I have created lately in Windows ssh key - so I have .ppk file. Converted it also to openssh.
In windows I have been using tortoise with pageant to connect to svn+ssh server. Now I want to switch to linux. How can I connect to svn+ssh with this key .ppk or opessh file. I would like to use PagaVCS or RabbitVCS but it keeps asking me for login and password which obviously I don't have because I have only this openssh or .ppk file. Anyone could help??
Use puttygen to convert the key to openssh format. It is for example described here: http://leadingedgescripts.co.uk/server-administration/how-to-convert-your-putty-ppk-private-key-to-a-normal-ssh-key-you-can-use-on-an-apple-mac/
Unfortunately no experience with either Rabbit or the other one. In *nix environment I would create $HOME/.ssh/config and write something like that:
Host host
User user
IdentityFile /path/to/your/key
And then use svn+ssh://host/directory (ssh then takes configuration information from the .ssh/config file). Maybe something like can be done with one of the VCS's?
As last (or first in my case) resort I'd use cygwin or mingw and configure ssh access there - and then configure the tools to use ssh coming from these packages.
Puttygen exports private keys DES encoded, which causes some software (e.g. OpenSSH on Ubuntu) to silently ignore the key and prompt for password.
To use PuTTY .ppk key in linux OpenSSH, first export the key:
Start puttygen
File -> Loadprivate key
Conversions -> Export OpenSSH key (private.key in this example)
Now, on the linux machine, re-encrypt the key using passphrase change command:
ssh-keygen -pf private.key
Enter the same passphrase 3 times (old, new, new) to actually not change it.
Now you can check the key file that DEK-Info: changed from something like DES-EDE3-CBC,F1785C4B846C781F to AES-128-CBC,916627D6328608175FA4545928372EA3.
The client application should not promt you for password anymore.
I am sure the answer for this was online but I can't seem to find it anywhere any more so here it is from beginning to end including the conversion you say you've done:
Open puttygen on Windows.
Load your private key (name.ppk) using the passphrase if needed.
Go to 'Conversions' -> 'Export OpenSSH Key' and save it as (I'll assume you called it 'fileName').
Copy this key into your home directory on Linux.
Open a terminal and move it to the .ssh directory with the command 'mv fileName .ssh/' (~/.ssh is hidden in the gui but it's there).
Navigate to the .ssh dir with 'cd .ssh'
Cat the file into a new file called id_rsa with the command 'cat fileName > id_rsa'.
Change the permissions on id_rsa to 600 with the command 'chmod 600 id_rsa'.
Finally make sure the .ssh directory has its permissions set to 700 'cd ..' to drop to the home directory and 'chmod 700 .ssh' to set permissions.
This should do it.
There must be better info out there but this link has some stuff you might find interesting, particularly the bit about permission http://www.lamolabs.org/blog/6241/one-liner-working-with-ssh-keygen-ssh-key-pair-files/
Related
Consider you have a workstation, connect this to a remote server and edit some files in it like
workstation $ ssh sarah#192.0.0.100 # Log into the remote server
Password: MyPassw0rd!
server $ ls /home/sarah/recipes/ # Files you want to edit
applePie.txt bananaCake.txt
server $ vi /home/sarah/recipes/ # Open this directory and edit the files in it
...
:x
server $ logout # Log out and come back to the workstation
Now you want to use Vim/Neovim on your own workstation.
workstation $ vim scp://sarah#192.0.0.100://home/sarah/recipes/
sarah#192.0.0.100's password: MyPassw0rd!
The problem is every time you open files in this server you have to type the same password again. Is there any way to keep this SSH session alive while Vim/Neovim is editing files in the same remote server?
Netrw, which is the tool that handles loading and saving remote files, only prompts for passwords for FTP accounts. The prompt you're seeing is actually from scp, which, as part of OpenSSH, will only prompt for passwords from a TTY.
Because you're entering your password directly into scp and the scp process that's invoked doesn't live more than ephemerally, there's no way to cache your password. Even if Netrw did prompt for your password, scp doesn't provide a way to read passwords noninteractively, so Netrw couldn't cache it and pass it on.
You'll need to use SSH keys if you don't want to enter a password every time. To ease the setup burden, you can use ssh-copy-id to copy your keys just one time to the remote system, and then use Vim as normal without a password prompt.
I can SSH into the EC2 instance:
ssh -i "my_key.pem" ec2-user#my-public-ip
However, scp doesn't work:
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
Permission denied (publickey).
lost connection
I've also tried using public instance DNS, but nothing changes.
