Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
This is my first post to this wonderfull forum!
I really got tired searching and trying to remotely transfer data to group of PCs on a LAN using a shell script to perform passwordless sftp transmission..
I am looking for help from someone that can give me the 1,2,3,.. steps to do it.
My problem is:
I want to make a script (function) that takes file path on current host (i work on) and then loops on 20 PCs that has IPs from 10.10.13.1 through 10.10.13.20 and copy that file to the "user" homes.
First you will need to create the public private keys, on your machine type:
ssh-keygen -t rsa
When prompted for a password, just press return. This is insecure in that if anyone finds your private key, they can masquerade as yourself;however, this is better than rsh--just take care to keep your machine physically secure.
The above operation created two files, one private key and one public. Copy the .pub file to your ~.ssh directory on the destination PC's ,but name it authorized_keys, with the permissions of 660. The authorized_keys file can hold any number of keys, so if you want to add keys (say from another server, you can append the public key file to the authorized_keys.
Once you have the authorized_keys file, you will be able to ssh, scp, sftp from your machine to the other without as password. If you are still prompted for a password, it is because the permission on the .ssh directory and files are wrong. Check the permissions on the .ssh directory you created on your machine when you ran the ssh-keygen program. Make sure the destination pc's .ssh directory as the same permissions--660, etc
Now, all this does, is get you from your HOME directory on your machine to your HOME directory on the other machine. To access the other users home directories you will either need to lower their permissions, or do something like sftp username@remotepc. If you use that syntax, then you will need to setup the public key arrangement for each of the users you intend to copy to.
I tried your steps, but it still prompts for a password. I have set the permissions on the authorized_keys file to 660.
Here's what I get in debug mode.
Code:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
Is there something I need to do on the destination server to allow public keys?
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986
Rep:
You have the right idea about SSH keys.
On PC A:
Code:
1) create public/private keys
ssh-keygen -t rsa
2) mv .ssh/id_rsa.pub .ssh/authorized_keys
3) scp .ssh/authorized_keys -e ssh 10.10.13.1:/ssh_username/.ssh/
(repeat until you have all 10.10.13.1 - 10.10.13.20)
By default, at least from my experience, the permissions of the key files are created securely for you, such as 600 or 644 for the respective files.
you may have to edit your /etc/ssh/sshd_config file to enable the key_file to be authorized_keys. By default, I believe, it already is authorized_keys although I have seen some say the default is authorized_keys2
Now all you have to do is sftp 10.10.13.1-20 and it will go right in without asking for any password.
Ok, thats what I did. Actually, I did a copy and paste from two terminal windows: copied the text from id_rsa.pub on source PC to the authorized_keys on destination PC. When I ssh from source to destination, I am still asked for a password.
Now, I do notice that the end of the public key it contains the username@hostname.com information. Does the source PC have to be a DNS entry before the destination will allow it to go through? The source hostname is not in the DNS server.
Is it something in the default sshd config of Slackware 10.2 that causes this?
Ok, I think it is something with Slackware. If I do these steps between two redhad based boxes, it works fine without issue. Is there some configuration setting I'm missing? I've made the sshd_config files the same between both the Slackware and redhat systems, and still Slack doesnt allow the keys to work...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.