Hi

I try to remote transfer a file from one server to another like:

and i am getting :

What is wrong?

Have you checked to see what the -p switch means?

1 members found this post helpful.

according to the manpage for scp, the -p option is to preserve timestamps on the files (and not the password). if you run it without the -p option it should prompt you for password.

if you are trying to automate something you should set up public key encryption:
http://linuxproblem.org/art_9.html

1 members found this post helpful.

I agree with schneidz. But if you are stuck and need to use a password with SCP you can always use 'sshpass' or 'expect'. A quick internet search will turn up plenty of examples for both of them.

Hi,
Both of these methods have serious security problems.

You should instead use public/private key authentication either with ssh-agent or with a private key that is not protected by a passphrase but has limited functionality using the command="XXX" option in the authorized_keys file.

Evo2.

1 members found this post helpful.

Thats what schneidz said here:

and as far as this goes:

True - only if you are talking about making a permanent script.

Using expect and sshpass for a short term, one run script is not necisarrily a security problem. As I mentioned, 'if you are stuck' and absolutely have to get this done with a password, then they are good fire and forget solutions, but shouldn't be used for permanent scripts.

Also, the bigger security problem is that they are using passwords at all. But that is a whole different question.

Hi,
Sorry, but I disagree. Even if it is not permanent it still means that the root password will be stored in plain text on that machine.
Not only is it a security problem, it is also wasted effort. Why bother setting this up if it is only to be used once. Just enter the password at the prompt.
The OP clearly has root access on that machine, so presumably OP can configure it to accept public key authentication (which is anyway the default on any sshd install I've seen).
Actually, I'd probably argue that allowing root to ssh in is a bigger problem.

Evo2.

1 members found this post helpful.

I think you are right on all counts.

An explanation though:

It would be stored on the computer temporarily. That means that it is deleted afterward.

I create scripts all the time that are only used for an hour or so. And sometimes I hardcode a password into them, so I don't have to re-type the password 100 times while I am testing the script. Once I'm done, the script is wiped.

I applaud you if you have never, ever made a script that you had to hard code a password in for temporary usage. But for some of us, this happens occasionally.

And perhaps you work in an environment where you can just willy-nilly change the authentication method from password to ssh-keys. Thats applaudable too. But not everyone has that kind of freedom, and we are stuck with workarounds until it can be changed.

You should still use the PKI instead.

There is a frequent "forgetting" to delete the file containing the password...