is there something wrong with this scp command ?
scp -C -i ./remoteServerKey.ppk -r /var/www/* root#192.168.0.15:/var/www
I use the same .ppk as in putty and enter the same passphrase, but it asks me 3 times and than says connection denied. I thought I used it before and it worked, but it isn´t atm.
If it is wrong, how should I do it ?
or you can also do ( for pem file )
scp -r -i file.pem user#192.10.10.10:/home/backup /home/user/Desktop/
Covert .ppk to id_rsa using tool PuttyGen, (http://mydailyfindingsit.blogspot.in/2015/08/create-keys-for-your-linux-machine.html) and
scp -C -i ./id_rsa -r /var/www/* root#192.168.0.15:/var/www
it should work !
Putty doesn't use openssh key files - there is a utility in putty suite to convert them.
edit: it is called puttygen
The command looks quite fine. Could you try to run -v (verbose mode) and then we can figure out what it is wrong on the authentication?
Also as mention in the other answer, maybe could be this issue - that you need to convert the keys (answered already here): How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux) OR http://winscp.net/eng/docs/ui_puttygen (depending what you need)
Related
I want to verify that my SSH key in github matches the local file on my computer.
The github key seems to be SHA256, encoded in base64, but my local key, encoded with this command doesn't seem to match it.
$ cat ~/.ssh/github.pub | sha256sum | base64
Is there a better way to achieve what I'm trying to do?
An SSH public key in OpenSSH format contains two or three parts, separated by spaces:
The algorithm name.
A base64-encoded SSH public key in protocol format.
An optional comment.
The fingerprint of an SSH key is the base64-encoded SHA-256 hash of the raw public key (that is, without the base64 encoding). You can script this, but fortunately, there's an easy way to find it out using ssh-keygen:
$ ssh-keygen -l -f ~/.ssh/id_ed25519.pub
You can change the file name for the public key to the appropriate one on your system. On my system, the output looks like this:
256 SHA256:E59Xzh/fsZKkCEL46kTLbPFGXyIodA+ntsQL0JWmq9Y bmc#camp (ED25519)
The fingerprint is the second piece.
A simple way to test that they match is by authenticating by ssh in the command line.
After setting up your ssh-key, type:
ssh -T git#github.com
https://docs.github.com/en/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection
This one will use only the key supplied in -i for auth:
ssh -i ~/.ssh/github -o IdentityAgent=none -T git#github.com
I can SSH into the EC2 instance:
ssh -i "my_key.pem" ec2-user#my-public-ip
However, scp doesn't work:
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
Permission denied (publickey).
lost connection
I've also tried using public instance DNS, but nothing changes.
Any idea why is this happening and how to solve it?
The only way for this to happen is the private key mykey.pem is not found in the current directory. It is possible you tried ssh from a directory different than scp.
Try the following with full path to your key:
scp -r –i /path/to/my_key.pem ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
If it fails, post the output with -v option. It will tell you exactly where the problem is
scp -v -r –i /path/to/my_key.pem ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
I am bit late but this might be help full to someone.
Do not use the /home/ec2-user. Rather directly use the file name or folder name
E.g. the following command will put your my_file at the home folder (i.e. /home/ec2-user)
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:my_file
Or Say if you have a folder at /home/ect-user/my_data
Then use the following command to copy your file to the folder
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:my_data
Stupidly late addendum:
To avoid specifying the private key every time, just add to the .ssh/config file (create it if not already there) the following (without comments):
Host testserver // a memorable alias
Hostname 12.34.56.67 // your server ip
User ec2-user // user to connect
IdentityFile /path/to/key.pem // path to the private key
PasswordAuthentication no
Then a simple ssh testserver should work from anywhere (and consequently your scp too).
I use it to connect with Vim via scp using:
vim scp://testserver/relative/file/path
or
vim scp://testserver//absolute/file/path
and
vim scp://testserver/relative/dir/path/ (note the trailing slash)
to respectively edit files and browse folders directly from local (thus using my precious .vimrc <3 configuration).
Solution found here
Hope this helps! :)
I was facing this issue today and found solution for me (not elegant but one which worked). - this solution is good if you want to download something once and rollback all settings afterwards.
Solution:
When I specified -v option while using scp I noticed the certificate is being denied for some reason so I went to /etc/ssh/sshd_config and set PasswordAuthentication yes. Then I used systemctl restart sshd.
After this procedure I went to my local machine and used:
scp -v -r myname#VPC:/home/{user}/filename.txt path/on/local/machine
provided PWD and file transmission has been successful.
Hope this helps to someone :)
I can't believe I stuck there.
I would like to put only newer files in a bash ftp script.
Just like filezilla does:
I know it is possible with winscp, but I cannot believe this doesn't exist within the linux ftp command line tool.
Important Note: I can't SSH the server, so please don't suggest rsync.
As #fvu suggested, I finally sorted this out with lftp:
lftp -u <username>,<password> <host> << EOS
set ssl:verify-certificate no
set ftp:ssl-allow no
set ftp:ssl-protect-list no
mirror -R --only-newer --parallel=10 <localfolder> <remotefolder>
quit
EOS
I have tried put -r directory/*, which only uploaded the files and not folders. Gave me the error, cannot Couldn't canonicalise.
Any help would be greatly appreciated.
For people actually wanting a direct answer to this question (instead of being told to use something other than sftp)...
put -r local/path/to/directoryName
The uploaded directory must already exist in the working directory on the server, so you might need to create it first.
mkdir directoryName
Here you can find detailed explanation as how to copy a directory using scp. In your case, it would be something like:
$ scp -r foo your_username#remotehost.edu:/some/remote/directory/bar
This will copy the directory "foo" from the local host to a remote host's directory "bar".
Here -r is -recursively copy entire directories.
You can also use rcp with similar syntax. The only difference between them is that scp uses secure shell and rcp uses remote shell.
BTW The "Couldn't canonicalise" error you mentioned appear when sftp server is unable to access the file/directory mentioned in the command.
UPDATE: For users who want to use put specifically, please refer to Ben Thielker answer here.
sftp> mkdir source
sftp> put -r source
Uploading source/ to /home/myself/source
Entering source/
source/file1
source/file2
if you have issues using sftp, you can use ncftp
For centos
yum install ncftp
To copy a whole directory recursively
ncftpput -R -v -u username -P 21 ftp.server.dev /remote-path/ /localdirectory
Use scp instead. It uses SSH too and can easily handle recursion.
I have created lately in Windows ssh key - so I have .ppk file. Converted it also to openssh.
In windows I have been using tortoise with pageant to connect to svn+ssh server. Now I want to switch to linux. How can I connect to svn+ssh with this key .ppk or opessh file. I would like to use PagaVCS or RabbitVCS but it keeps asking me for login and password which obviously I don't have because I have only this openssh or .ppk file. Anyone could help??
Use puttygen to convert the key to openssh format. It is for example described here: http://leadingedgescripts.co.uk/server-administration/how-to-convert-your-putty-ppk-private-key-to-a-normal-ssh-key-you-can-use-on-an-apple-mac/
Unfortunately no experience with either Rabbit or the other one. In *nix environment I would create $HOME/.ssh/config and write something like that:
Host host
User user
IdentityFile /path/to/your/key
And then use svn+ssh://host/directory (ssh then takes configuration information from the .ssh/config file). Maybe something like can be done with one of the VCS's?
As last (or first in my case) resort I'd use cygwin or mingw and configure ssh access there - and then configure the tools to use ssh coming from these packages.
Puttygen exports private keys DES encoded, which causes some software (e.g. OpenSSH on Ubuntu) to silently ignore the key and prompt for password.
To use PuTTY .ppk key in linux OpenSSH, first export the key:
Start puttygen
File -> Loadprivate key
Conversions -> Export OpenSSH key (private.key in this example)
Now, on the linux machine, re-encrypt the key using passphrase change command:
ssh-keygen -pf private.key
Enter the same passphrase 3 times (old, new, new) to actually not change it.
Now you can check the key file that DEK-Info: changed from something like DES-EDE3-CBC,F1785C4B846C781F to AES-128-CBC,916627D6328608175FA4545928372EA3.
The client application should not promt you for password anymore.
I am sure the answer for this was online but I can't seem to find it anywhere any more so here it is from beginning to end including the conversion you say you've done:
Open puttygen on Windows.
Load your private key (name.ppk) using the passphrase if needed.
Go to 'Conversions' -> 'Export OpenSSH Key' and save it as (I'll assume you called it 'fileName').
Copy this key into your home directory on Linux.
Open a terminal and move it to the .ssh directory with the command 'mv fileName .ssh/' (~/.ssh is hidden in the gui but it's there).
Navigate to the .ssh dir with 'cd .ssh'
Cat the file into a new file called id_rsa with the command 'cat fileName > id_rsa'.
Change the permissions on id_rsa to 600 with the command 'chmod 600 id_rsa'.
Finally make sure the .ssh directory has its permissions set to 700 'cd ..' to drop to the home directory and 'chmod 700 .ssh' to set permissions.
This should do it.
There must be better info out there but this link has some stuff you might find interesting, particularly the bit about permission http://www.lamolabs.org/blog/6241/one-liner-working-with-ssh-keygen-ssh-key-pair-files/