LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Errors configuring SCP on internal network. (http://www.linuxquestions.org/questions/linux-security-4/errors-configuring-scp-on-internal-network-4175431870/)

Rupadhya 10-12-2012 10:03 AM

Errors configuring SCP on internal network.
 
Hello all,

I am trying to configure SSH and SCP to copy some files from one Fedora machine to another. I have successfully got ssh working, but haven't got scp working. Check this out..
Code:

scp -v raj@192.168.1.1:/var/lib/AccountsService/icons/* ./temp/
Executing: program /usr/bin/ssh host 192.168.1.1, user raj, command scp -v -f -- /var/lib/AccountsService/icons/*
OpenSSH_5.9p1, OpenSSL 1.0.0j-fips 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug1: Connecting to 192.168.1.1 [192.168.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/raj/.ssh/id_rsa type -1
debug1: identity file /home/raj/.ssh/id_rsa-cert type -1
debug1: identity file /home/raj/.ssh/id_dsa type -1
debug1: identity file /home/raj/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9
debug1: match: OpenSSH_5.9 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 79:b7:eb:d8:fb:6a:43:8f:f7:72:a5:de:81:9d:14:45
debug1: Host '192.168.1.1' is known and matches the RSA host key.
debug1: Found key in /home/raj/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Trying private key: /home/raj/.ssh/id_rsa
debug1: Trying private key: /home/raj/.ssh/id_dsa
debug1: Next authentication method: password
raj@192.168.1.1's password:
debug1: Authentication succeeded (password).
Authenticated to 192.168.1.1 ([192.168.1.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=none
debug1: Sending env LANG = en_US.utf8
debug1: Sending command: scp -v -f -- /var/lib/AccountsService/icons/*
Sink: I'm thinking about DIGITAL READ-OUT systems and computer-generated
I'm thinking about DIGITAL READ-OUT systems and computer-generated
raj@rajhome2 Videos$ debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 2080, received 2256 bytes, in 0.2 seconds
Bytes per second: sent 10002.0, received 10848.3
debug1: Exit status -1

Any ideas?
- Raj

colucix 10-12-2012 10:23 AM

Code:

debug1: Sending command: scp -v -f -- /var/lib/AccountsService/icons/*
Sink: I'm thinking about DIGITAL READ-OUT systems and computer-generated
I'm thinking about DIGITAL READ-OUT systems and computer-generated

This appears to be the output of a fortune command. In general, if the remote machine prints out any output at login, usually due to commands in ~/.bashrc, scp fails. Try to remove any output from the login process on the remote machine and it should solve the problem. Not a security issue, anyway.

Rupadhya 10-12-2012 12:20 PM

Here is what I did.
yum erase fortune-mod.i686
Code:

Loaded plugins: downloadonly, fastestmirror, langpacks, presto, refresh-
              : packagekit, tidy-cache
Resolving Dependencies
--> Running transaction check
---> Package fortune-mod.i686 0:1.99.1-15.fc17 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package            Arch        Version                Repository      Size
================================================================================
Removing:
 fortune-mod        i686        1.99.1-15.fc17          @fedora        2.8 M

Transaction Summary
================================================================================
Remove  1 Package

Installed size: 2.8 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing    : fortune-mod-1.99.1-15.fc17.i686                              1/1
  Verifying  : fortune-mod-1.99.1-15.fc17.i686                              1/1

Removed:
  fortune-mod.i686 0:1.99.1-15.fc17

I got it working!!! Here is the remote copy without debugging.
Code:

raj@rajhome2 temp$ scp * raj@192.168.1.1:~/temp
raj@192.168.1.1's password:
jill                                          100%  19KB  19.2KB/s  00:00   
julie                                        100%  15KB  15.1KB/s  00:00   
raj                                          100%  16KB  16.5KB/s  00:00   
ruth                                          100%  19KB  18.8KB/s  00:00   
virginia                                      100%  15KB  15.4KB/s  00:00


Rupadhya 10-12-2012 12:58 PM

Minor problem/question. I get a small error when I copy now.
Code:

scp * raj@192.168.1.1:~/temp
raj@192.168.1.1's password:
bash: fortune: command not found...
gdm                                          100%  27    0.0KB/s  00:00   
jill                                          100%  79    0.1KB/s  00:00   
julie                                        100%  80    0.1KB/s  00:00   
pat                                          100%  86    0.1KB/s  00:00   
raj                                          100%  85    0.1KB/s  00:00   
ruth                                          100%  86    0.1KB/s  00:00   
virginia                                      100%  107    0.1KB/s  00:00

[code]
raj@rajhome2 users$ ssh raj@192.168.1.1
raj@192.168.1.1's password:
Last login: Fri Oct 12 09:33:53 2012 from 192.168.1.104
bash: fortune: command not found...
[/code}

What is the scp/ssh logic for login? I know it runs the ~.bashrc and the /etc/.bashrc if it exists, but there must be something else it executes before that.

- Raj

colucix 10-12-2012 01:32 PM

The shell should be invoked as a non-interactive login shell, so I would look in the /etc/profile, ~/.bash_profile ~/.profile and so on. Anyway you can easily find out where the offending command is, by means of
Code:

grep -w fortune ~/.* /etc/*

Rupadhya 10-12-2012 02:51 PM

It was in /etc/bashrc.

Code:

raj@rajhome1 ~$ grep -w fortune ~/.* /etc/* 2>/dev/null
/etc/bashrc:fortune

Thank You!
- Raj


All times are GMT -5. The time now is 09:59 PM.