Linux 如何使用公钥在bash脚本中执行SCP
我很谦虚地道歉,但我在网上到处找,我还是做不到。这是我到目前为止找到的指南。我也用过作向导。但仍然没有任何效果 我需要执行一个脚本,自动将本地文件发送到远程机器。本地和远程机器都是Linux。 编辑:脚本不应该提示用户输入密码-所以我应该使用公钥 到目前为止我所做的:Linux 如何使用公钥在bash脚本中执行SCP,linux,bash,scp,Linux,Bash,Scp,我很谦虚地道歉,但我在网上到处找,我还是做不到。这是我到目前为止找到的指南。我也用过作向导。但仍然没有任何效果 我需要执行一个脚本,自动将本地文件发送到远程机器。本地和远程机器都是Linux。 编辑:脚本不应该提示用户输入密码-所以我应该使用公钥 到目前为止我所做的: ./scp_example.sh Executing: program /usr/bin/ssh host webui01, user meuser2, command scp -v -t /home/meuser OpenSSH
./scp_example.sh
Executing: program /usr/bin/ssh host webui01, user meuser2, command scp -v -t /home/meuser
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to remotemachine [###.###.###.###] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 504/505
debug1: identity file /home/meuser/.ssh/id_rsa type 1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remotemachine' is known and matches the RSA host key.
debug1: Found key in /home/meuser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Next authentication method: publickey
debug1: Offering public key: /home/meuser/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
lost connection
- 编辑:执行eval`ssh-agent`,然后执行ssh-add,然后执行ssh-copy-id
- 在本地计算机上执行ssh密钥生成,以在~/.ssh文件夹中生成id\u rsa和id\u rsa.pub
- 在ssh密钥生成中未使用密码短语
- 已将id_rsa.pub发送到远程计算机的~/.ssh文件夹中
- 将远程计算机中的id\u rsa.pub重命名为授权密钥(因为它最初不存在)
./scp_example.sh
Executing: program /usr/bin/ssh host webui01, user meuser2, command scp -v -t /home/meuser
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to remotemachine [###.###.###.###] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 504/505
debug1: identity file /home/meuser/.ssh/id_rsa type 1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remotemachine' is known and matches the RSA host key.
debug1: Found key in /home/meuser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Next authentication method: publickey
debug1: Offering public key: /home/meuser/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
lost connection
/scp\u example.sh
正在执行:程序/usr/bin/ssh主机webui01,用户meuser2,命令scp-v-t/home/meuser
OpenSSH_4.3p2,OpenSSL 0.9.8e-fips-rhel5 2008年7月1日
debug1:读取配置数据/etc/ssh/ssh\u config
debug1:将选项应用于*
debug1:连接到远程计算机[##########端口22]。
debug1:已建立连接。
debug1:永久设置uid:504/505
debug1:identity file/home/meuser/.ssh/id\u rsa类型1
debug1:加载了1个密钥
debug1:远程协议版本2.0,远程软件版本OpenSSH_5.3
debug1:match:OpenSSH_5.3 pat OpenSSH*
debug1:启用协议2.0的兼容模式
debug1:本地版本字符串SSH-2.0-OpenSSH_4.3
debug1:SSH2\u MSG\u KEXINIT已发送
debug1:SSH2\u MSG\u KEXINIT已收到
debug1:kex:server->client aes128 cbc hmac-md5无
debug1:kex:client->server aes128 cbc hmac-md5无
debug1:SSH2\u MSG\u KEX\u DH\u GEX\u请求(1024您提供的密钥被拒绝。请查看服务器日志以了解原因,确保主目录.ssh
和.ssh/authorized\u keyus
由正确的用户拥有,其他任何人都无法写入(这是最常见的错误)。尝试使用rsync它可以解决此问题:“我需要执行一个脚本,自动将本地文件发送到远程计算机。”尝试使用ssh copy id
安装公钥,而不是手动安装,如果可能的话,它会注意注意注意事项。另外(引用其手册页):“[…]如果远程sshd在其配置中设置了StrictModes
,则用户的主页、~/.ssh
文件夹和~/.ssh/authorized_keys
文件可能需要手动禁用组可写性,例如通过chmod go-w~/.ssh~/.ssh/authorized_keys
“@Drako抱歉,我没有提到我需要的是,在传输文件时,不应该有“密码”提示。我尝试了rsync,它几乎与scp相似。不过,感谢您的建议:)@MichaelJaros我已经查找了ssh副本id并找到了”“。尝试了他们的建议,但仍然没有成功:(谢谢你的帮助。我真的很想知道为什么它对其他机器有效,而对某些机器却不起作用?看看你的日志,也许你会看到一些东西……尝试连接时尝试/var/log/auth.log
和tail-F/var/log/*
。我的第一个猜测是Jakuje指出的权限,因为这是一个常见问题使用ssh公钥身份验证。