Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Sending files via scp is failing

  1. #1

    Default Sending files via scp is failing

    I have the following command in a script that is run via cron...

    Code:
    scp -2 -4 -B /root/backups/* xxxxx@ch-s011.rsync.net:VPS02/
    If i run it from the terminal (as root) without the -B flag it runs fine.

    If i run it in a script via root's crontab, with the -B flag, it errors with the following...

    Code:
    Permission denied (publickey,keyboard-interactive).
    lost connection

  2. #2
    Join Date
    Jun 2008
    Posts
    232

    Default

    I'd suggest 'scp -v' on both and compare the output to narrow down the search area.

    [edit]
    Do you even need the '-B' option, since I'm guessing you're using passwordless key auth anyways?
    Try the cron one without -B
    Last edited by chriss; 07-09-2009 at 08:41 PM. Reason: coz I can.

  3. #3

    Default

    I need the -B or it'll just hang waiting for the password.

  4. #4
    Join Date
    Jun 2008
    Posts
    232

    Default

    Ok, so how does cron get and send this password?

  5. #5

    Default

    It doesn't - i didn't think it would need one seeing as it is running as root.

  6. #6
    Join Date
    Jun 2008
    Posts
    232

    Default

    In this instance, root is the local user, but the scp password being required is either:
    a.) for the user xxxxx@ch-s011.rsync.net (the remote end)
    b.) for the passphrase to root's keyfile (local end)

    depending on how you've set up your ssh authentication.

    When you run it as root from the terminal, it still asks you for the password, doesn't it?

  7. #7

    Default

    Quote Originally Posted by chriss View Post
    When you run it as root from the terminal, it still asks you for the password, doesn't it?
    Yes it does.

  8. #8
    Join Date
    Jun 2008
    Posts
    232

    Default

    I think you'll find this useful: Password-less logins with OpenSSH

  9. #9

    Default

    Followed those instructions and now it connects, but doesnt prompt for password at all.

    This is perfect for what I want, but how secure is this?

  10. #10
    Join Date
    Jun 2008
    Posts
    232

    Default

    Quote Originally Posted by davepusey View Post
    This is perfect for what I want, but how secure is this?
    I think the article comments say it all.

    It's a toss up between security and convenience.

    It depends a lot on how you use it. If you use it for the one purpose only, then only that one purpose is potentially insecure.

    I understand that there are other ways to achieve the same objective (ssh-agent ?) but the principles are still the same, even though the implementation may be different.

    I think it's really hard to achieve automation and security without having to hand off your password or store it in some way.

    It's up to you to weigh up the risks vs. the benefits and decide if it's what you really want.

    There's that old adage that the only secure computer is one that's powered off, completely disconnected and stored in the vault. But how useful is it?

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •