SCP
Hi Guys I have to FreeBSD boxes next to each other and would like to copy a directory from the mail server to the firewall.I have root access to both the PC's.The directory on the mail server is /home/www/trafd and I would like to copy it to the fw to /usr/ports/net/ . Here is the command I tried : scp /home/www/trafd <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]: /usr/trafd Please if someone can help Spidey ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SCP!
>From what i gather scp is a pull type method (for lack of a better term) I use scp from the computer I want the data pulled to. My problem is I am at a Windows XP system using putty and I can't "pull" the data because putty signs me into the freebsd system. So if I were to use SCP I would be pulling to the freebsd system becuase I am signed in with Putty right? So how do I sign on to freebsd and then scp the folder to the windows machine? more like a push. Any thoughts? Sorry if I seem abrupt I in a bit of a pickle. Thank you, Joshua Lewis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
scp
hi all... i need to do a script to copy a file from a remote machine via scp with a key and without a password here is what i'm doing: 1. ssh-keygen -t rsa 2. scp new_key.pub to [EMAIL PROTECTED] (with password) 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys when i try: # scp [EMAIL PROTECTED]:/files/file file i get password prompt... what am i missing?!? thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP
On Tue, 24 Aug 2004 12:28:23 +0200, Spidey Knepscheld <[EMAIL PROTECTED]> wrote: > Hi Guys > > I have to FreeBSD boxes next to each other and would like to copy a > directory from the mail server to the firewall.I have root access to > both the PC's.The directory on the mail server is /home/www/trafd and I > would like to copy it to the fw to /usr/ports/net/ . Here is the command > I tried : > > scp /home/www/trafd <mailto:[EMAIL PROTECTED]> > [EMAIL PROTECTED]: /usr/trafd I think it's more like this: scp [EMAIL PROTECTED]:/path/to/remote/dir/* /path/to/local/dir/ i'm still pretty new at this but if i'm not mistaken root can't login remotely by default, so unless you've allowed that it'll fail. hope this helps ... august > > Please if someone can help > > Spidey > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP
* Spidey Knepscheld <[EMAIL PROTECTED]> [0828 11:28]: > Hi Guys > > > I have to FreeBSD boxes next to each other and would like to copy a > directory from the mail server to the firewall.I have root access to > both the PC's.The directory on the mail server is /home/www/trafd and I > would like to copy it to the fw to /usr/ports/net/ . Here is the command > I tried : > > scp /home/www/trafd <mailto:[EMAIL PROTECTED]> > [EMAIL PROTECTED]: /usr/trafd I assume the mailto link is sowe crap inserted by your mailer? Also there shouldn't be a space between the colon and the /usr/trafd, and you'd need a -r flag to recursively do it. Also , tell us what error you got - I'd assume you aren't allowed to ssh as root into 196.15.213.253 > > Please if someone can help try rsync, that's much faster than scp: rsync -vaz -e ssh /home/www/trafd [EMAIL PROTECTED]:/usr/trafd -- Q: How many Martians does it take to screw in a lightbulb? A: One and a half. Rasputin :: Jack of All Trades - Master of Nuns ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
On 2005-12-12 10:47, Joshua Lewis <[EMAIL PROTECTED]> wrote: > From what i gather scp is a pull type method (for lack of a better > term) I use scp from the computer I want the data pulled to. > > My problem is I am at a Windows XP system using putty and I can't > "pull" the data because putty signs me into the freebsd system. So if > I were to use SCP I would be pulling to the freebsd system becuase I > am signed in with Putty right? > > So how do I sign on to freebsd and then scp the folder to the windows > machine? more like a push. You use PSCP.EXE instead of PUTTY.EXE from a Windows' "cmd" prompt. That's probably awful, if you're looking for something with fancy, colourful GUI buttons, but it has certainly saved my a$$ a few times :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
Joshua Lewis wrote: > So how do I sign on to freebsd and then scp the folder to the windows > machine? more like a push. scp can push or pull. You just don't have a sshd running on your windows machine, so pushing back to it isn't possible. What you want is a version of sftp or scp for Windows, to allow you to pull from the remote host. On the PuTTY website, two such tools are available, pftp and pscp. You can download them here: distribution.http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html -- James Bailie <[EMAIL PROTECTED]> http://www.jamesbailie.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
On 12/12/05, Giorgos Keramidas <[EMAIL PROTECTED]> wrote: > You use PSCP.EXE instead of PUTTY.EXE from a Windows' "cmd" prompt. > That's probably awful, if you're looking for something with fancy, > colourful GUI buttons, but it has certainly saved my a$$ a few times :) http://winscp.net/ is a nice GUI scp and sftp client for Windows. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
Joshua Lewis wrote: From what i gather scp is a pull type method (for lack of a better term) I use scp from the computer I want the data pulled to. My problem is I am at a Windows XP system using putty and I can't "pull" the data because putty signs me into the freebsd system. So if I were to use SCP I would be pulling to the freebsd system becuase I am signed in with Putty right? So how do I sign on to freebsd and then scp the folder to the windows machine? more like a push. Any thoughts? Sorry if I seem abrupt I in a bit of a pickle. Thank you, Joshua Lewis Well, maybe it's abrupt; I don't see a clear description of the problem you are having, but it seems you want to perform an encrypted file transfer? You mention PuTTY; IIRC, Mr. Tatham had also written "psftp", which came with a complete installation of PuTTY and enacted file transfer via SSH protocols on Windows. So, from the "cmd" shell on WinXP, you could utilize psftp to grab files from your FreeBSD server. "psftp" is probably also available (seperately) from the FTP site at: ftp://chiark.greend.org.uk/users/sgtatham That'd be a "pull". There are plenty of other possibilities, I'd think, also. As an example, many Windows FTP clients support SFTP, which operates as an SSH subsystem on FreeBSD, and if you can use PuTTY to log in to a FBSD box, then you should be able to use one of these to "pull" data, as well. HTH, Kevin Kinsey -- Political speeches are like steer horns. A point here, a point there, and a lot of bull in between. -- Alfred E. Neuman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
Giorgos Keramidas wrote: You use PSCP.EXE instead of PUTTY.EXE from a Windows' "cmd" prompt. That's probably awful, if you're looking for something with fancy, colourful GUI buttons, but it has certainly saved my a$$ a few times :) There's also filezilla, which I haven't used myself but have heard recommended. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
Thank you again to everyone on the list. I got the files moved. I really apreciate all responses and help. Thank you, Joshua Lewis James Bailie > Joshua Lewis wrote: > > > So how do I sign on to freebsd and then scp the folder to the windows > > machine? more like a push. > > scp can push or pull. You just don't have a sshd running on your > windows machine, so pushing back to it isn't possible. What you > want is a version of sftp or scp for Windows, to allow you to > pull from the remote host. On the PuTTY website, two such tools > are available, pftp and pscp. > > You can download them here: > > distribution.http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html > > > -- > James Bailie <[EMAIL PROTECTED]> > http://www.jamesbailie.com > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
On 2005-12-12 20:23, Svein Halvor Halvorsen <[EMAIL PROTECTED]> wrote: >On 12/12/05, Giorgos Keramidas <[EMAIL PROTECTED]> wrote: >> You use PSCP.EXE instead of PUTTY.EXE from a Windows' "cmd" prompt. >> That's probably awful, if you're looking for something with fancy, >> colourful GUI buttons, but it has certainly saved my a$$ a few times :) > > http://winscp.net/ is a nice GUI scp and sftp client for Windows. Many thanks! I don't use Windows, unless I'm *REALLY* forced to do so, because I almost invariably find the whole experience extremely annoying and distracting from the work I really want to do, but this will be useful to know for any future occasions I'm forced to use Windows :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP!
Svein Halvor Halvorsen schrieb: On 12/12/05, Giorgos Keramidas <[EMAIL PROTECTED]> wrote: You use PSCP.EXE instead of PUTTY.EXE from a Windows' "cmd" prompt. That's probably awful, if you're looking for something with fancy, colourful GUI buttons, but it has certainly saved my a$$ a few times :) http://winscp.net/ is a nice GUI scp and sftp client for Windows. Yet another GUI which is my favourite: ftp://ftp.ssh.com/pub/ssh/SSHSecureShellClient-3.2.9.exe Free of charge for non-commercial use. Regards Björn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
scp stalling
Hello- I have two boxes that I am trying to transfer files between and for some reasson I am getting annoting slow transfers. I am running OpenSSH_3.8.1p1on the server end with freeBSD 5.3 and OpenSSH_3.5p1 with freeBSD 4.9 on the client end. The connection keeps stalling and I am not seeing any errors in /var/log/messages. The only sign is my loss of hair. How can I go about troubleshooting this? I have full control over these boxen, so I can do whatever to fix this. thanks, Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 kalin m wrote: > hi all... > > i need to do a script to copy a file from a remote machine via scp with > a key and without a password > > here is what i'm doing: > > 1. ssh-keygen -t rsa > 2. scp new_key.pub to [EMAIL PROTECTED] (with password) > 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys > > when i try: > # scp [EMAIL PROTECTED]:/files/file file > > i get password prompt... > > what am i missing?!? > Hi Kalin, Here are a few things to try and check: - - Run scp with the "-vvv" flag to enable very verbose output. You may see something in the log messages during the connection phase that expose the problem. - - Check the /var/log/messages file on the host for debug messages from sshd. Are there any errors that indicate why public key authentication doesn't work? - - Check the /etc/ssh/sshd_config file contents. Is PubkeyAuthentication enabled? You can also change the LogLevel setting if you need more information emitted to /var/log/messages. Don't forget to send SIGHUP to sshd whenever you change sshd_config. - - Check the permissions on the the ~user/.ssh directory and the authorized_keys file. They have to be sufficiently tight (700 and 600, typically). Hope that helps, and post back here with any further questions. Regards, Greg Larkin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkj/2NQACgkQ0sRouByUApD3jACgnHA1h6XmnOuAEQXsnBjCcZBZ /k8An2AIMx4CJSXuTDfrPCcBlb9rLFqA =9z7a -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
On Oct 22, 2008, at 6:40 PM, kalin m wrote: hi all... i need to do a script to copy a file from a remote machine via scp with a key and without a password here is what i'm doing: 1. ssh-keygen -t rsa 2. scp new_key.pub to [EMAIL PROTECTED] (with password) 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys Should be authorized_keys. I usually cheat and grab a copy of ssh-copy-id from the web; I suspect your issue has to do with permissions for the .ssh directory and the authorized_keys file. -- Jay Chandler / KB1JWQ Living Legend / Systems Exorcist Today's Excuse: Budget cuts ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
Jay Chandler wrote: On Oct 22, 2008, at 6:40 PM, kalin m wrote: hi all... i need to do a script to copy a file from a remote machine via scp with a key and without a password here is what i'm doing: 1. ssh-keygen -t rsa 2. scp new_key.pub to [EMAIL PROTECTED] (with password) 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys Should be authorized_keys. it is. i just misspelled it in the message... I usually cheat and grab a copy of ssh-copy-id from the web; I suspect your issue has to do with permissions for the .ssh directory and the authorized_keys file. permissions are 600 for the file and 700 for .ssh the users are different on the local machine and remote_host. my guess is that if i point to the right key with -i it should work correct... now doing -vvv as Greg Larkin suggests... thanks... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
with -vvv i get this below: . debug1: bits set: 1034/2048 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try pubkey: id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: next auth method to try is keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: next auth method to try is password after this i get the password prompt why does it say try pubkey: id_rsa when id_rsa is supposed to be the private key? ?!?! Greg Larkin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 kalin m wrote: hi all... i need to do a script to copy a file from a remote machine via scp with a key and without a password here is what i'm doing: 1. ssh-keygen -t rsa 2. scp new_key.pub to [EMAIL PROTECTED] (with password) 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys when i try: # scp [EMAIL PROTECTED]:/files/file file i get password prompt... what am i missing?!? Hi Kalin, Here are a few things to try and check: - - Run scp with the "-vvv" flag to enable very verbose output. You may see something in the log messages during the connection phase that expose the problem. - - Check the /var/log/messages file on the host for debug messages from sshd. Are there any errors that indicate why public key authentication doesn't work? - - Check the /etc/ssh/sshd_config file contents. Is PubkeyAuthentication enabled? You can also change the LogLevel setting if you need more information emitted to /var/log/messages. Don't forget to send SIGHUP to sshd whenever you change sshd_config. - - Check the permissions on the the ~user/.ssh directory and the authorized_keys file. They have to be sufficiently tight (700 and 600, typically). Hope that helps, and post back here with any further questions. Regards, Greg Larkin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkj/2NQACgkQ0sRouByUApD3jACgnHA1h6XmnOuAEQXsnBjCcZBZ /k8An2AIMx4CJSXuTDfrPCcBlb9rLFqA =9z7a -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
kalin m wrote:
>
> with -vvv i get this below:
>
> .
> debug1: bits set: 1034/2048
> debug1: ssh_dss_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
[...]
>
> after this i get the password prompt
>
> why does it say try pubkey: id_rsa when id_rsa is supposed to be the
> private key?
>
> ?!?!
>
>
Hi Kalin,
Don't worry about that message - I see the same thing here with an ssh
connection that succeeds. The "try pubkey" message displays a private
key file.
Did you check the sshd_config file on the server and the
/var/log/messages file for additional hints? If you see anything
interesting, please post the output here. Also make sure that
PubkeyAuthentication is enabled ("on") in sshd_config.
Regards,
Greg
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkj/63kACgkQ0sRouByUApAk/gCfTwdUyekSlWD2RFW1Bkmx57XH
sbYAn0ArMnCOVybN/yomeu7XiOe+154f
=MlC3
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
here is pretty much the same from another machine (os x laptop) with a dsa key: debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /private/var/root/.ssh/id_dsa (0x300e30) debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /private/var/root/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method <== * why didn't we?!? debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: Next authentication method: password kalin m wrote: with -vvv i get this below: . debug1: bits set: 1034/2048 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try pubkey: id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: next auth method to try is keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: next auth method to try is password after this i get the password prompt why does it say try pubkey: id_rsa when id_rsa is supposed to be the private key? ?!?! Greg Larkin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 kalin m wrote: hi all... i need to do a script to copy a file from a remote machine via scp with a key and without a password here is what i'm doing: 1. ssh-keygen -t rsa 2. scp new_key.pub to [EMAIL PROTECTED] (with password) 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys when i try: # scp [EMAIL PROTECTED]:/files/file file i get password prompt... what am i missing?!? Hi Kalin, Here are a few things to try and check: - - Run scp with the "-vvv" flag to enable very verbose output. You may see something in the log messages during the connection phase that expose the problem. - - Check the /var/log/messages file on the host for debug messages from sshd. Are there any errors that indicate why public key authentication doesn't work? - - Check the /etc/ssh/sshd_config file contents. Is PubkeyAuthentication enabled? You can also change the LogLevel setting if you need more information emitted to /var/log/messages. Don't forget to send SIGHUP to sshd whenever you change sshd_config. - - Check the permissions on the the ~user/.ssh directory and the authorized_keys file. They have to be sufficiently tight (700 and 600, typically). Hope that helps, and post back here with any further questions. Regards, Greg Larkin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://eni
Re: scp
Hi Kalin,
Don't worry about that message - I see the same thing here with an ssh
connection that succeeds. The "try pubkey" message displays a private
key file.
Did you check the sshd_config file on the server and the
/var/log/messages file for additional hints? If you see anything
interesting, please post the output here. Also make sure that
PubkeyAuthentication is enabled ("on") in sshd_config.
thanks Greg... its actually
PubkeyAuthentication yes
it's the default
there is nothing in the messages log. and i don't see any openssh logs..
thanks...
Regards,
Greg
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkj/63kACgkQ0sRouByUApAk/gCfTwdUyekSlWD2RFW1Bkmx57XH
sbYAn0ArMnCOVybN/yomeu7XiOe+154f
=MlC3
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
kalin m wrote:
>
>> Hi Kalin,
>>
>> Don't worry about that message - I see the same thing here with an ssh
>> connection that succeeds. The "try pubkey" message displays a private
>> key file.
>>
>> Did you check the sshd_config file on the server and the
>> /var/log/messages file for additional hints? If you see anything
>> interesting, please post the output here. Also make sure that
>> PubkeyAuthentication is enabled ("on") in sshd_config.
>>
>>
> thanks Greg... its actually
>
> PubkeyAuthentication yes
>
> it's the default
>
> there is nothing in the messages log. and i don't see any openssh logs..
> thanks...
Hi Kalin,
Please try the following command, and let me know if you see any output
from it. If so, please post it here.
grep sshd /var/log/messages | tail -20
Regards,
Greg
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkj/+h8ACgkQ0sRouByUApB/wwCeJyWSvft0FsU+5KJNCNgj6ybQ
xeMAoIKSPU8tZ5G8pKkJakAUMzcq71wR
=CweV
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
Hi Kalin, Please try the following command, and let me know if you see any output from it. If so, please post it here. grep sshd /var/log/messages | tail -20 i did that earlier.. the last record for sshd is from 10.14, more than a week ago Regards, Greg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkj/+h8ACgkQ0sRouByUApB/wwCeJyWSvft0FsU+5KJNCNgj6ybQ xeMAoIKSPU8tZ5G8pKkJakAUMzcq71wR =CweV -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
On Thu, 23 Oct 2008 02:06:00 -0400, kalin m <[EMAIL PROTECTED]> wrote: > > grep sshd /var/log/messages | tail -20 > > > > i did that earlier.. the last record for sshd is from 10.14, more > than a week ago What about /var/log/auth.log? Maybe this file gives some information... -- Polytropon >From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
Polytropon wrote: On Thu, 23 Oct 2008 02:06:00 -0400, kalin m <[EMAIL PROTECTED]> wrote: grep sshd /var/log/messages | tail -20 i did that earlier.. the last record for sshd is from 10.14, more than a week ago What about /var/log/auth.log? Maybe this file gives some information... you were right Polytropon. ownership of the root directory for the user. it's not in home i was looking for something like sshd.log but it is auth.log.. thanks a lot to all now it's working... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp
On 22Oct08 22:14, kalin m wrote: }> I usually cheat and grab a copy of ssh-copy-id from the web; I suspect }> your issue has to do with permissions for the .ssh directory and the }> authorized_keys file. }permissions are 600 for the file and 700 for .ssh Permission of the remote user's home directory is another one to check. It can only be writable by the user. -- Callum Gibson @ home http://members.optusnet.com.au/callumgibson/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SCP & Delete
How do I delete a file after I've copied it with SCP? Is there some sort of secure 'rm' command? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
scp GUI
does there exist a graphical insterface for performing client scp? thanks, brian To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
slow scp transfer
Hi, i have freebsd 6.0 in a dl380 g3, im copying a 3.0G file from one server (with gentoo) to the freebsd server using scp, the transfer rate is terrible slow, check out this napstats# scp [EMAIL PROTECTED]:NAPSTATS_TRANSFER/stopacct_borrar stopacct_borrar stopacct_borrar26% 802MB 423.2KB/s 1:30:57 ETA this are my interfaces: napstats# ifconfig -a bge0: flags=8843 mtu 1500 options=1a inet6 fe80::213:72ff:fe0c:9065%bge0 prefixlen 64 scopeid 0x1 inet 192.168.10.49 netmask 0xf000 broadcast 192.168.15.255 ether 00:13:72:0c:90:65 media: Ethernet autoselect (100baseTX ) status: active tl0: flags=8802 mtu 1500 ether 00:08:c7:56:ce:3e media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 i dont have any errors: napstats# netstat -i NameMtu Network Address Ipkts IerrsOpkts Oerrs Coll bge0 1500 00:13:72:0c:90:65 1574833 0 994478 0 0 bge0 1500 fe80:1::213:7 fe80:1::213:72ff:0 -4 - - bge0 1500 192.168.0/20 192.168.10.49 1335972 - 991596 - - tl0* 1500 00:08:c7:56:ce:3e0 00 0 0 lo0 1638412620 012620 0 0 lo0 16384 localhost ::1 12476 -12476 - - lo0 16384 fe80:3::1 fe80:3::10 -0 - - lo0 16384 your-net localhost 144 - 144 - - what can be wrong? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp stalling
Am Mittwoch, 23. März 2005 00:51 schrieb Bob Ababurko: > Hello- > > I have two boxes that I am trying to transfer files between and for some > reasson I am getting annoting slow transfers. I am running > OpenSSH_3.8.1p1on the server end with freeBSD 5.3 and OpenSSH_3.5p1 with > freeBSD 4.9 on the client end. The connection keeps stalling and I am not > seeing any errors in /var/log/messages. The only sign is my loss of hair. > > How can I go about troubleshooting this? I have full control over these How are they conneted, in the same subnet and same switch or routed subnets or over some WAN links? Does ftp work? Also active FTP? -Harry > boxen, so I can do whatever to fix this. > > thanks, > Bob > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" pgp0cDNU6SzOP.pgp Description: PGP signature
Re: SCP & Delete
On Tue, 6 Feb 2007, Don O'Neil wrote: How do I delete a file after I've copied it with SCP? Is there some sort of secure 'rm' command? ssh allows you to execute many commands, one being rm. Example: ssh [EMAIL PROTECTED] "rm /full/path/to/file"; There's also gftp which can use ssh / sftp if you like GUI. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP & Delete
How do I delete a file after I've copied it with SCP? Is there some sort of secure 'rm' command? ssh [EMAIL PROTECTED] 'rm /full/path/to/file' Should work. There's no srm (secure rm), you simply ssh to the machine and give it the command to execute. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP & Delete
On Feb 6, 2007, at 3:12 PM, Don O'Neil wrote: How do I delete a file after I've copied it with SCP? Is there some sort of secure 'rm' command? Use "rsync --delete" via SSH. (Danger! Slippery when wet! Use with caution.) -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCP & Delete
On 2/6/07, Chuck Swiger <[EMAIL PROTECTED]> wrote: > > On Feb 6, 2007, at 3:12 PM, Don O'Neil wrote: > > How do I delete a file after I've copied it with SCP? Is there some > > sort of > > secure 'rm' command? > > Use "rsync --delete" via SSH. (Danger! Slippery when wet! Use with > caution.) > > -- > -Chuck I am not sure the rsync --delete is what the OP intended. rsync --delete will delete the file on the remote location if it no longer exists in the source location. The OP wanted to, as I understood it, delete the file from the source location after it was copied to the remote location. Probably the best bet would to be to have a script scp the files, do some sort of verification that they made it intact, and then do an ssh [EMAIL PROTECTED]"/path/to/file" as suggested earlier. HTH, Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
chrooted ssh/scp
Does anyone know how to make it so that users can ssh in and get a normal shell or scp in and get or send files but only within their own home directories via chroot? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Logging SCP / SFTP
Hi List, Can anyone point me in the right direction here ? I would like to log all scp/sftp transfers to and from a certain machine and cannot find any logical method to do so. TIA LukeK -- Luke Kearney <[EMAIL PROTECTED]> ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: scp GUI
Brian Henning wrote: does there exist a graphical insterface for performing client scp? thanks, http://www.appgate.com/mindterm/ -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: scp GUI
i am actually looking for a port for scp on bsd. any suggestions? - Original Message - From: "Bill Moran" <[EMAIL PROTECTED]> To: "Brian Henning" <[EMAIL PROTECTED]> Cc: "freebsd" <[EMAIL PROTECTED]> Sent: Tuesday, February 11, 2003 10:26 AM Subject: Re: scp GUI > Brian Henning wrote: > > does there exist a graphical insterface for performing client scp? > > thanks, > > http://www.appgate.com/mindterm/ > > -- > Bill Moran > Potential Technologies > http://www.potentialtech.com > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: scp GUI
On Tue, Feb 11, 2003 at 12:28:37PM -0600, Brian Henning wrote: > i am actually looking for a port for scp on bsd. > any suggestions? > Errm, don't you have it anyway ? # type -p scp /usr/bin/scp -- Regards Cliff Sarginson The Netherlands [ This mail has been checked as virus-free ] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: scp GUI
