When I execute this command below:
scp -P 36000 hdfs#192.168.0.114:~/tmp.txt SOQ_log.txt
I get an error:
command-line: line 0: Bad configuration option: PermitLocalCommand
Does anyone know why?
scp runs a copy of the ssh program to create the communications channel, and it runs ssh with the options:
-oForwardAgent=no -oPermitLocalCommand=no -oClearAllForwardings=yes
So that explains where the "PermitLocalCommand" option is coming from in the first place. I'll add that sftp uses the same options to run ssh, so it'll probably display the same behavior.
"PermitLocalCommand" is normally a valid ssh configuration option. If your copy of ssh is complaining about it, then it seems that your copy of ssh isn't the normal copy of ssh that goes with your copy of scp.
This serverfault question suggests that the error could be due to someone installing a malware version of ssh (ie, a rootkit) on your system. This forum thread also suggests that the problem is due to having an altered version of ssh, which was fixed by removing and reinstalling the OpenSSH client utilities.
An alternate explanation would be that someone--maybe your Linux distro maintainer--has installed a version of ssh on your system with that option removed, and you're using it unawares. Or you have a very old version of the ssh program for some reason, which doesn't support the option.
My system is CentOs 5.9
I'm facing the same problem, I found it to be due to this configuration line in /etc/ssh/sshd_config:
# override default of no subsystems
Subsystem sftp /opt/libexec/sftp-server
But I cannot run /opt/libexec/sftp-server, it is broken for some reason
now it is solved by reinstall the remote openssh-server:
yum erase openssh-server
yum install openssh-server
now the changes to
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
and /usr/libexec/openssh/sftp-server is runnable
don't forget to execute:
/etc/init.d/sshd restart
Sometimes command cannot parse this kind of stuff
:~/
Id change it to the full path.
Related
I'm trying to add a build step in jenkins to copy files from my build server to my web application server. I've got the following command working in the command prompt
sudo scp -r /var/lib/jenkins/workspace/demoproj/publish root#0.0.0.0:/usr/temp
but when I run this command, it prompts me for a password every time. I found out about sshpass, but when I run this command...
sudo sshpass -p "passwordhere" scp -r /var/lib/jenkins/workspace/demoproj/pub root#0.0.0.0:/usr/temp
the terminal gets stuck. And never makes it through.
My main problem is if I add the first command to a build step in jenkins, it won't be able to pass the password over. How can I either supply the password in jenkins, or modify the command to pass over my credentials?
Helpful information: I'm using Putty on Windows 10 to connect to my
Ubuntu 16.04.3 LTS x64 servers from another Ubuntu 16.04.3 server.
First, sshpass needs to be installed on both the systems that is, the one running your jenkins instance as well as the one you are trying to access that is: root#0.0.0.0. You can verify it by doing 'which sshpass' or 'whereis sshpass'. If its not installed even in one of them then you need to install it first.
Also, Have you ever tried doing a ssh to the said machine: root#0.0.0.0 from the system where you have your jenkins instance? If not then there might not be an entry in the 'known-hosts' of either system. for that you can do ssh with '-o StrictHostKeyChecking=no' option to make an automatic entry in known-hosts.
Alternatively, if you dont want to enter password again and again you should work with 'keys'. Generate a unique key for both the systems and do an scp or ssh with -i option.
You should use jenkins credentials instead of using sensitive passwords directly into the scripts. Put the whole scp or ssh part inside a block which looks like: withCredentials(){}.
What's the point of having CI if you are required to be nearby to enter password every time? Install "publish over ssh" plugin, it has a step to send stuff over ssh.
https://wiki.jenkins.io/display/JENKINS/Publish+Over+SSH+Plugin
Look at "Use SSH during a build" section, you can use "send files or execute commands over SSH" build step. This shall become available after plugin installation.
I'm currently trying to get Vagrant to provision a working CentoOS7 image on Windows10, using Hyper-V. Vagrant 1.8.4, current latest.
I envcounter a problem where the provisioning fails and I need to workaround each time. The CentOS7 image is a minimal image and does not include cifs-utils, therefore the mount wont work. So, I need cifs-utils installed before mount.
Error:
==> default: Mounting SMB shared folders...
default: C:/Programs/vagrant_stuff/centos7 => /vagrant
Failed to mount folders in Linux guest. This is usually because
the "vboxsf" file system is not available. Please verify that
the guest additions are properly installed in the guest and
can work properly. The command attempted was:
mount -t cifs -o uid=`id -u vagrant`,gid=`getent group vagrant | cut -d: -f3`,sec=ntlm,credentials=/etc/smb_creds_4d99b2
d500a1bcb656d5a1c481a47191 //192.168.137.1/4d99b2d500a1bcb656d5a1c481a47191 /vagrant
mount -t cifs -o uid=`id -u vagrant`,gid=`id -g vagrant`,sec=ntlm,credentials=/etc/smb_creds_4d99b2d500a1bcb656d5a1c481a
47191 //192.168.137.1/4d99b2d500a1bcb656d5a1c481a47191 /vagrant
The error output from the last command was:
mount: wrong fs type, bad option, bad superblock on //192.168.137.1/4d99b2d500a1bcb656d5a1c481a47191,
missing codepage or helper program, or other error
(for several filesystems (e.g. nfs, cifs) you might
need a /sbin/mount.<type> helper program)
In some cases useful info is found in syslog - try
dmesg | tail or so.