Any idea why is this happening and how to solve it?
The only way for this to happen is the private key mykey.pem is not found in the current directory. It is possible you tried ssh from a directory different than scp.
Try the following with full path to your key:
scp -r –i /path/to/my_key.pem ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
If it fails, post the output with -v option. It will tell you exactly where the problem is
scp -v -r –i /path/to/my_key.pem ./my_file ec2-user#my-public-ip:/home/ec2-user/my_file
I am bit late but this might be help full to someone.
Do not use the /home/ec2-user. Rather directly use the file name or folder name
E.g. the following command will put your my_file at the home folder (i.e. /home/ec2-user)
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:my_file
Or Say if you have a folder at /home/ect-user/my_data
Then use the following command to copy your file to the folder
scp -r –i "my_key.pem" ./my_file ec2-user#my-public-ip:my_data
Stupidly late addendum:
To avoid specifying the private key every time, just add to the .ssh/config file (create it if not already there) the following (without comments):
Host testserver // a memorable alias
Hostname 12.34.56.67 // your server ip
User ec2-user // user to connect
IdentityFile /path/to/key.pem // path to the private key
PasswordAuthentication no
Then a simple ssh testserver should work from anywhere (and consequently your scp too).
I use it to connect with Vim via scp using:
vim scp://testserver/relative/file/path
or
vim scp://testserver//absolute/file/path
and
vim scp://testserver/relative/dir/path/ (note the trailing slash)
to respectively edit files and browse folders directly from local (thus using my precious .vimrc <3 configuration).
Solution found here
Hope this helps! :)
I was facing this issue today and found solution for me (not elegant but one which worked). - this solution is good if you want to download something once and rollback all settings afterwards.
Solution:
When I specified -v option while using scp I noticed the certificate is being denied for some reason so I went to /etc/ssh/sshd_config and set PasswordAuthentication yes. Then I used systemctl restart sshd.
After this procedure I went to my local machine and used:
scp -v -r myname#VPC:/home/{user}/filename.txt path/on/local/machine
provided PWD and file transmission has been successful.
Hope this helps to someone :)
is there something wrong with this scp command ?
scp -C -i ./remoteServerKey.ppk -r /var/www/* root#192.168.0.15:/var/www
I use the same .ppk as in putty and enter the same passphrase, but it asks me 3 times and than says connection denied. I thought I used it before and it worked, but it isn´t atm.
If it is wrong, how should I do it ?
or you can also do ( for pem file )
scp -r -i file.pem user#192.10.10.10:/home/backup /home/user/Desktop/
Covert .ppk to id_rsa using tool PuttyGen, (http://mydailyfindingsit.blogspot.in/2015/08/create-keys-for-your-linux-machine.html) and
scp -C -i ./id_rsa -r /var/www/* root#192.168.0.15:/var/www
it should work !
Putty doesn't use openssh key files - there is a utility in putty suite to convert them.
edit: it is called puttygen
The command looks quite fine. Could you try to run -v (verbose mode) and then we can figure out what it is wrong on the authentication?
Also as mention in the other answer, maybe could be this issue - that you need to convert the keys (answered already here): How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux) OR http://winscp.net/eng/docs/ui_puttygen (depending what you need)
I want to normalise the yum.repo files for all computers on our small network i.e
sudo scp /etc/yum.repos.d/* $HOSTNAME:/etc/yum.repos.d/
I can loop through all hostnames easily enough and execute the command to copy, however I am prompted for the root password on each occasion which is becoming tiresome. How can I script this with bash or perl so that I only need to type the root command in once?
Implement password-less authentication with ssh keys, as described here, for instance. This will allow to run scripts without password prompts using ssh key file in your home folder.
Im writing a shell script to use the scp command (ssh) to transfer a file across to a computer. This obviously is password protected is there a way on either end to either...disable the password or to auto complete the password for the customer?
This out of pure convience and I have no idea if it is possible (im fairly new to linux), any help or pointers would be appreciated.
Thanks in advance
You can generate a pair of RSA/DSA keys (public and private). In your terminal:
$ ssh-keygen
It will generate a pair of files:
Private key: .ssh/id_dsa
Public key: .ssh/id_dsa.pub
Then, if you have access to remote host, you can add your public key to .ssh/authorized_keys file. In your remote host, copy the public key and use the following command:
cat id_dsa.pub >> .ssh/authorized_keys
You should you public key identification if you have access to SSH keys on both machines.
have a look at ssh keys. github has a nice intro