On Tuesday 11 February 2003 21:54, Cliff Sarginson wrote: > On Tue, Feb 11, 2003 at 12:28:37PM -0600, Brian Henning wrote: > > i am actually looking for a port for scp on bsd. > > any suggestions? > > Errm, don't you have it anyway ? > > # type -p scp > /usr/bin/scp >From what I can gather, they are looking for a GUI front end. If you are already using KDE, you can use Krusader (not in ports), http://krusader.sourceforge.net/, which is a Norton Commander like file manager that plugs into KDE and has built in SCP and SFTP functions. Will -- Willie Viljoen Freelance IT Consultant 214 Paul Kruger Avenue, Universitas Bloemfontein 9321 South Africa +27 51 522 15 60 +27 51 522 44 36 (after hours) +27 82 404 03 27 (mobile) [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
login permission over scp
Using scp without password (identy.pub authorized.key) in cron [EMAIL PROTECTED]> scp ./files [EMAIL PROTECTED]:/home/user/files all work but i need only secure copy, but must give full user shell to user [EMAIL PROTECTED] on host B. if attaker take control of A, he can shell to [EMAIL PROTECTED] setting /sbin/nologin to shell [EMAIL PROTECTED] scp not work what can i do to reduce permission [EMAIL PROTECTED] -- Michail V. Chernogorsky, Mosline ISP systems administrator tel. +7(095)782-45-33 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: slow scp transfer
There is a patch to OpenSSH to fix the buffer size problem caused by the different operating systems OpenSSH runs on. When the host and remote are different operating systems the send/receive buffer sizes do not match and this causes drastic slow down. Like in using gentoo client connecting to a FreeBSD box or Linux box. ports/security/hpn-ssh/ contains the patch code to fix this problem in sshd/ssh. Check out the patches home page at http://www.psc.edu/networking/projects/hpn-ssh/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Miguel Sent: Wednesday, March 29, 2006 4:43 PM To: freebsd-questions@freebsd.org Subject: slow scp transfer Hi, i have freebsd 6.0 in a dl380 g3, im copying a 3.0G file from one server (with gentoo) to the freebsd server using scp, the transfer rate is terrible slow, check out this napstats# scp [EMAIL PROTECTED]:NAPSTATS_TRANSFER/stopacct_borrar stopacct_borrar stopacct_borrar26% 802MB 423.2KB/s 1:30:57 ETA this are my interfaces: napstats# ifconfig -a bge0: flags=8843 mtu 1500 options=1a inet6 fe80::213:72ff:fe0c:9065%bge0 prefixlen 64 scopeid 0x1 inet 192.168.10.49 netmask 0xf000 broadcast 192.168.15.255 ether 00:13:72:0c:90:65 media: Ethernet autoselect (100baseTX ) status: active tl0: flags=8802 mtu 1500 ether 00:08:c7:56:ce:3e media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 i dont have any errors: napstats# netstat -i NameMtu Network Address Ipkts IerrsOpkts Oerrs Coll bge0 1500 00:13:72:0c:90:65 1574833 0 994478 0 0 bge0 1500 fe80:1::213:7 fe80:1::213:72ff:0 -4 - - bge0 1500 192.168.0/20 192.168.10.49 1335972 - 991596 - - tl0* 1500 00:08:c7:56:ce:3e0 00 0 0 lo0 1638412620 012620 0 0 lo0 16384 localhost ::1 12476 -12476 - - lo0 16384 fe80:3::1 fe80:3::10 -0 - - lo0 16384 your-net localhost 144 - 144 - - what can be wrong? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Copying files without scp
Hi all, To copy data from one server, I normally (always) use scp. I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? I recall a thread not too long ago regarding this, but I'd like to have a simple working example if possible, without getting into detail why one shouldn't transfer data unencrypted. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Strange behavior with scp
Hi, I just upgraded 2 machines to 4.9p1 and one of them is displaying a rather odd behavior. When I try to scp a file from said machine, it shows the first line of the fortune (the one you see if you, say, log into a shell on the machine) on the client end and then it quits. No error is reported in /var/log/messages or auth.log and no file is transferred. Has anyone seen this before? I tried using the same sshd_config as the working machine to no avail. Any suggestions would be greatly appreciated. Thanks, Sean. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chrooted ssh/scp
Evan Sayer <[EMAIL PROTECTED]> writes: > Does anyone know how to make it so that users can ssh in and get a > normal shell or scp in and get or send files but only within their own > home directories via chroot? The commercial ssh server has that capability built in, but the free ones don't, last I checked. You should be able to hook up jail(8) or chroot(8) to the account itself, though... -- Lowell Gilbert, embedded/networking software engineer, Boston area: resume/CV at http://be-well.ilk.org:8088/~lowell/resume/ username/password "public" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: chrooted ssh/scp
sshd2 will do this and if you read the license I believe it is legal to use for most users. Else you can use sudo to make a ssh chroot. google groups has some explainations of how to do this. Michael Clark Nemschoff Chairs Inc mclark at nemschoff dot com CompTIA A+, MCP Voice: (920) 457 7726 x294 Fax: (920) 453 6594 -Original Message- From: Lowell Gilbert [mailto:[EMAIL PROTECTED] Sent: Monday, February 02, 2004 8:11 AM To: Evan Sayer Cc: [EMAIL PROTECTED] Subject: Re: chrooted ssh/scp Evan Sayer <[EMAIL PROTECTED]> writes: > Does anyone know how to make it so that users can ssh in and get a > normal shell or scp in and get or send files but only within their own > home directories via chroot? The commercial ssh server has that capability built in, but the free ones don't, last I checked. You should be able to hook up jail(8) or chroot(8) to the account itself, though... -- Lowell Gilbert, embedded/networking software engineer, Boston area: resume/CV at http://be-well.ilk.org:8088/~lowell/resume/ username/password "public" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" CONFIDENTIALITY NOTE: This electronic transmission, including all attachments, is directed in confidence solely to the person(s) to whom it is addressed, or an authorized recipient, and may not otherwise be distributed, copied or disclosed. The contents of the transmission may also be subject to intellectual property rights and all such rights are expressly claimed and are not waived. If you have received this transmission in error, please notify the sender immediately by return electronic transmission and then immediately delete this transmission, including all attachments, without copying, distributing or disclosing same. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chrooted ssh/scp
On Mon, 2 Feb 2004 10:02:32 -0600 Michael Clark <[EMAIL PROTECTED]> granted us these pearls of wisdom: > sshd2 will do this and if you read the license I believe it is legal to use > for most users. > > Else you can use sudo to make a ssh chroot. > google groups has some explainations of how to do this. > > > Michael Clark > Nemschoff Chairs Inc > mclark at nemschoff dot com > CompTIA A+, MCP > Voice: (920) 457 7726 x294 > Fax: (920) 453 6594 > > > > -Original Message- > From: Lowell Gilbert [mailto:[EMAIL PROTECTED] > Sent: Monday, February 02, 2004 8:11 AM > To: Evan Sayer > Cc: [EMAIL PROTECTED] > Subject: Re: chrooted ssh/scp > > > Evan Sayer <[EMAIL PROTECTED]> writes: > > > Does anyone know how to make it so that users can ssh in and get a > > normal shell or scp in and get or send files but only within their own > > home directories via chroot? > > The commercial ssh server has that capability built in, but the free > ones don't, last I checked. You should be able to hook up jail(8) or > chroot(8) to the account itself, though... excuse me if this seems off topic but a quick check over at ssh.com revealed no obvious links to a downloadable version that would not require a license. Pray tell where I might find the binaries. I would like to give sshd2 a run and see if it might fix a problem that has been nagging at me for a bit. TIA LukeK ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: chrooted ssh/scp
its in ports... -Original Message- From: Luke Kearney [mailto:[EMAIL PROTECTED] Sent: Monday, February 02, 2004 10:34 AM To: Michael Clark Cc: '[EMAIL PROTECTED]'; Evan Sayer Subject: Re: chrooted ssh/scp On Mon, 2 Feb 2004 10:02:32 -0600 Michael Clark <[EMAIL PROTECTED]> granted us these pearls of wisdom: > sshd2 will do this and if you read the license I believe it is legal to use > for most users. > > Else you can use sudo to make a ssh chroot. > google groups has some explainations of how to do this. > > > Michael Clark > Nemschoff Chairs Inc > mclark at nemschoff dot com > CompTIA A+, MCP > Voice: (920) 457 7726 x294 > Fax: (920) 453 6594 > > > > -Original Message- > From: Lowell Gilbert [mailto:[EMAIL PROTECTED] > Sent: Monday, February 02, 2004 8:11 AM > To: Evan Sayer > Cc: [EMAIL PROTECTED] > Subject: Re: chrooted ssh/scp > > > Evan Sayer <[EMAIL PROTECTED]> writes: > > > Does anyone know how to make it so that users can ssh in and get a > > normal shell or scp in and get or send files but only within their own > > home directories via chroot? > > The commercial ssh server has that capability built in, but the free > ones don't, last I checked. You should be able to hook up jail(8) or > chroot(8) to the account itself, though... excuse me if this seems off topic but a quick check over at ssh.com revealed no obvious links to a downloadable version that would not require a license. Pray tell where I might find the binaries. I would like to give sshd2 a run and see if it might fix a problem that has been nagging at me for a bit. TIA LukeK CONFIDENTIALITY NOTE: This electronic transmission, including all attachments, is directed in confidence solely to the person(s) to whom it is addressed, or an authorized recipient, and may not otherwise be distributed, copied or disclosed. The contents of the transmission may also be subject to intellectual property rights and all such rights are expressly claimed and are not waived. If you have received this transmission in error, please notify the sender immediately by return electronic transmission and then immediately delete this transmission, including all attachments, without copying, distributing or disclosing same. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chrooted ssh/scp
ext Luke Kearney ([EMAIL PROTECTED]) wrote: > > excuse me if this seems off topic but a quick check over at ssh.com > revealed no obvious links to a downloadable version that would not > require a license. Pray tell where I might find the binaries. I would > like to give sshd2 a run and see if it might fix a problem that has been > nagging at me for a bit. Hi, You can find the license here (FreeBSD is expressly mentioned): ftp://ftp.ssh.com/pub/ssh/LICENSE And the source code for the non-commercial version (missing PKI) here: ftp://ftp.ssh.com/pub/ssh/ssh-3.2.9.1.tar.gz Or like somebody else mentioned, you can use the port. But there were no problems compiling on BSD last time I tried a few months ago. BR, Mike ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
passwordless scp and cronjobs
A few months ago, I had a cron job scp a file to another box within my lan. It worked great and things were good. I dont remember why I turned it off, but Im trying to set it back up. Both boxes are running FBSD 4.6.2-Release. On the sending box -> 1. ssh-keygen -t rsa //Accept the defaults and leave the passphrase empty. 2. scp id_rsa.pub sys_dev@hivemind: //SCP the public key over to the recieving box to the user who is going to recieve the file from the cron job. On the recieving box -> 1. cp id_rsa.pub .ssh/authorized_keys // Copy the sender's public key to .ssh/authorized_keys From the sending box, I run my script using the -v option to scp to be verbose. Here is the output of the script -> Executing: program /usr/bin/ssh host hivemind, user sys_dev, command scp -v -t . OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090605f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to hivemind.trini0.org [192.168.0.2] port 22. debug1: Connection established. debug1: identity file /home/gsam/.ssh/identity type -1 debug1: identity file /home/gsam/.ssh/id_rsa type 1 debug1: identity file /home/gsam/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1 FreeBSD-20020702 debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat OpenSSH* debug1: Local version string SSH-1.5-OpenSSH_3.4p1 FreeBSD-20020702 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug1: Host 'hivemind.trini0.org' is known and matches the RSA1 host key. debug1: Found key in /home/gsam/.ssh/known_hosts:1 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: cipher_init: set keylen (16 -> 32) debug1: cipher_init: set keylen (16 -> 32) debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Doing password authentication. [EMAIL PROTECTED]'s password: -- Could someone point out to me where Im going wrong with this to have the cron job complete successfully without entering a password. Thanks. -- Gerard Samuel http://www.trini0.org:81/ http://dev.trini0.org:81/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
sftp / scp not working?
I'm running FreeBSD 4.6.2. I can ssh into the box fine, but sftp gives this error message: unix13:~/$ sftp [EMAIL PROTECTED] Connecting to machine.name... [EMAIL PROTECTED]'s password: Received message too long 1500476704 unix13:~/$ and scp gives this one: unix13:~/$ scp foo [EMAIL PROTECTED]: [EMAIL PROTECTED]'s password: stty: You can search for documentation on a keyword by typing unix13:~/$ stdin isn't a terminal stty: stdin isn't a terminal stty: stdin isn't a terminal stty: stdin isn't a terminal Write failed flushing stdout buffer. unix13:~/$ Anybody have any idea what I can do to transfer files to/from my machine, besides ssh'ing into it, and the sftp'ing out? Thanks, Adam To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
passwordless scp and cronjobs
A few months ago, I had a cron job scp a file to another box within my lan. It worked great and things were good. I dont remember why I turned it off, but Im trying to set it back up. Both boxes are running FBSD 4.6.2-Release. On the sending box -> 1. ssh-keygen -t rsa //Accept the defaults and leave the passphrase empty. 2. scp id_rsa.pub sys_dev@hivemind: //SCP the public key over to the recieving box to the user who is going to recieve the file from the cron job. On the recieving box -> 1. cp id_rsa.pub .ssh/authorized_keys2 // Copy the sender's public key to .ssh/authorized_keys2 From the sending box, I run my script using the -v option to scp to be verbose. Here is the output of the script -> Executing: program /usr/bin/ssh host hivemind, user sys_dev, command scp -v -t . OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090605f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to hivemind.trini0.org [192.168.0.2] port 22. debug1: Connection established. debug1: identity file /home/gsam/.ssh/identity type -1 debug1: identity file /home/gsam/.ssh/id_rsa type 1 debug1: identity file /home/gsam/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1 FreeBSD-20020702 debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat OpenSSH* debug1: Local version string SSH-1.5-OpenSSH_3.4p1 FreeBSD-20020702 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug1: Host 'hivemind.trini0.org' is known and matches the RSA1 host key. debug1: Found key in /home/gsam/.ssh/known_hosts:1 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: cipher_init: set keylen (16 -> 32) debug1: cipher_init: set keylen (16 -> 32) debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Doing password authentication. [EMAIL PROTECTED]'s password: -- Could someone point out to me where Im going wrong with this to have the cron job complete successfully without entering a password. Thanks. -- Gerard Samuel http://www.trini0.org:81/ http://dev.trini0.org:81/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: login permission over scp
Hi, >From the keyboard of ??, written on Thu, Feb 17, 2005 at >11:42:11AM +0300: > i need only secure copy, but must give full user shell to user [EMAIL > PROTECTED] > on host B. if attaker take control of A, he can shell to [EMAIL PROTECTED] > > setting /sbin/nologin to shell [EMAIL PROTECTED] scp not work > > what can i do to reduce permission [EMAIL PROTECTED] You can use rssh from the ports: $ cat /usr/ports/shells/rssh/pkg-descr rssh is a Restricted Secure SHell that allow only the use of sftp or scp. It could be use when you need an account (and a valid shell) in order to execute sftp or scp but when you don't want to give the possibility to log in to this user. WWW: http://www.pizzashack.org/rssh/index.shtml - enigmatyc [EMAIL PROTECTED] $ Grtz, -- Eilko. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
showdown transfering files with scp
I was using scp to copy several large (300-800mb) each files between two Freebsd machines. Both are on the same hub, 100MB Ethernet connection. The source box is FreeBSD 5.4 stable at a late October build date. The target is running 6.0 stable at a current build date. The first three files showed a transfer rate of about 3mb/sec and transfer took about a 5-7 minutes for each file. After the third one however the transfer rate dropped to 100-200 KB/sec. There was nothing else going on in the internal network at the time. Any ideas on what happened? Mark Jacobs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Copying files without scp
Steve Bertrand wrote: Hi all, To copy data from one server, I normally (always) use scp. I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? I recall a thread not too long ago regarding this, but I'd like to have a simple working example if possible, without getting into detail why one shouldn't transfer data unencrypted. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" dump should work, it uses rsh. something like cpio could be piped into rsh obviously. You may want to benchmark it as I've had better transfer rates using scp/ssh but have not done it against rsh method. -- Adam Vandemore Systems Administrator IMED Mobility (605) 498-1610 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
On Apr 7, 2009, at 16:13, Steve Bertrand wrote: Hi all, To copy data from one server, I normally (always) use scp. I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? In that environment you can use ftp just fine. Make sure to restrict it to the local IP addresses. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Doug Hardie wrote: > > On Apr 7, 2009, at 16:13, Steve Bertrand wrote: > >> Hi all, >> >> To copy data from one server, I normally (always) use scp. >> >> I'm looking for a method to perform this copy task without the overhead >> of encryption for infrequent, high-volume transfers (hundreds to >> thousands of GB). >> >> The data will be transferred server-to-server within a private >> datacentre. >> >> Can someone recommend a *known good* production quality copy mechanism >> that will act like scp, but without the overhead? rsh? nc? > > In that environment you can use ftp just fine. Make sure to restrict it > to the local IP addresses. Thanks, but I've never found a way to copy complete directories with FTP. I'll need to copy entire multi-nested directory structures. Do you have an example how to do this via FTP? (CLI-only). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
On Apr 7, 2009, at 4:13 PM, Steve Bertrand wrote: I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? Install /usr/ports/security/openssh-portable, and set the "Enable HPN- SSH patch" option. You should then be able to use "scp -c none" option, which is documented more fully here: http://www.psc.edu/networking/projects/hpn-ssh/none.php You could also use rsync + rsyncd Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Chuck Swiger wrote: > On Apr 7, 2009, at 4:13 PM, Steve Bertrand wrote: >> I'm looking for a method to perform this copy task without the overhead >> of encryption for infrequent, high-volume transfers (hundreds to >> thousands of GB). >> >> The data will be transferred server-to-server within a private >> datacentre. >> >> Can someone recommend a *known good* production quality copy mechanism >> that will act like scp, but without the overhead? rsh? nc? > > Install /usr/ports/security/openssh-portable, and set the "Enable > HPN-SSH patch" option. You should then be able to use "scp -c none" > option, which is documented more fully here: > > http://www.psc.edu/networking/projects/hpn-ssh/none.php > > You could also use rsync + rsyncd Thanks Chuck, I think I'll just go the rsync route. I'm very familiar with it. I don't particularly want to install it on the boxes I'm concerned with momentarily, but I know how it works. Your other option seems intriguing, but I'd rather not install more software on these boxes if possible. I was hoping for a magical, don't have to install anything-type solution :) Perhaps I left out an important piece... even though I'm copying directory structures, in many cases the bulk of the data will be contained within massively large individual files. (Hence why rsync wasn't my original choice). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Hi, > Can someone recommend a *known good* production quality copy mechanism > that will act like scp, but without the overhead? rsh? nc? I sometime use tar+rsh. Tar because I want to be sure to preserve all ownership and modes of the files and directories. Bests, olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Steve Bertrand wrote: Hi all, To copy data from one server, I normally (always) use scp. I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? On the listening end: cd / ; nc -l 12345 | tar xpvf - On the sending end: cd / ; tar cf - /path/file | nc 12345 Replace 'x' by 't' on the listening end to verify that it's going to do what you would want/expect. -- Frederique ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
On Wednesday 08 April 2009 01:31:18 Steve Bertrand wrote: > Doug Hardie wrote: > > On Apr 7, 2009, at 16:13, Steve Bertrand wrote: > >> Hi all, > >> > >> To copy data from one server, I normally (always) use scp. > >> > >> I'm looking for a method to perform this copy task without the overhead > >> of encryption for infrequent, high-volume transfers (hundreds to > >> thousands of GB). > >> > >> The data will be transferred server-to-server within a private > >> datacentre. > >> > >> Can someone recommend a *known good* production quality copy mechanism > >> that will act like scp, but without the overhead? rsh? nc? > > > > In that environment you can use ftp just fine. Make sure to restrict it > > to the local IP addresses. > > Thanks, but I've never found a way to copy complete directories with FTP. > > I'll need to copy entire multi-nested directory structures. > > Do you have an example how to do this via FTP? (CLI-only). ftp/ncftp3: ncftpget -R ftp://servername/path/to/start/ -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
On Tue, 7 Apr 2009, Steve Bertrand wrote: Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? If you are happy with rsh authentication, then have you looked at plain old rcp? A. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Steve Bertrand writes: > To copy data from one server, I normally (always) use scp. > > I'm looking for a method to perform this copy task without the overhead > of encryption for infrequent, high-volume transfers (hundreds to > thousands of GB). > > The data will be transferred server-to-server within a private datacentre. > > Can someone recommend a *known good* production quality copy mechanism > that will act like scp, but without the overhead? rsh? nc? > > I recall a thread not too long ago regarding this, but I'd like to have > a simple working example if possible, without getting into detail why > one shouldn't transfer data unencrypted. I haven't hit a case in years where the encryption overhead was actually measurable as a significant issue. Still, anything you can do over ssh can be done just as well over rsh. There's always rcp if you want the same syntax as scp, but if the data consists of a lot of different files, using tar on both ends of a pipe will probably be much faster. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
Steve Bertrand wrote: > To copy data from one server, I normally (always) use scp. > > I'm looking for a method to perform this copy task without the overhead > of encryption for infrequent, high-volume transfers (hundreds to > thousands of GB). > > The data will be transferred server-to-server within a private datacentre. There are quite a lot of ways to do that. You could NFS-export then files and then use a tool to copy them on the other box locally (tar, cpio, cpdup, whatever). You could run an FTP server and then use one of the various FTP mirror tools to copy the files (e.g. ports/ftp/omi). You could use plain old rcp. You could apply this (trivial) patch that adds support for cipher "none" in ssh and scp: http://www.secnetix.de/olli/FreeBSD/patches/openssh-cipher-none The advantage of using scp (with "-c none") is that you can use all of the ssh features, such as key authentication, server aliases (via ~/.ssh/config) etc. You can also use other file copy tools (such as cpdup) that can be tunneled through ssh. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "IRIX is about as stable as a one-legged drunk with hypothermia in a four-hundred mile per hour wind, balancing on a banana peel on a greased cookie sheet -- when someone throws him an elephant with bad breath and a worse temper." -- Ralf Hildebrandt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
To copy data from one server, I normally (always) use scp. man rcp ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
9.0-PRERELEASE slow scp transfer
Hi I have a stange thing. 1. 7.3-RELEASE-p2 on dell poweredge SC440 with bge nic 2. 9.0-PRERELEASE on another dell poweredge SC440 bge nic 3. 7.4-RELEASE-p4 in a vmware virtual machine with em nic When i copy a file with scp which is a few hundred megabytes on 1. from 2. or from 3. i get about 10MB/s When i copy a filewith scpwhich is a few hundred megabytes on 3. from 1. or from 2. i get about 10MB/s When i copy a file with scpwhich is a few hundred megabytes on2. from 3.i get about 10MB/s When i copy a file with scp which is a few hundred megabytes on2. from 1.i get about 130 KB/s I can find nothing in the logs or netstat errors on this 9.0-PRERELEASE box. I have switched network kabels and ports on the switch. How could i further investigate? Thanks in advance Disclaimer: http://www.ose.nl/email ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying files without scp
A. Wright wrote: > On Tue, 7 Apr 2009, Steve Bertrand wrote: > >> Can someone recommend a *known good* production quality copy mechanism >> that will act like scp, but without the overhead? rsh? nc? > > If you are happy with rsh authentication, then have you looked at > plain old rcp? I reviewed carefully all feedback I received, and since then, I loosely benchmarked my options. After all was said and done, using SSH, I found: - across the 100Mbps infrastructure, I could copy at 89Mbps - across the Gi infrastructure, I could copy at ~770Mbps My concern (I found) was coming from my Windows workstation. I was using a Windows binary version of SCP that is clearly lacking somewhere in the stack. FBSD to FBSD produced the above results. The 100Mb infrastructure hops one router and two switches, and the gig makes a hop across one edge router, a core router, and three switches. When I can get 75-90% line rate encrypted, I'll stay with that. I do appreciate all the feedback, as always ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
chroot scp only network storage?
I want to provide some users with secure network attached storage over SCP. The intent is to provide people with a similar thing to, e.g. rsync.net but inside of our network only. Security is obviously a priority so I would like each user to be chrooted into their allocated directory and allow them only to execute a small set of commands. I have come across scponly before. Is this the best way of achieving this with FreeBSD or is there some other better way? Thanks in advance, Matt. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
how do i scp .dotfiles??
guys, this is the start of my master switchover. how to i copy/scp,say, ~/.purpur to home/kline/.purple? along with many hundreds of other dot files? scp doesn't do it. tx, gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
rsync or even scp questions....
I have two "desktop" computers; three, if you count my new
ThinkPad. The TPad needs a new CAT5 cable, so for now I'm only
considereing the two tower computers.
On the Ubuntu computer I am /home/kline; on my main computer,
my home is /usr/home/kline. The following sh script worked
perfected when my home on "tao" [FBSD] was /home/kline:
P
#!/bin/sh
PWD=`pwd`;
echo "This directory is [${PWD}]";
scp -qrp ${PWD}/* ethos:/${PWD}
###/usr/bin/scp -rqp -i /home/kline/.ssh/zeropasswd-id ${PWD}/* \ klin
[EMAIL PROTECTED]:/${PWD}
Question #1: is there any /bin/sh method of getting rid of the
"/usr"? I switch off between my two computers especially when
get mucked up, as with my upgrade to kde4. (Otherwise, I do
backups of ~kline as well as other critical directories.)
Is there a way of automatically using rsync rather that my
kwik-and-dirty /bin/shell script?
thanks, people,
gary
PS: Complete disclosure: it works one way [tao to ethos] because
I have created a /usr/home/kline/* tree on ethos.
PPS: if this seems like a numbskull query, i only caught a few
hours sleep last night!
--
Gary Kline [EMAIL PROTECTED] http://www.thought.org Public Service Unix
http://jottings.thought.org http://transfinite.thought.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
scp/sftp without interactive shell?
Hi, I'm looking for a way to securely transfer files between machines using either scp or sftp without giving the user a login shell on the target machine. Put in another way: The user should be able to transfer files but must not have an interactive login shell on the target box. Giving the user a shell of "/bin/true" or something similar on the target machine is not an option since scp doesn't seem to work in this case. Any ideas how this could be accomplished? Thanks in advance for your help, -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Strange behavior with scp
Sean Page wrote: Hi, I just upgraded 2 machines to 4.9p1 and one of them is displaying a rather odd behavior. When I try to scp a file from said machine, it shows the first line of the fortune (the one you see if you, say, log into a shell on the machine) on the client end and then it quits. No error is reported in /var/log/messages or auth.log and no file is transferred. Has anyone seen this before? I tried using the same sshd_config as the working machine to no avail. Any suggestions would be greatly appreciated. Thanks, Sean. This is happening because fortune is hijacking the tty. edit your shell init program to not run fortune on non-interactive shells, or remove it all together and scp should work fine again. ~j -- "Yesterday upon the stair I saw a man who wasn't there, he wasn't there again today, oh how i wish he'd go away" Rev. Jonathan T. Sage Lighting / Set Designer Professional Web Design [HTTP://theatre.msu.edu] [EMAIL PROTECTED] [See Headers for Contact Info] pgp0.pgp Description: PGP signature
Re: Strange behavior with scp
On Dec 8, 2003, at 5:09 PM, Sean Page wrote: When I try to scp a file from said machine, it shows the first line of the fortune (the one you see if you, say, log into a shell on the machine) on the client end and then it quits. No error is reported in /var/log/messages or auth.log and no file is transferred. scp requires a "clean login", and that message might be causing the SSH protocol used by scp to break. In particular, something like: "ssh _machine_ true" should run /bin/true and return without generating any additional output. Depending on the shell you use, wrapping the invocation of fortune in something like: if ($?prompt) then # interactive CSH commands... endif ...or: case $- in *i*) # interactive SH commands. esac ...should resolve this issue. -- -Chuck ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Strange behavior with scp
HA! That was it! Thanks Jonathan. Sean. -Original Message- From: Jonathan T. Sage [mailto:[EMAIL PROTECTED] Sent: December 8, 2003 4:02 PM To: '[EMAIL PROTECTED]' Subject: Re: Strange behavior with scp Sean Page wrote: > Hi, > > I just upgraded 2 machines to 4.9p1 and one of them is displaying a rather > odd behavior. > When I try to scp a file from said machine, it shows the first line of the > fortune (the one you see if you, say, log into a shell on the machine) on > the client end and then it quits. No error is reported in /var/log/messages > or auth.log and no file is transferred. > Has anyone seen this before? I tried using the same sshd_config as the > working machine to no avail. > Any suggestions would be greatly appreciated. > > Thanks, > Sean. > This is happening because fortune is hijacking the tty. edit your shell init program to not run fortune on non-interactive shells, or remove it all together and scp should work fine again. ~j -- "Yesterday upon the stair I saw a man who wasn't there, he wasn't there again today, oh how i wish he'd go away" Rev. Jonathan T. Sage Lighting / Set Designer Professional Web Design [HTTP://theatre.msu.edu] [EMAIL PROTECTED] [See Headers for Contact Info] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
scp between windows and freebsd
All, I'm following the directions here: http://www.unixwiz.net/techtips/postfix-exchange-users.html to improve the gateway to our Exchange box, and am stuck on a particular step. I just can't seem to make the Putty SCP work from my workstation. I used Putty's window copy function to paste into vi to create the .pub file, then used the command line: "ssh-keygen -i -f /tmp/exchupdate.pub >> /root/.ssh/authorized_keys2" on the FreeBSD box per the instructions to convert to an openssh key, then use the following command line to do the copy: "pscp -2 -i exchupdate.ppk exchusers.txt [EMAIL PROTECTED]:/etc" but I keep getting the following two messages on the Windows box: "Authenticating with public key "postfix update users key" "Fatal: Lost connection" and the following on the FreeBSD box: "server2 sshd[36802]: fatal: monitor_read: unsupported request:" This, even though I've made certain to enter a edit the public key to add a comment (using vi) into the public key on the FreeBSD box. I've done some googling, and read some man pages, but can't seem to find out what the heck I'm doing wrong. I've put the authorized_keys2 file into /etc/ssh, /root/.ssh and even /root hoping that it was simply a matter of location, but still no go. Help? Thanks, Kurt ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SCP fails while ssh works...
Hey all, I have to identical boxes running 4.6 and all of a sudden one stopped taking SCP even though it still takes ssh connections. The other box is still working fine and they are on the same subnet. The only thing I could find online about this is an MTU mismatch which makes no sense in this situation. I can bounce the sshd proc when I get someone on site since these are in a different state. The "-v" outputs are below, snipped for clari/brevity. Notice the bad guy's (booo, hiss hiss) inability to form a complete connection. GOOD CONNECTION: debug: SshConfig/sshconfig.c:2232/ssh2_parse_config: Unable to open /opt/home/ktokash/.ssh2/identification debug: Ssh2AuthClient/sshauthc.c:316/ssh_authc_completion_proc: Method 'publickey' disabled. debug: server offers auth methods 'publickey,password,keyboard-interactive'. debug: Ssh2AuthPasswdClient/authc-passwd.c:95/ssh_client_auth_passwd: Starting password query... [EMAIL PROTECTED]'s password: debug: Ssh2Common/sshcommon.c:286/ssh_common_special: Received SSH_CROSS_AUTHENTICATED packet from connection protocol. debug: Ssh2/ssh2.c:646/client_authentication_notify: Returning user input stream to original values. scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... debug: Ssh2Common/sshcommon.c:829/ssh_common_new_channel: num_channels now 1 debug: SshTtyFlags/sshttyflags.c:354/ssh_internal_encode_tty_flags: Not a tty. (fd = 0) scp:SshFCTransfer/sshfc_transfer.c:1866/transfer_rm_dest: Removing destination file ./snortrules-stable.tar.gz . scp:SshFCTransferCore/sshfc_trcore.c:125/transfer_start: Starting transfer for file snortrules-stable.tar.gz, destination ./snortrules-stable.tar.gz snortrules-stable.tar.gz | 211kB | 211.2 kB/s | TOC: 00:00:01 | 100% scp:SshFCTransfer/sshfc_transfer.c:2489/transfer_one_done: Finished with file ./snortrules-stable.tar.gz. scp:Scp2/scp2.c:706/transfer_ready_cb: Received error SSH_FC_OK, error message . scp:Scp2/scp2.c:867/scp_transfer: Transfer ready scp:ssh_pipe_stream_destroy scp:SshAppCommon/sshappcommon.c:146/ssh_app_free_global_regex_context: Freeing global SshRegex context. debug: SshConnection/sshconn.c:405/ssh_conn_send_channel_data_type: EOF from channel stream cge01% debug: SshConnection/sshconn.c:667/ssh_conn_channel_write: EOF received on write from channel 0x207570, extended stream 0. debug: Ssh2ChannelSession/sshchsession.c:1716/ssh_channel_session_request_exit_status: received exit status : 0 debug: Ssh2Common/sshcommon.c:803/ssh_common_destroy_channel: num_channels now 0 debug: Got session close with exit_status=0 debug: destroying client struct... debug: Ssh2Client/sshclient.c:1478/ssh_client_destroy: Destroying client. debug: SshConfig/sshconfig.c:537/ssh_config_pki_free: Freeing pki. (host_pki != NULL, user_pki = NULL) debug: SshConnection/sshconn.c:1982/ssh_conn_destroy: Destroying SshConn object. debug: Ssh2Client/sshclient.c:1540/ssh_client_destroy_finalize: Destroying client completed. debug: SshAuthMethodClient/sshauthmethodc.c:89/ssh_client_authentication_uninitialize: Destroying authentication method array. debug: Ssh2/ssh2.c:363/sigpipe_nonfatal_cb: Received SIGPIPE. debug: SshAppCommon/sshappcommon.c:146/ssh_app_free_global_regex_context: Freeing global SshRegex context. debug: SshConfig/sshconfig.c:537/ssh_config_pki_free: Freeing pki. (host_pki = NULL, user_pki = NULL) BAD GUY (booo, hiss hiss): debug: SshConfig/sshconfig.c:2232/ssh2_parse_config: Unable to open /opt/home/ktokash/.ssh2/identification debug: Ssh2AuthClient/sshauthc.c:316/ssh_authc_completion_proc: Method 'publickey' disabled. debug: server offers auth methods 'publickey,password,keyboard-interactive'. debug: Ssh2AuthPasswdClient/authc-passwd.c:95/ssh_client_auth_passwd: Starting password query... [EMAIL PROTECTED]'s password: debug: Ssh2Common/sshcommon.c:286/ssh_common_special: Received SSH_CROSS_AUTHENTICATED packet from connection protocol. debug: Ssh2/ssh2.c:646/client_authentication_notify: Returning user input stream to original values. scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... debug: Ssh2Common/sshcommon.c:829/ssh_common_new_channel: num_channels now 1 debug: SshTtyFlags/sshttyflags.c:354/ssh_internal_encode_tty_flags: Not a tty. (fd = 0) debug: Ssh2ChannelSession/sshchsession.c:2232/ssh_channel_start_session_completion2: starting session failed: result 0 scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... scp:SshFCTransfer/sshfc_transfer.c:1592/transfer_stat_before_rm_cb: No connection yet. Waiting... scp:SshFCTransfer/ss
Re: sftp / scp not working?
On Mon, Sep 30, 2002 at 01:46:13AM -0400, Adam Bender wrote: > > I'm running FreeBSD 4.6.2. I can ssh into the box fine, but sftp gives > this error message: > unix13:~/$ sftp [EMAIL PROTECTED] > Connecting to machine.name... > [EMAIL PROTECTED]'s password: > Received message too long 1500476704 > unix13:~/$ > > and scp gives this one: > > unix13:~/$ scp foo [EMAIL PROTECTED]: > [EMAIL PROTECTED]'s password: > stty: You can search for documentation on a keyword by typing > unix13:~/$ stdin isn't a terminal > stty: stdin isn't a terminal > stty: stdin isn't a terminal > stty: stdin isn't a terminal > Write failed flushing stdout buffer. > > unix13:~/$ > > Anybody have any idea what I can do to transfer files to/from my machine, > besides ssh'ing into it, and the sftp'ing out? Unfortunately that's not sufficient information to diagnose exactly what's wrong. Could you try running your scp and sftp commands again with liberal use of the '-v' (verbose) flag: sftp -v -v -v [EMAIL PROTECTED] If that doesn't tell you immediately what's wrong, please cut'n'paste the output of the command into a message to this list, plus tell us what ssh client you're using and any modifications you've made to the default sshd configurationon your FreeBSD box. There's also the [EMAIL PROTECTED] mailing list, which has searchable archives available at http://marc.theaimsgroup.com/?l=secure-shell&r=1&w=2 Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: sftp / scp not working?
On Mon, Sep 30, 2002 at 11:06:05AM +0100, Matthew Seaman wrote: > On Mon, Sep 30, 2002 at 01:46:13AM -0400, Adam Bender wrote: > > > > I'm running FreeBSD 4.6.2. I can ssh into the box fine, but sftp gives > > this error message: > > unix13:~/$ sftp [EMAIL PROTECTED] > > Connecting to machine.name... > > [EMAIL PROTECTED]'s password: > > Received message too long 1500476704 > > unix13:~/$ > Unfortunately that's not sufficient information to diagnose exactly > what's wrong. Could you try running your scp and sftp commands again > with liberal use of the '-v' (verbose) flag: Ooops. spoke (typed?) too soon. I knew that looked familiar... The problem is that your shell initialization files are printing stuff out even when you aren't logging in interactively, and that's being misinterpreted by the scp or sftp subsystems: http://marc.theaimsgroup.com/?l=secure-shell&m=102952631227473&w=2 If you're using csh(1)/tcsh(1), there's a fairly simple cure. You can wrap all the stuff that only appropriate for interactive logins into an if.. statement like so: if ($?prompt) then # Interactive settings go here... set autolist ... endif Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: passwordless scp and cronjobs
> Date: Fri, 04 Oct 2002 13:31:56 -0400 > From: Gerard Samuel <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > > A few months ago, I had a cron job scp a file to another box within my > lan. It worked great and things were good. > I dont remember why I turned it off, but Im trying to set it back up. > Both boxes are running FBSD 4.6.2-Release. > On the sending box -> > 1. ssh-keygen -t rsa //Accept the defaults and leave the passphrase empty. > 2. scp id_rsa.pub sys_dev@hivemind: //SCP the public key over to the > recieving box to the user who is going to recieve the file from the cron > job. > > On the recieving box -> > 1. cp id_rsa.pub .ssh/authorized_keys2 // Copy the sender's public key > to .ssh/authorized_keys2 > > From the sending box, I run my script using the -v option to scp to be > verbose. > Here is the output of the script -> > -------- > Executing: program /usr/bin/ssh host hivemind, user sys_dev, command scp > -v -t . > OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090605f > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Rhosts Authentication disabled, originating port will not be > trusted. > debug1: ssh_connect: needpriv 0 > debug1: Connecting to hivemind.trini0.org [192.168.0.2] port 22. > debug1: Connection established. > debug1: identity file /home/gsam/.ssh/identity type -1 > debug1: identity file /home/gsam/.ssh/id_rsa type 1 > debug1: identity file /home/gsam/.ssh/id_dsa type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_3.4p1 FreeBSD-20020702 > debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat OpenSSH* > debug1: Local version string SSH-1.5-OpenSSH_3.4p1 FreeBSD-20020702 > debug1: Waiting for server public key. > debug1: Received server public key (768 bits) and host key (1024 bits). > debug1: Host 'hivemind.trini0.org' is known and matches the RSA1 host key. > debug1: Found key in /home/gsam/.ssh/known_hosts:1 > debug1: Encryption type: 3des > debug1: Sent encrypted session key. > debug1: cipher_init: set keylen (16 -> 32) > debug1: cipher_init: set keylen (16 -> 32) > debug1: Installing crc compensation attack detector. > debug1: Received encrypted confirmation. > debug1: Doing password authentication. > [EMAIL PROTECTED]'s password: > -- > > Could someone point out to me where Im going wrong with this to have the > cron job complete successfully without entering a password. > Thanks. The most obvious thing is that you generated SSH V2 RSA keys, but the connection in the example used SSH V1 and is only interested in V1 keys. Check the "Protocol" line in $HOME/.ssh/config and/or /etc/ssh/ssh_config on the client side and /etc/ssh/sshd_config on the server side and make sure both use V2. You can force SSH V2 with -oProtocol=2 on the command line according to the man page. I have not tried this. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: passwordless scp and cronjobs
I started the whole process again and added the SSH2 option to the command line which now looks like this -> scp -o 'Protocol=2' -v ~/temp/file.zip sys_dev@hivemind: Towards the bottom you'll see its trying authentication methods, using the public key as the first option. I would tend to believe if all were well, it shouldn't have to go past that point. Ill try messing around some more with the ssh options and report back. Thanks Here is the output of the ssh debug -> Executing: program /usr/bin/ssh host hivemind, user sys_dev, command scp -v -t . OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090605f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to hivemind.trini0.org [192.168.0.2] port 22. debug1: Connection established. debug1: identity file /home/gsam/.ssh/id_rsa type 1 debug1: identity file /home/gsam/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1 FreeBSD-20020702 debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat OpenSSH* Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.4p1 FreeBSD-20020702 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 121/256 debug1: bits set: 1602/3191 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'hivemind.trini0.org' is known and matches the DSA host key. debug1: Found key in /home/gsam/.ssh/known_hosts:6 debug1: bits set: 1573/3191 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password,keyboard-interactive debug1: next auth method to try is publickey debug1: try pubkey: /home/gsam/.ssh/id_rsa debug1: authentications that can continue: publickey,password,keyboard-interactive debug1: try privkey: /home/gsam/.ssh/id_dsa debug1: next auth method to try is keyboard-interactive Password: Kevin Oberman wrote: >>Date: Fri, 04 Oct 2002 13:31:56 -0400 >>From: Gerard Samuel <[EMAIL PROTECTED]> >>Sender: [EMAIL PROTECTED] >> >>A few months ago, I had a cron job scp a file to another box within my >>lan. It worked great and things were good. >>I dont remember why I turned it off, but Im trying to set it back up. >>Both boxes are running FBSD 4.6.2-Release. >>On the sending box -> >>1. ssh-keygen -t rsa //Accept the defaults and leave the passphrase empty. >>2. scp id_rsa.pub sys_dev@hivemind: //SCP the public key over to the >>recieving box to the user who is going to recieve the file from the cron >>job. >> >>On the recieving box -> >>1. cp id_rsa.pub .ssh/authorized_keys2 // Copy the sender's public key >>to .ssh/authorized_keys2 >> >> From the sending box, I run my script using the -v option to scp to be >>verbose. >>Here is the output of the script -> >> >>Executing: program /usr/bin/ssh host hivemind, user sys_dev, command scp >>-v -t . >>OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090605f >>debug1: Reading configuration data /etc/ssh/ssh_config >>debug1: Applying options for * >>debug1: Rhosts Authentication disabled, originating port will not be >>trusted. >>debug1: ssh_connect: needpriv 0 >>debug1: Connecting to hivemind.trini0.org [192.168.0.2] port 22. >>debug1: Connection established. >>debug1: identity file /home/gsam/.ssh/identity type -1 >>debug1: identity file /home/gsam/.ssh/id_rsa type 1 >>debug1: identity file /home/gsam/.ssh/id_dsa type -1 >>debug1: Remote protocol version 1.99, remote software version >>OpenSSH_3.4p1 FreeBSD-20020702 >>debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat OpenSSH* >>debug1: Local version string SSH-1.5-OpenSSH_3.4p1 FreeBSD-20020702 >>debug1: Waiting for server public key. >>debug1: Received server public key (768 bits) and host key (1024 bits). >>debug1: Host 'hivemind.trini0.org' is known and matches the RSA1 host key. >>debug1: Found key in /home/gsam/.ssh/known_hosts:1
