Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I would like to automate the rsync task as a cron job. Since it needs the passphrase I am not able to do the cronjob. I need to specify the passphrase along with the rsync command or I will store the passphrase in a file and I will read from it. My command will look like this:
rsync -aPe "ssh -i ' . $server->{'ssh_key'} . '" ' . $server_lock_dir;
So where do I put the password ?
You don't need to do that - just need to set up a pair of ssh keys and put the public key in the remote system's .ssh directory.
Then you just do this:
rsync -a -e ssh /local/path/ server:/remote/path/
(Note that -e ssh has been the default for quite a few years now, so you can probably omit it, unless you're using a very old version.)
There's a "how to" guide on setting up the keys here.
If you want this to work from cron, you have several possibilities:
setup password-less ssh keys - not very secure
setup password-less ssh keys, but combine them with ssh ForceCommand in the authorized_keys file to limit the commands that can be run with that ssh key. See man sshd, google on "ssh ForceCommand"
setup passworded ssh keys, but combine them with keychain to keep the key in memory between sessions. I've written a blog post on this: ssh, ssh-agent, keychain and cron notes
If you want to copy files remotely:
Make sure you have a public key on your local machine that can log into the remote machine.(in this case the my ssh-key is "/home/myaccount/.ssh/id_rsa"
Specify local folder you want to sync with the remote, in my case "/home/myaccount/mysourcefolder"
Specify the destination folder full path in the remote server, in my case remoteaccount#remoteserver:"/home/remoteaccount/mydestinationfolder/"
Note:
--progress is to show progress for each file being copied
-a to transfer recusively all files in the mysourcefolder
-v for verbosity
-z to compress data portions for small files
My command will look like below:
rsync -avz --progress -e "ssh -i /home/myaccount/.ssh/id_rsa"
/home/myaccount/mysourcefolder
remoteaccount#remoteserver:"/home/remoteaccount/mydestinationfolder/"
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I am trying to SSH to my raspberry pi which is connected under the same router as my computer. It is running the latest version of raspbian lite. I enabled the ssh service on the pi using the command: systemctl enable ssh. However when I try to SSH to my raspberrypi from my personal computer, I get this message:
fahd#Fahd-PC:~$ ssh pi#192.168.1.23
###########################################################
# WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! #
###########################################################
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:***************************************************
Please contact your system administrator.
Add correct host key in /home/fahd/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/fahd/.ssh/known_hosts:1
remove with:
ssh-keygen -f "/home/fahd/.ssh/known_hosts" -R "192.168.1.23"
ECDSA host key for 192.168.1.23 has changed and you have requested strict checking.
Host key verification failed.
fahd#Fahd-PC:~$
And I'm not entirely sure whether this is something real I should be worried about or just me not knowing how to use SSH properly.
For some reason, your terminal has a different key in storage for your Pi. This can be due to several reasons (for example, the ssh package was updated and the SSH host key re-generated on the Pi. Or you changed the IPs on your network. Or you have DHCP and two different clients, and you got the addresses swapped. Or...).
So, it warns you.
Unless you have reasons to believe otherwise, I'd just follow the suggestion:
remove with:
ssh-keygen -f "/home/fahd/.ssh/known_hosts" -R "192.168.1.23"
This communicates inform you that RSA keys on the device has changed it happen when you:
reinstall OS on device
generate new / remove old RSA keys
someone is trying to do MITM attack (very rare in these days)
How to fix it:
Remove saved information about raspberry pi host
sudo vim ~/.ssh/known_hosts
or
sudo vim /etc/ssh/known_hosts
Use ssh-keygen
ssh-keygen -R host_ip
or
ssh-keygen -R host_ip -f path_to_known_hosts
Remove known_hosts
If you have only one host in "known_hosts" file you can just remove it.
sudo rm .ssh/known_hosts
Very often I need to copy a file from a ssh connection. Lets say a mysql dump. what I do is
local $ ssh my_server
server$ mysqldump database >> ~/export.sql
server$ exit
local $ scp myserver:~/export.sql .
I know ssh has a lot of features like ssh-agent, port-forwarding, etc, and I was wondering if there is anyway to execute scp FROM the server to copy to my local computer (without creating another ssh connection).
First of all, this question is off-topic here, so it will be migrated or put on hold early.
Anyway, I described the solution for similar problem here, but it should help you: https://stackoverflow.com/a/33266538/2196426
Summed up, yes it is possible using remote port forwarding:
[local] $ ssh -R 2222:xyz-VirtuaBox:22 remote
[remote]$ scp -P 2222 /home/user/test xyz#localhost:/home/user
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I want to generate a set of keys for a home server that I would like to SSH into, so I do ssh-keygen -t rsa, but then I get a message: id_rsa already exists. Overwrite (y/n)?
Well, I don't want to overwrite because the keys I have now I use to SSH into my university's servers, and it would be a pain to have to do all that junk again every time I wanted to switch. Is there an easy way to append the keys?
I tried following a tutorial (which I cannot find) that suggesting something about using the cat command, but I am pretty lost. It seems like the solution is something very simple that I'm just not seeing.
You can achieve this by using a config file in your home directory under the .ssh directory:
Generate your key as usual:
ssh-keygen -t rsa
Don't overwrite the default (usually id_rsa). Instead, create a new name. This will create a separate file with your key.
In ~/.ssh create a config file with the following content:
Host * (asterisk for all hosts or add specific host)
AddKeysToAgent yes
UseKeychain yes
IdentityFile <key> (e.g. ~/.ssh/yourKey)
The key is now added to the keychain and can be used!
--
You can use multiple IdentityFiles in your config (Mac example):
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa_private_server
IdentityFile ~/.ssh/id_rsa_github
IdentityFile ~/.ssh/id_rsa_work_server
You can use the same public key on both servers. If you don’t want to do that, just specify a different location than ~/.ssh/id_rsa when ssh-keygen prompts you before that, and use it with an agent:
% ssh-agent sh # Replace with your favourite shell.
$ ssh-add ~/.ssh/id_rsa_2
$ ssh somewhere
$ exit
%
ssh-agent can also be used without starting a new shell as eval $(ssh-agent).
I had the same problem as you and I solved it.
In the terminal is:
"Enter file in which to save the key (/home/you/.ssh/id_rsa): "
Instead of hitting Enter or writing /home/you/.ssh/id_rsa, you write /home/you/.ssh/id_rsa1.
If I remember correctly, I fixed this problem by uninstalling Cygwin and using the command line instead.
You could do as minitech suggested and use the same SSH public key on both servers. To do so, open the file ~/.ssh/id_rsa.pub in your text editor, copy the contents of the file exactly without adding any new spaces or newlines, and add this to the server you want to connect to. If your user name on the server is "user" at IP address 123.45.56.78, use the command "ssh-copy-id user#123.45.56.78", or you can use:
cat ~/.ssh/id_rsa.pub | ssh user#123.45.56.78 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there a way to specifically ssh into a particular directory in remote location, specifically using the local ssh config file (not terminal)? Something like Dir option in the paragraph below, for example,
Host remote_dir
Hostname remote_server
User username
Dir path/to/remote_dir/
So, if I, ssh using the Host value from above paragraph,
ssh remote_dir
Then, I would like to be logged in and the terminal to be ready for me at path/to/remote_dir/ of the remote server,
username#remote_server: path/to/remote_dir/ > pwd
/home/username/path/to/remote_dir/
In this post on ServerFault, they say you can't do it all through the ssh config file. But you can do it with the ssh config and your .bash_profile or whatever the terminal nerds call it.
in the ssh config file add
Host dev
Hostname server.com
User joe
then in your .bash_profile add an alias
alias domain1="ssh dev -t 'cd domains/domain1; bash'"
Here the dev refers to what you set up in the config file.
In the Terminal, just type domain1, you will be asked to put in your password and will go straight to the directory. Make a new alias for all your domains and it will make logging in to each one super easy.
Take a look at
https://serverfault.com/questions/167416/change-directory-automatically-on-ssh-login
This is the accepted answer:
LocalCommand isn't what you want, anyway. That's run on your machine. You want RemoteCommand. Something like this worked for me:
Host example.net
RemoteCommand cd / && exec bash --login
RequestTTY yes
(Old answer) For a similar use case, ssh -t is also an option:
ssh server -t "cd /my/remote/directory; bash --login"
It is not the same, as it does not use ssh config. But you can define an alias for the command and end up with a similar effect.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I'm SSHing into a remote server on the command line, and trying to copy a directory onto my local machine with the scp command. However, the remote server returns this "usage" message:
[Stewart:console/ebooks/discostat] jmm% scp -p ./styles/
usage: scp [-1246BCEpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
[-l limit] [-o ssh_option] [-P port] [-S program]
[[user#]host1:]file1 [...] [[user#]host2:]file2
[Stewart:console/ebooks/discostat] jmm%
I'd like to be able to transfer files in both directions. From what I read, I thought the above command would work for downloading, and scp -p [localpath] [remotepath] for uploading?
You need to scp something somewhere. You have scp ./styles/, so you're saying secure copy ./styles/, but not where to copy it to.
Generally, if you want to download, it will go:
# download: remote -> local
scp user#remote_host:remote_file local_file
where local_file might actually be a directory to put the file you're copying in. To upload, it's the opposite:
# upload: local -> remote
scp local_file user#remote_host:remote_file
If you want to copy a whole directory, you will need -r. Think of scp as like cp, except you can specify a file with user#remote_host:file as well as just local files.
Edit: As noted in a comment, if the usernames on the local and remote hosts are the same, then the user can be omitted when specifying a remote file.
If copying to/from your desktop machine, use WinSCP, or if on Linux, Nautilus supports SCP via the Connect To Server option.
scp can only copy files to a machine running sshd, hence you need to run the client software on the remote machine from the one you are running scp on.
If copying on the command line, use:
# copy from local machine to remote machine
scp localfile user#host:/path/to/whereyouwant/thefile
or
# copy from remote machine to local machine
scp user#host:/path/to/remotefile localfile
You need to specify both source and destination, and if you want to copy directories you should look at the -r option.
So to recursively copy /home/user/whatever from remote server to your current directory:
scp -pr user#remoteserver:whatever .
No, you still need to scp [from] [to] whichever way you're copying
The difference is, you need to scp -p server:serverpath localpath