LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 10-12-2012, 11:03 AM   #1
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora 20
Posts: 167

Rep: Reputation: Disabled
Errors configuring SCP on internal network.


Hello all,

I am trying to configure SSH and SCP to copy some files from one Fedora machine to another. I have successfully got ssh working, but haven't got scp working. Check this out..
Code:
scp -v raj@192.168.1.1:/var/lib/AccountsService/icons/* ./temp/
Executing: program /usr/bin/ssh host 192.168.1.1, user raj, command scp -v -f -- /var/lib/AccountsService/icons/*
OpenSSH_5.9p1, OpenSSL 1.0.0j-fips 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug1: Connecting to 192.168.1.1 [192.168.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/raj/.ssh/id_rsa type -1
debug1: identity file /home/raj/.ssh/id_rsa-cert type -1
debug1: identity file /home/raj/.ssh/id_dsa type -1
debug1: identity file /home/raj/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9
debug1: match: OpenSSH_5.9 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 79:b7:eb:d8:fb:6a:43:8f:f7:72:a5:de:81:9d:14:45
debug1: Host '192.168.1.1' is known and matches the RSA host key.
debug1: Found key in /home/raj/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Trying private key: /home/raj/.ssh/id_rsa
debug1: Trying private key: /home/raj/.ssh/id_dsa
debug1: Next authentication method: password
raj@192.168.1.1's password: 
debug1: Authentication succeeded (password).
Authenticated to 192.168.1.1 ([192.168.1.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=none
debug1: Sending env LANG = en_US.utf8
debug1: Sending command: scp -v -f -- /var/lib/AccountsService/icons/*
Sink: I'm thinking about DIGITAL READ-OUT systems and computer-generated
I'm thinking about DIGITAL READ-OUT systems and computer-generated
raj@rajhome2 Videos$ debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 2080, received 2256 bytes, in 0.2 seconds
Bytes per second: sent 10002.0, received 10848.3
debug1: Exit status -1
Any ideas?
- Raj
 
Old 10-12-2012, 11:23 AM   #2
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509

Rep: Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957
Code:
debug1: Sending command: scp -v -f -- /var/lib/AccountsService/icons/*
Sink: I'm thinking about DIGITAL READ-OUT systems and computer-generated
I'm thinking about DIGITAL READ-OUT systems and computer-generated
This appears to be the output of a fortune command. In general, if the remote machine prints out any output at login, usually due to commands in ~/.bashrc, scp fails. Try to remove any output from the login process on the remote machine and it should solve the problem. Not a security issue, anyway.
 
2 members found this post helpful.
Old 10-12-2012, 01:20 PM   #3
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora 20
Posts: 167

Original Poster
Rep: Reputation: Disabled
Here is what I did.
yum erase fortune-mod.i686
Code:
Loaded plugins: downloadonly, fastestmirror, langpacks, presto, refresh-
              : packagekit, tidy-cache
Resolving Dependencies
--> Running transaction check
---> Package fortune-mod.i686 0:1.99.1-15.fc17 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch         Version                 Repository       Size
================================================================================
Removing:
 fortune-mod         i686         1.99.1-15.fc17          @fedora         2.8 M

Transaction Summary
================================================================================
Remove  1 Package

Installed size: 2.8 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing    : fortune-mod-1.99.1-15.fc17.i686                              1/1 
  Verifying  : fortune-mod-1.99.1-15.fc17.i686                              1/1 

Removed:
  fortune-mod.i686 0:1.99.1-15.fc17
I got it working!!! Here is the remote copy without debugging.
Code:
raj@rajhome2 temp$ scp * raj@192.168.1.1:~/temp
raj@192.168.1.1's password: 
jill                                          100%   19KB  19.2KB/s   00:00    
julie                                         100%   15KB  15.1KB/s   00:00    
raj                                           100%   16KB  16.5KB/s   00:00    
ruth                                          100%   19KB  18.8KB/s   00:00    
virginia                                      100%   15KB  15.4KB/s   00:00
 
Old 10-12-2012, 01:58 PM   #4
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora 20
Posts: 167

Original Poster
Rep: Reputation: Disabled
Minor problem/question. I get a small error when I copy now.
Code:
scp * raj@192.168.1.1:~/temp
raj@192.168.1.1's password: 
bash: fortune: command not found...
gdm                                           100%   27     0.0KB/s   00:00    
jill                                          100%   79     0.1KB/s   00:00    
julie                                         100%   80     0.1KB/s   00:00    
pat                                           100%   86     0.1KB/s   00:00    
raj                                           100%   85     0.1KB/s   00:00    
ruth                                          100%   86     0.1KB/s   00:00    
virginia                                      100%  107     0.1KB/s   00:00
[code]
raj@rajhome2 users$ ssh raj@192.168.1.1
raj@192.168.1.1's password:
Last login: Fri Oct 12 09:33:53 2012 from 192.168.1.104
bash: fortune: command not found...
[/code}

What is the scp/ssh logic for login? I know it runs the ~.bashrc and the /etc/.bashrc if it exists, but there must be something else it executes before that.

- Raj
 
Old 10-12-2012, 02:32 PM   #5
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509

Rep: Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957
The shell should be invoked as a non-interactive login shell, so I would look in the /etc/profile, ~/.bash_profile ~/.profile and so on. Anyway you can easily find out where the offending command is, by means of
Code:
grep -w fortune ~/.* /etc/*
 
1 members found this post helpful.
Old 10-12-2012, 03:51 PM   #6
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora 20
Posts: 167

Original Poster
Rep: Reputation: Disabled
It was in /etc/bashrc.

Code:
raj@rajhome1 ~$ grep -w fortune ~/.* /etc/* 2>/dev/null
/etc/bashrc:fortune
Thank You!
- Raj
 
  


Reply

Tags
scp, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Copying files with scp - from a network to another network githin Linux - Networking 4 05-05-2011 09:57 PM
Directory name cause scp errors Roosta21 Linux - Software 7 11-23-2007 02:30 PM
Configuring apache to point to internal server immortaltechnique Linux - Networking 4 09-20-2007 02:52 PM
Configuring DNS Server on internal stand alone network with virtual clients scnetlab Red Hat 2 03-23-2006 02:31 AM
configuring netodragon internal modem polytropos Linux - Networking 0 08-03-2003 03:38 AM


All times are GMT -5. The time now is 11:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration