User login

Home
 Transfering files directly between two servers: setting up ssh keys

Transfering files directly between two servers: setting up ssh keys

Submitted by Benjamin Melançon on August 4, 2007 - 9:19am
in

Search words: upload ssh

Two servers with ssh keys instead of password logins won't let you copy a file directly between servers until you set this up.

(These instructions may be incomplete.)

On the new server:

cp /home/dan/.ssh/id_rsa.pub /home/dan/

If there is no file like that or .pub, make it first: ssh-keygen -t dsa

From your computer:

Bring the id_rsa.pub (or id_dsa.pub, if you created it per above, the examples here mix the two to make sure you don't just copy and paste. Typing builds character)-- bring the file down to the local computer, from the new server, using scp:

scp -r ben@newserver.com:/home/dan/id_dsa.pub id_dsa.pub

The file is moved from .ssh because my user, ben, can't sudo into user dan's ssh folder, in any way that I know of, from a remote computer.

For root, and in this case root's own public key, it could be simply:

scp root@newserver.com:/root/.ssh/id_dsa.pub id_dsa.pub

Now scp that file up to the old, or main, server:

Ebony:~/Documents/Agaric Design Collective/Us/Dan ben$ scp id_rsa.pub ben@oldserver.example.com:/home/ben/id_rsa.pub

On the old server:

cd ~
su root

mv id_rsa.pub /home/dan/
cat /home/dan/id_rsa.pub >> /home/dan/.ssh/authorized_keys

Now, from the new server, you can do commands like:

scp ben@oldserver.example.com:/home/ben/wsf_copy.sql wsf_copy.sql

Another maybe cleaner example

On local computer:
scp Dan/ubuntumini/id_dsa.pub ben@server.grassrootsconnection.org:~      
id_dsa.pub 100% 599 0.6KB/s 00:00

On the server:

ben@server:~$ su root
Password:
server:/home/ben# cat id_dsa.pub >> /home/dan/.ssh/authorized_keys

Search words: upload ssh Two servers with ssh keys instead of password logins won't let you copy a file directly between servers until you set this up. (These instructions may be incomplete.) On the new server: cp /home/dan/.ssh/id_rsa.pub /home/dan/ If there is no file like that or .pub, make it first: ssh-keygen -t dsa From your computer: Bring the id_rsa.pub (or id_dsa.pub, if you created it per above, the examples here mix the two to make sure you don't just copy and paste. Typing builds character)-- bring the file down to the local computer, from the new server, using scp: scp -r ben@newserver.com:/home/dan/id_dsa.pub id_dsa.pub
The file is moved from .ssh because my user, ben, can't sudo into user dan's ssh folder, in any way that I know of, from a remote computer. For root, and in this case root's own public key, it could be simply: scp root@newserver.com:/root/.ssh/id_dsa.pub id_dsa.pub
Now scp that file up to the old, or main, server: Ebony:~/Documents/Agaric Design Collective/Us/Dan ben$ scp id_rsa.pub ben@oldserver.example.com:/home/ben/id_rsa.pub On the old server: cd ~ su root mv id_rsa.pub /home/dan/ cat /home/dan/id_rsa.pub >> /home/dan/.ssh/authorized_keys Now, from the new server, you can do commands like: scp ben@oldserver.example.com:/home/ben/wsf_copy.sql wsf_copy.sql

Another maybe cleaner example

On local computer: scp Dan/ubuntumini/id_dsa.pub ben@server.grassrootsconnection.org:~ id_dsa.pub 100% 599 0.6KB/s 00:00 On the server: ben@server:~$ su root Password: server:/home/ben# cat id_dsa.pub >> /home/dan/.ssh/authorized_keys

Comments

I had so much trouble

Submitted by Benjamin Melançon on October 22, 2007 - 1:05pm.

I had so much trouble finding this post again, here's a mess of key words:

ssh key access
server key access
public key
ssh server access
cat pub

some more... getting two servers to communicate agaric

Did it the vice versa way for convenience of sending from server

Submitted by Benjamin Melançon on April 8, 2008 - 8:04pm.

Server 1 (which does not yet have access to server 2):

ssh-keygen -t dsa

Server 2 (which already had access to server 1, otherwise you'd need to do the up-and-down steps above):

sudo scp -r ben@grassrootsconnection.org:~/.ssh/id_dsa.pub id_dsa.pub
cat id_dsa.pub >> .ssh/authorized_keys

And that's it! (This gives access only for user ben.)

If you still have password login

Submitted by Benjamin Melançon on October 14, 2008 - 4:02am.

there is a shortcut, courtesy Stefan.

First step only if no public key for your user on that server already (that is, if it asks you to overwrite a file, say no, unless you know the file is no good, blacklisted by a security update for instance).

If the ssh-copy-id step doesn't work, run exec ssh-agent bash first.

From the server you are on, with dest.example.org being the new server or otherwise destination server you are trying to access with passkeys:

ssh-keygen
ssh-copy-id dest.example.org

Bonus! Watch success in action (or analyze failure) with (on the destination server, generally):
sudo tail /var/log/auth.log

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <blockquote> <small> <h2> <h3> <h4> <h5> <h6> <sub> <sup> <p> <br> <strike> <table> <tr> <td> <thead> <th> <tbody> <tt> <output>
  • Lines and paragraphs break automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.