pull the rpm's from ServerZ.
 
Old 12-04-2014, 11:49 AM   #14
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 525

Original Poster
Rep: Reputation: 39
so this is the error that I am getting when running from script:

Code:
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,password
debug1: No more authentication methods to try.
Permission denied (gssapi-keyex,gssapi-with-mic,password).
the red text is the place it asked me for password when I ran it manually but when ran it in script its failing to provide me a terminal to provide input, I guess so failing, most probably.
Any workaround for this, if I am getting this right.
 
Old 12-04-2014, 01:00 PM   #15
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,568

Rep: Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865Reputation: 5865
Quote:
ssh serverY1
...
scp john@serverZ:/opt/rpm/src/package.rpm .;
Might help if you posted the entire script. I don't full understand why you see the errors at the moment but when you run the script ssh actually starts another shell so the other commands i.e. scp will not run in that ssh session.

Although I don't think I have ever tried scp as a ssh command it might work with a little tweaking.

ssh servery1 'cd /rpm; scp john@serverZ:/opt/rpm/src/package.rpm .'


clusterssh is a tool that might fit your needs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
scp file fail: Permission denied (publickey) esolve Linux - Networking 2 01-07-2013 09:56 AM
[SOLVED] sudo giving permission denied on Linux ankgup87 Linux - General 10 02-29-2012 12:30 AM
[SOLVED] scp error : permission denied :(( hiteurecomupf Linux - Newbie 8 12-16-2010 07:14 AM
SCP: permission denied wackolacko Linux - General 3 01-30-2009 01:16 PM
scp permission denied but have write access linuxfia Linux - Software 5 08-14-2008 11:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration