HPE Community
Operating System - HP-UX
1821980 Members
3080 Online
109638 Solutions
New Discussion юеВ

Using scp in a script without inputing passwords

 
Jeff Daigle
Advisor

тАО12-14-2001 09:27 AM

тАО12-14-2001 09:27 AM

Using scp in a script without inputing passwords

Hello,
I am trying to use scp (secure copy) to move files from one server to another. However, I don't want to have to input a password each time because I want to run scp in a script. I followed these steps so I don't have to input a password each time:
1. ssh-agent /bin/sh (substitute the name of your favorite command shell)
2. ssh-add, and then type your SSH passphrase
3. ssh machine-name

...but this only lasts until I end the session. Is there a way to set this up, so a script can run daily without the need of a password? Thanks, Jeff
0 Kudos
Reply
5 REPLIES 5
Jeff Machols
Esteemed Contributor

тАО12-14-2001 09:32 AM

тАО12-14-2001 09:32 AM

Re: Using scp in a script without inputing passwords

you are probably going to have to download the expect program, in there is a program called autopasswd that you can modify to fit ssh-add instead of passwd
0 Kudos
Reply
Jeff Daigle
Advisor

тАО12-14-2001 10:03 AM

тАО12-14-2001 10:03 AM

Re: Using scp in a script without inputing passwords

Is there any way to have the script read in the password or to store it somewhere, so ssh does not need it entered each time?

Thanks for any help,
Jeff
0 Kudos
Reply
Jeff Machols
Esteemed Contributor

тАО12-14-2001 10:06 AM

тАО12-14-2001 10:06 AM

Re: Using scp in a script without inputing passwords

if you get expect, you can have the script send the password so it can be automated
0 Kudos
Reply
Roger Baptiste
Honored Contributor

тАО12-14-2001 10:14 AM

тАО12-14-2001 10:14 AM

Re: Using scp in a script without inputing passwords

Jeff,

I had ran into the same problem few months back and the solution i came up with was , using the following wrapper script:

The key thing to note in the below script is the way i am calling the ssh-agent2 in the shell line itself!
****
#!/usr/local/bin/ssh-agent2 /bin/ksh
echo $1 >/tmp/scp_wrapper.log 2>&1

/usr/local/bin/ssh-add2 /home/userid/.ssh2/id_dsa_1024_a
/usr/local/bin/scp $* > /home/userid/scp.log 2>&1
***

And then calling this wrapper script through a master script using the command:

su - userid -c "$SOURCE_DIR/scp_wrapper.ksh $SOURCE_DIR/$TARFILE userid@$REMOTE_HOST:$REMOTE_DIR"

(Here i am copying a tar file across to another system)

Ofcourse, all this is assuming you have already setup the keys and running the sshd daemons on both the boxes.

HTh
raj
Take it easy.
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

тАО12-17-2001 04:39 PM

тАО12-17-2001 04:39 PM

Re: Using scp in a script without inputing passwords

Hi,

To run scp without a password, you should make use of trusting of public keys.

I have been using scp in my cron job to propagate configuration files to a backup server at periodic intervals.

Below configuration pertains to what I have implemented for my environment based on SSH2 protocol, using opensource SSH Communication implementation. The last version I know is ssh-3.0.1 for this implementation.

On your CLIENT:
==============

1) Login to your user account, then run ssh-keygen to generate the public key on the client user@machine you are scp'ing from.

user> ssh-keygen

ssh-keygen will create a .ssh2 directory and store your public key into a file (default filename id_dsa_1024_a.pub) and your private key into a file (default filename id_dsa_1024_a).

2) In your identification file, insert the Identification Key reference.

client_user> cd $HOME/.ssh2
client_user> vi identification

IdKey id_dsa_1024_a

3) Copy your public key (id_dsa_1024_a.pub) to the server (into the .ssh2 directory) which you are scp'ing to.

On your SERVER:
==============

1) Create the .ssh2 directory. Alternatively, also run ssh-keygen if you want to use this server_user account to scp to another server2_user account.

server_user> cd $HOME
server_user> mkdir .ssh2
server_user> chmod 700 .ssh2

2) In the authorization file, insert your public key reference.

server_user> cd .ssh2
server_user> vi authorization

Key id_dsa_1024_a.pub

Initialization:
==============

1) During your first scp, it may prompt you whether you would like to save the host key because if it is the first time you are scp'ing from this client to that server.

2) Note that your /etc/ssh2/sshd2_config on your server must allow for publickey authentication method.

3) Subsequently your scp should work based on automatic public key authentication, rather than interactive password mode.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.