Re: passwordless scp and cronjobs
> Date: Fri, 04 Oct 2002 15:48:56 -0400 > From: Gerard Samuel <[EMAIL PROTECTED]> > > I started the whole process again and added the SSH2 option to the > command line which now looks like this -> > scp -o 'Protocol=2' -v ~/temp/file.zip sys_dev@hivemind: Good. This is now at least running V2 protocol. > Towards the bottom you'll see its trying authentication methods, using > the public key as the first option. > I would tend to believe if all were well, it shouldn't have to go past > that point. This is absolutely correct. Unfortunately, the client lacks the knowledge of why the publickey method was rejected. You can only tell that the attempt failed. I doubt that you will luck into the correct fix by shots at the config file. Instead, get debug information from the server side. To do this you will need root access to the server-side system. On the server side: % /usr/sbin/sshd -p 378 -d This will start a new instance of the ssh daemon that will connect to port 378. (If 378 is not available on your system, pick another port <512.) This instance will not fork a daemon and will print verbose debug information. Then add -P 378 to the scp on the client and try again. The daemon debug information is usually enough to clarify what is failing. Finally, I really get uncomfortable seeing un-encrypted private keys being used. They are a significant vulnerability. I hope that the account is in a jail or in some other way limited in access on the destination system. You might consider the use of .shosts and host authentication for this. While there is a slightly greater possibility of spoofing, it is probably safer than an open key that can get you to somewhere vulnerable. Good luck. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 > debug1: send SSH2_MSG_SERVICE_REQUEST > debug1: service_accept: ssh-userauth > debug1: got SSH2_MSG_SERVICE_ACCEPT > debug1: authentications that can continue: > publickey,password,keyboard-interactive > debug1: next auth method to try is publickey > debug1: try pubkey: /home/gsam/.ssh/id_rsa This SHOULD have worked! > debug1: authentications that can continue: > publickey,password,keyboard-interactive > debug1: try privkey: /home/gsam/.ssh/id_dsa > debug1: next auth method to try is keyboard-interactive > Password: To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: passwordless scp and cronjobs
And deeper into the rabbit hole I go. Here is a snip from server debug -> - debug1: userauth-request for user sys_dev service ssh-connection method none debug1: attempt 0 failures 0 debug1: Starting up PAM with username "sys_dev" debug1: PAM setting rhost to "gladiator.trini0.org" Failed none for sys_dev from 192.168.0.3 port 1042 ssh2 debug1: userauth-request for user sys_dev service ssh-connection method publickey debug1: attempt 1 failures 1 debug1: test whether pkalg/pkblob are acceptable debug1: trying public key file /home/developer/.ssh/authorized_keys debug1: restore_uid debug1: trying public key file /home/developer/.ssh/authorized_keys2 Authentication refused: bad ownership or modes for file /usr/home/developer/.ssh/authorized_keys2 debug1: restore_uid Failed publickey for sys_dev from 192.168.0.3 port 1042 ssh2 Now, seeing this, got me thinking. The directory is a shared directory between shared users (some friends of mine that I trust). So I changed the ficticious user sys_dev's home directory to their own, and everything started working. Kevin, thanks for the help. Now that I have this working, I can look at locking down this little system Kevin Oberman wrote: >>Date: Fri, 04 Oct 2002 15:48:56 -0400 >>From: Gerard Samuel <[EMAIL PROTECTED]> >> >>I started the whole process again and added the SSH2 option to the >>command line which now looks like this -> >>scp -o 'Protocol=2' -v ~/temp/file.zip sys_dev@hivemind: >> >> > >Good. This is now at least running V2 protocol. > > > >>Towards the bottom you'll see its trying authentication methods, using >>the public key as the first option. >>I would tend to believe if all were well, it shouldn't have to go past >>that point. >> >> > >This is absolutely correct. Unfortunately, the client lacks the >knowledge of why the publickey method was rejected. You can only tell >that the attempt failed. > >I doubt that you will luck into the correct fix by shots at the config >file. Instead, get debug information from the server side. To do this >you will need root access to the server-side system. > >On the server side: >% /usr/sbin/sshd -p 378 -d >This will start a new instance of the ssh daemon that will connect to >port 378. (If 378 is not available on your system, pick another port ><512.) This instance will not fork a daemon and will print verbose >debug information. > >Then add -P 378 to the scp on the client and try again. The daemon >debug information is usually enough to clarify what is failing. > >Finally, I really get uncomfortable seeing un-encrypted private keys >being used. They are a significant vulnerability. I hope that the >account is in a jail or in some other way limited in access on the >destination system. > >You might consider the use of .shosts and host authentication for >this. While there is a slightly greater possibility of spoofing, it is >probably safer than an open key that can get you to somewhere >vulnerable. > >Good luck. > >R. Kevin Oberman, Network Engineer >Energy Sciences Network (ESnet) >Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) >E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 > > > >>debug1: send SSH2_MSG_SERVICE_REQUEST >>debug1: service_accept: ssh-userauth >>debug1: got SSH2_MSG_SERVICE_ACCEPT >>debug1: authentications that can continue: >>publickey,password,keyboard-interactive >>debug1: next auth method to try is publickey >>debug1: try pubkey: /home/gsam/.ssh/id_rsa >> >> >This SHOULD have worked! > > >>debug1: authentications that can continue: >>publickey,password,keyboard-interactive >>debug1: try privkey: /home/gsam/.ssh/id_dsa >>debug1: next auth method to try is keyboard-interactive >>Password: >> >> > > > > -- Gerard Samuel http://www.trini0.org:81/ http://dev.trini0.org:81/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
scp and non-shell accounts.
I have one system where my users have shell accounts and hang out on. This has an Apache server installed as a staging server. I have another system which is the production webserver. I want my users to be able to transfer files to the production webserver using scp or sftp, but not to have shell access on the production webserver. So on the production machine, each of these users has a home directory, and a shell of /sbin/nologin. The problem is, this seems to trounce scp and sftp. I get wibble@staging:~(1)$ scp transfer.txt wibble@prod:~ wibble@prod's password: [type password] This account is currently not available. [from /sbin/nologin] wibble@staging:~(2)$ sftp prod Connecting to prod... wibble@prod's password: [type password] Received message too long 173237622 wibble@staging:~(3)$ _ Do I really have to permit shell access for these accounts in order to use scp or sftp? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: showdown transfering files with scp
[EMAIL PROTECTED] wrote: I was using scp to copy several large (300-800mb) each files between two Freebsd machines. Both are on the same hub, 100MB Ethernet connection. The source box is FreeBSD 5.4 stable at a late October build date. The target is running 6.0 stable at a current build date. The first three files showed a transfer rate of about 3mb/sec and transfer took about a 5-7 minutes for each file. After the third one however the transfer rate dropped to 100-200 KB/sec. There was nothing else going on in the internal network at the time. Any ideas on what happened? Mark Jacobs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" I can't be sure if it's the issue, but at one point some individuals on the network where I worked installed hubs of their own (the non-intelligent variety of connection) and it didn't just slow them down, it dragged down the entire network segment. Since hubs are not intelligent, there are an awful lot of collisions and putting a hub downstream from the routers means that all bets are off on performance. Hope that helps. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: showdown transfering files with scp
[EMAIL PROTECTED] wrote: I was using scp to copy several large (300-800mb) each files between two Freebsd machines. Both are on the same hub, 100MB Ethernet connection. The source box is FreeBSD 5.4 stable at a late October build date. The target is running 6.0 stable at a current build date. The first three files showed a transfer rate of about 3mb/sec and transfer took about a 5-7 minutes for each file. After the third one however the transfer rate dropped to 100-200 KB/sec. There was nothing else going on in the internal network at the time. scp can be surprisingly crap and slow. If the machines are both internal try using ftp and see how that does. If that's slow too then you have a problem :-) If it isn't slow, then try the ssh-hpn port which, among other things, supports a -z flag to scp which turns off all the encryption after the initial authentication. It's also possible that one of the machines got loaded with something else around the time of your slowdown and it couldn't keep up the the encryption/description. Other things to try: 1) repeat what you did and see if it happens again. If it doesn't, then there was something going on the first time. 2) If it does happen again, try transferring the files individually, inside a for loop perhaps, and see if the problem persists. If it does, try ssh-hpn and see if that works better. Hth, --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: showdown transfering files with scp
This is a home network. Cable modem to OpenBSD firewall. Firewall to router/hub. Three PC's attached to hub. The transfer was between two of the PC's. Mark Jacobs -Original Message- From: Bill Schmitt (SW) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 08, 2006 3:52 PM To: Jacobs, Mark - Data Center Operations <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: showdown transfering files with scp [EMAIL PROTECTED] wrote: >I was using scp to copy several large (300-800mb) each files between two >Freebsd machines. Both are on the same hub, 100MB Ethernet connection. >The source box is FreeBSD 5.4 stable at a late October build date. The >target is running 6.0 stable at a current build date. > > > >The first three files showed a transfer rate of about 3mb/sec and >transfer took about a 5-7 minutes for each file. After the third one >however the transfer rate dropped to 100-200 KB/sec. There was nothing >else going on in the internal network at the time. > > > >Any ideas on what happened? > > > >Mark Jacobs > >___ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > > I can't be sure if it's the issue, but at one point some individuals on the network where I worked installed hubs of their own (the non-intelligent variety of connection) and it didn't just slow them down, it dragged down the entire network segment. Since hubs are not intelligent, there are an awful lot of collisions and putting a hub downstream from the routers means that all bets are off on performance. Hope that helps. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SFTP vs. SCP and transfer rates
Hi there Steven, not sure if anybody has posted to your question on xfer rates between sftp & scp, if so, perhaps you can indulge me. Also, do you know which would be better in terms of security? Thanks in advance. Dan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 9.0-PRERELEASE slow scp transfer