As it is now, the provisioning has to fail, and I need to:
vagrant ssh (powershell)
(connect to instance via putty/ssh)
sudo yum install cifs-utils -y (putty/ssh)
(wait for install...)
exit (putty/ssh)
vagrant reload --provision (powershell)
This is obviously a pain and I am trying to streamline the process.
Does anyone know a better way?
You can install the missing package in your box and repackage this box so you can distribute a new version of this box containing the missing package.
In order to provision a vagrant box you need to create it from an iso. While preparing the box you can install all needed packages for you. In your case it is Hyper-v - https://www.vagrantup.com/docs/hyperv/boxes.html
Best Regards
Apparently my original question was downvoted for some reason. #whatever
As I mentioned in one of the comments above:
I managed to repackage and upload an updated version. Thanks for the advice. Its available in Atlas as "KptnKMan/bluefhypervalphacentos7repack".
Special thanks to #frédéric-henri :)
I want to connect windows server 2003 remotely from red hat Linux client. I know that Linux has SSH but windows doesn't have. So is there any way.
sure
just install cygwin on your win machine and enable SSH (in the installer include ssh packages)
http://www.cygwin.com/
after that you can ssh to the win machine from your Linux machine.
enjoy
I've written a little reminder for myself about installing sshd on Cygwin.
Please see Cygwin install and sshd install.
First install cygwin.
See cygwin.com. Follow the installation instructions. I recommend the following options:
Install from Internet
All Users
Use IE5 Settings
Select a mirror near you (if you can find out where they are!)
Make sure to Select Packages below (among others) besides the Base packages:
cygrunsrv
openssh
You can export the Windows user list to Cygwin.
$ cp /etc/passwd /etc/passwd.old # backup for safety
$ mkpasswd > /etc/passwd
Start sshd
Next, start the Secure Shell Daemon (sshd) service on Windows
This will allow users on remote computers to log in to your box, get an interactive shell and do whatever they want. Or rather whatever you allow them to do. Remember?
There is a nice guide with a lot of troubleshooting info here.
In a nutshell. Start a Cygwin Shell window.
$ ssh-host-config -y
When prompted for “CYGWIN=”, type “tty ntsec”.
I do not allow login by password, only the public-key method. See below. So change the related line in /etc/sshd_config like this:
PubkeyAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
Finally start the service:
$ cygrunsrv --start sshd
Administering users with public-key authentication
foo wants to log in remotely to your box’s bar account.
He sends you his public RSA key id_rsa.pub in any way, email, pen-drive, whatever YOU trust.
If you find foo worthy, you authorize his key, and from then he will be able to log in to your bar account via ssh without typing bar’s password:
$ cat id_rsa.pub >> /home/bar/.ssh/authorized_keys
Does anyone one know how get SVN to log the details of the ssh connection when operating through an ssh connection?
When I can't connect svn always gives me:
To better debug SSH connection problems, remove the -q option from 'ssh' in the [tunnels] section of your Subversion configuration file.
I've looked in the [tunnels] section of the config and nothing is currently enabled. It seems like you can specify how ssh gets called and I tried specifying a -v to ssh through this method but it seemed to have no effect. What I really want is -v output for ssh when SVN tries to connect. Although any additional logging would be good.
How do I get verbose ssh logging through SVN?
I am using SVN at the command line on linux.
If you are using *nix like systems or cygwin on windows, you can try with this method:
$ export SVN_SSH="ssh -v "
$ svn checkout svn+ssh://xyz
I just had the same issue. As described here, removing ~/.ssh/known_hosts resolved it for me.
Installed msysGit, wrote the code to start ssh-agent in .profile, everything worked.
Installed cygwin, without Git, just ssh and cURL.
SSH Agent no longer starting when Git bash opens.
I can start a new ssh-agent process instance, I see it when running ps in the Git bash, but when trying to use ssh-add, I get this error:
Could not open a connection to your authentication agent.
With cygwin, lots of .profile and .bashrc files were created in it's install folder (C:\cygwin). Not sure if this is the issue.
How can I fix this, please?
Take a look at my answer posted here for the ssh-add issue. Hopefully, this solution should work in your scenario too.