HPE Community
Operating System - Linux
1826440 Members
3988 Online
109692 Solutions
New Discussion

Is auto-scp or auto-sftp possible?

 
zhaogui
Super Advisor

‎04-14-2003 06:19 PM

‎04-14-2003 06:19 PM

Is auto-scp or auto-sftp possible?

Anybody has experienced this problem? I know for auto-ftp, I can create .netrc, how about ftp under secure shell environment?

Thanks in advance,
0 Kudos
Reply
2 REPLIES 2
Jerome Henry
Honored Contributor

‎04-15-2003 01:51 AM

‎04-15-2003 01:51 AM

Re: Is auto-scp or auto-sftp possible?

Definitely !
Adding an authentification in $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or /etc/shosts.equiv, and allowing RSA based auth on the first time will let you do it.
Have a read on man ssh for further details, knowing that scp and sftp rely on ssh, therefore use the same ruling bases.
Hope it helps
You can lean only on what resists you...
0 Kudos
Reply
Bill Douglass
Esteemed Contributor

‎04-15-2003 06:29 AM

‎04-15-2003 06:29 AM

Re: Is auto-scp or auto-sftp possible?

Both scp and sftp support public/private key authentication.

Tyhe basic steps are:

1) Use ssh-keygen to create a public/private key pair in you ~/.ssh directory (for RSA keys, they are id_rsa and id_rsa.pub, respectively).

ssh-keygen -t rsa

(hit enter when prompted for a passphrase)

2) Copy the public key file to the remote host, as ~/.ssh/authorized_keys.

scp ~/.ssh/id_rsa.pub remotehost:.ssh/authorized_keys
(create the .ssh directory in your home directory on remotehost, if one is not already created)

When you run ssh, scp or sftp, your local host will authenticate with the remote host using the key pairs, by-passing the password prompting.


As an added level of security, you can specify a passphrase when generating your private/public key pair. This will encrypt your private key, so if it gets stolen it will be of no value unless the theif knows the passphrase used to encrypt/decrypt it. If you do this, then you need to set up an ssh-agent to automatically decrypt your passphrase on your local machine:

1) ssh-agent > .ssh-agent
2) . ./.ssh-agent
3) ssh-add

1) starts an ssh-agent on your local machine and saves the environment variables in a file called .ssh-agent

2) sources the environment variables into your current shell, so ssh will know how to contact the ssh-agent

3) ssh-add will prompt you fopr the passphrase you used to encrypt your private key, and load it into ssh-agent.

From then on, ssh-agent will provide your private key (unencrypted) whenever you make an ssh connection to remotehost.

You will need to repeat steps 2 and 3 for each new shell you start up. Step one is good until you restart your local machine.

See the ssh, ssh-keygen, ssh-agent and ssh-add man pages for more specifics, and
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.