On 22/11/2011 15:17, Bas Smeelen wrote: > When i copy a file with scp which is a few hundred megabytes on2. from 1.i > get about 130 KB/s > > I can find nothing in the logs or netstat errors on this 9.0-PRERELEASE box. > I have switched network kabels and ports on the switch. > > How could i further investigate? Check the duplex settings in ifconfig(8) output on all three machines. They should all say: media: Ethernet autoselect (1000baseTX ) assuming you're not forcing everything to a particular speed. Any mention of '100baseTX ' indicates a failure to negotiate the link settings, which could well be due to a hardware problem. Mind you, in that case you'ld see plenty of errors in the output of 'netstat -i' If that's not the problem then it sounds like you've eliminated all the obvious causes. Which means a bug in 9.0-PRERELEASE, so please bring this up on freebsd-current@... where it should come to the attention of the developers working on getting 9.0 out of the door. Include 'pciconf -lbv' output for the NICs and PHYs on all three machines if you would be so kind. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: 9.0-PRERELEASE slow scp transfer
On 11/22/2011 05:09 PM, Matthew Seaman wrote: > On 22/11/2011 15:17, Bas Smeelen wrote: >> When i copy a file with scp which is a few hundred megabytes on2. from 1.i >> get about 130 KB/s >> >> I can find nothing in the logs or netstat errors on this 9.0-PRERELEASE box. >> I have switched network kabels and ports on the switch. >> >> How could i further investigate? > Check the duplex settings in ifconfig(8) output on all three machines. > They should all say: > >media: Ethernet autoselect (1000baseTX ) > > assuming you're not forcing everything to a particular speed. Any > mention of '100baseTX ' indicates a failure to negotiate > the link settings, which could well be due to a hardware problem. Mind > you, in that case you'ld see plenty of errors in the output of 'netstat -i' > > If that's not the problem then it sounds like you've eliminated all the > obvious causes. Which means a bug in 9.0-PRERELEASE, so please bring > this up on freebsd-current@... where it should come to the attention of > the developers working on getting 9.0 out of the door. Include 'pciconf > -lbv' output for the NICs and PHYs on all three machines if you would be > so kind. > > Cheers, > > Matthew > OK, thanks for the reply. They're all autonegotiated (1) 7.3-RELEASE-p2 has 1000baseTX (2) 9.0-PRERELEASE has 1000baseT (3) 7.4-RELEASE-p4 has 1000baseTX So I have switched the cables of (1) and (2) but ifconfig output stays the same, though I would suspect that (1) would become 1000baseT and (2) would become 1000baseTX I have rebooted (2) just to make sure, but still no change in de output of ifconfig Putting (2) on another port of the switch doesn't change ifconfig output either But it's solved! scp now completes with: 100% 338MB 30.7MB/s 00:11 Hmm still it should be able to go up to 120MB/s, but this could a limitation somewhere else Sorry for the noise Disclaimer: http://www.ose.nl/email ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: chroot scp only network storage?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 25/05/2010 22:29:57, Matthew Law wrote: > > I want to provide some users with secure network attached storage over > SCP. The intent is to provide people with a similar thing to, e.g. > rsync.net but inside of our network only. > > Security is obviously a priority so I would like each user to be chrooted > into their allocated directory and allow them only to execute a small set > of commands. Checkout the security/openssh-portable port which has options to enable chroot'ing. You should be able to configure the account to only be able to use scp(1) or sftp(1) by editing sshd_config or by using forced commands in the user authorized_keys files. > I have come across scponly before. Is this the best way of achieving this > with FreeBSD or is there some other better way? Another alternative is WebDAV. Run it over HTTPS for security, and use the standard Apache authn/authz controls to give each user access to only their own area. In principle your users can mount their WebDAV areas as networked filesystems on their desktops. In practice, this works fine with MacOS X, is horribly buggy under Windows, needs quite a lot of effort to make work on Linux, and I don't think it's actually available at all on FreeBSD. However, commandline clients like cadaver will work fine on anything Unixy. Cheers Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv8ScYACgkQ8Mjk52CukIyLRQCginYWfMA2AJKnxZs9rvXlg7qf CnUAnj668eKglbUe8RIfp8actDj13gYe =jATZ -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: chroot scp only network storage?
Hello, Try /usr/ports/shells/scponly . Look up the features, this way you can assign the restrictive scponly shell to the users: http://sublimation.org/scponly/wiki/index.php/Main_Page Best Regards: Balázs Mátéffy On 26 May 2010 00:05, Matthew Seaman wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 25/05/2010 22:29:57, Matthew Law wrote: > > > > I want to provide some users with secure network attached storage over > > SCP. The intent is to provide people with a similar thing to, e.g. > > rsync.net but inside of our network only. > > > > Security is obviously a priority so I would like each user to be chrooted > > into their allocated directory and allow them only to execute a small set > > of commands. > > Checkout the security/openssh-portable port which has options to enable > chroot'ing. You should be able to configure the account to only be able > to use scp(1) or sftp(1) by editing sshd_config or by using forced > commands in the user authorized_keys files. > > > I have come across scponly before. Is this the best way of achieving > this > > with FreeBSD or is there some other better way? > > Another alternative is WebDAV. Run it over HTTPS for security, and use > the standard Apache authn/authz controls to give each user access to > only their own area. In principle your users can mount their WebDAV > areas as networked filesystems on their desktops. In practice, this > works fine with MacOS X, is horribly buggy under Windows, needs quite a > lot of effort to make work on Linux, and I don't think it's actually > available at all on FreeBSD. However, commandline clients like cadaver > will work fine on anything Unixy. > >Cheers > >Matthew > > - -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > JID: matt...@infracaninophile.co.uk Kent, CT11 9PW > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2.0.14 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkv8ScYACgkQ8Mjk52CukIyLRQCginYWfMA2AJKnxZs9rvXlg7qf > CnUAnj668eKglbUe8RIfp8actDj13gYe > =jATZ > -END PGP SIGNATURE- > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: chroot scp only network storage?
On Tue, May 25, 2010 11:05 pm, Matthew Seaman wrote: > Checkout the security/openssh-portable port which has options to enable > chroot'ing. You should be able to configure the account to only be able > to use scp(1) or sftp(1) by editing sshd_config or by using forced > commands in the user authorized_keys files. This sounds pretty close to what I want. I don't want the user to be able to get a shell on the box but do want to allow them to run a small subset of useful commands over ssh such as 'ls' and of course scp files to and from it. > Another alternative is WebDAV. Run it over HTTPS for security, and use > the standard Apache authn/authz controls to give each user access to > only their own area. In principle your users can mount their WebDAV > areas as networked filesystems on their desktops. In practice, this > works fine with MacOS X, is horribly buggy under Windows, needs quite a > lot of effort to make work on Linux, and I don't think it's actually > available at all on FreeBSD. However, commandline clients like cadaver > will work fine on anything Unixy. I've had problems with exactly this before on linux. I only need to allow linux, FreeBSD and Solaris users access to this resource so will persevere with something SSH based I think. Thanks, Matt. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: chroot scp only network storage?
On Tue, May 25, 2010 11:23 pm, Balázs Mátéffy wrote: > Hello, > > > Try /usr/ports/shells/scponly . > > Look up the features, this way you can assign the restrictive scponly > shell > to the users: > > http://sublimation.org/scponly/wiki/index.php/Main_Page Thanks, I have used this before on linux. In this case it might not be exactly what I want. Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Advantage -vs- Disadvantage: SFTP -vs- SCP
Hi folks, I have a server I'm building that is internet accessible and I'm wondering if there's any advantages/disadvantages of using either SFTP -vs- SCP? My primary concern is overall security of the server (even if that means inconveniencing the end users), and I'm wondering if one method might be better than the other? Comments??? Thank you, Ed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how do i scp .dotfiles??
On 8/27/10 1:07 PM, Gary Kline wrote: > > guys, > > this is the start of my master switchover. how to i copy/scp,say, > ~/.purpur to home/kline/.purple? along with many hundreds of other > dot files? scp doesn't do it. > > tx, > scp u...@foo:\.dotfile .dotfile Regards, -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: how do i scp .dotfiles??
Rename them, copy, then rename them back? -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Gary Kline Sent: Friday, August 27, 2010 12:08 PM To: FreeBSD Mailing List Subject: how do i scp .dotfiles?? guys, this is the start of my master switchover. how to i copy/scp,say, ~/.purpur to home/kline/.purple? along with many hundreds of other dot files? scp doesn't do it. tx, gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how do i scp .dotfiles??
On Fri, Aug 27, 2010, Gary Kline wrote: > >guys, > >this is the start of my master switchover. how to i copy/scp,say, >~/.purpur to home/kline/.purple? along with many hundreds of other >dot files? scp doesn't do it. > scp -r to recursively copy directories? That should get everything in each directory. We tend to use rsync for this, making an initial copy to get the majority of the files transferred before making the final cut over, the ``rsync --delete ...'' to bring things up to date before making the final switch. When switching to a new mail server we have done this live with about 10,000 users, but when we did this, we left the Maildir stores empty before the final rsync and didn't use --delete on the Maildir directories. This allowed new mail to be processed as it came in, and the older mail wouldn't conflict as the Maildir message file names should be unique. Bill -- INTERNET: b...@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax:(206) 232-9186 Skype: jwccsllc (206) 855-5792 Rights is a fictional abstraction. No one has ``Rights'', neither machines nor flesh-and-blood. Persons... have opportunities, not rights, which they use or do not use. -- Lazarus Long ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how do i scp .dotfiles??
On Fri, 27 Aug 2010 13:19:40 -0400 Glen Barber wrote: > On 8/27/10 1:07 PM, Gary Kline wrote: > > > > guys, > > > > this is the start of my master switchover. how to i copy/scp,say, > > ~/.purpur to home/kline/.purple? along with many hundreds of other > > dot files? scp doesn't do it. > > > > tx, > > > > scp u...@foo:\.dotfile .dotfile > > Regards, > Use rsync over ssh. -- Jason Helfman System Administrator experts-exchange.com http://www.experts-exchange.com/M_4830110.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how do i scp .dotfiles??
On Fri, Aug 27, 2010 at 10:29:14AM -0700, Bill Campbell wrote: > On Fri, Aug 27, 2010, Gary Kline wrote: > > > >guys, > > > >this is the start of my master switchover. how to i copy/scp,say, > >~/.purpur to home/kline/.purple? along with many hundreds of other > >dot files? scp doesn't do it. > > > scp -r to recursively copy directories? That should get > everything in each directory. > > We tend to use rsync for this, making an initial copy to get the > majority of the files transferred before making the final cut > over, the ``rsync --delete ...'' to bring things up to date > before making the final switch. When switching to a new mail > server we have done this live with about 10,000 users, but when > we did this, we left the Maildir stores empty before the final > rsync and didn't use --delete on the Maildir directories. This > allowed new mail to be processed as it came in, and the older > mail wouldn't conflict as the Maildir message file names should > be unique. > > Bill > -- So what would the rsync line be starting from ~kline and pointing at ethiv? ethic is my temporary savings machine while i install the "newtao", m y new desktop. gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
