I'm using the scp command like this:

scp -p root@ip_address:/u/backups/bkup1* ./

...but it prompts for a password.

The man page shows a reference to an identity file that can be used with the -i option. How do I create an identify file?

Or is there a better way to create an automated copy between two servers?

I want to do this every night at 1 AM, so I want to setup something to cron. Any ideas are welcomed.


Thanks,
Danny

you can set up a SSh key between the 2 servers.

http://www.linuxquestions.org/linux/...ation_with_ssh

Hey, the best bet for this is to set up a public/private key set for the deal. If you keep the private key on the originator and the public key on the target machine you can do the copy without a password (the keys will validate the login).

I would highly recommend the OReilly Linux Server Hacks book for the details. The section on SSH is well worth the time if you are moving files (or yourself) around between servers. In just a few pages it can totally change the way you run around inside you own machines.

Good Luck!

Edit the sshd_config file so that the server uses public key authentication rather than password authentication. Then add your public key to the authorized_keys file on the server. This is explained in the sshd_config man page and the comments of the sshd_config file. Consider adding a "from=" option to your entry in the authorized_keys file. The info for this is in the sshd man page.

If possible, try to log as a different user. For example, create a regular user for backup purposes (lets say buser) and save the backups in that users home directory instead of in /root.
The cron job can still be run as root on the local machine. Simply use a command like "scp -p buser@ip_address:/u/backups/bkup1* ./" instead.

The root account is a known entity. If you can disable root ssh logins you will be much safer.

Also, saving the files to /home/buser or another directory where buser has write access instead of /root. Remember that the ext3 and other filesystems reserve a percentage of drive space on the filesystem for the root user. That way if the drive is full (to normal users), the root user still has some wiggle room to work and remedy the problem. The /root directory is usually on the root (/) partition. If that fills up it could cause more problems than if the /home or /var/ partition filled up (asuming they are on their own partitions).

Regarding the book, OReilly Linux Server Hacks:
Do you mean this one?
http://www.amazon.com/Linux-Server-H...3818449&sr=1-8

Will this create a problem if I try to access when an SSH session from my Windows PC?

I mean, won't I need the public key installed on my Windows PC for it to work?


Thanks,
Danny

If you use putty, there is a keygen.exe program that you can use to load in your private key (*.ppk). Load in your key and near the top of the window, the public key is displayed. You can highlight and copy this key, which is compatible with openssh's authorized_keys file. The putty keygen program even points this out.

You can use a keypair like mentioned above, or use Expect. Which automates prompts.

yep, that's the book. $20 bucks and it has saved my butt more than once.

Where do I get this keygen.exe? I tried to Google it, but I see a lot of hits that say it is a trojan.

spellinator,

you are looking for the wrong command. You should be looking for ssh-keygen to create a private/public key. You can easily create the key as follow:

1. ssh-keygen -t rsa
a. (select default unless you want to use passphase)
b. this will create 2 files in /home/userid/.ssh directory (id_rsa & id_rsa.pub)
c. cd /home/userid/.ssh
2. scp id_rsa.pub userid@server:.ssh/authorized_keys
3. repeat step 1 and 2 to all other servers

This will let you ssh and scp between server without password.

John

cojo:

I guess it's not really a good idea to just replace the authorized_key file with the public key. I prefer to use ssh-copy-id instead.