On 10/12/05, Pat Morris <p2003morris@hotmail.com> wrote:
>
>
> I just had to install last week at work, and got good instructions from
> Wayne Pollock and Bob Foxworth's book Linux Cookbook.
>
> What I did, under the Functional ID (this can be any user id) I generated
> the keys with the ssh-keygen command.
> ssh-keygen -t -b where -t is the type such as dsa and -b is an
> optional parm for size such as 2048
>
> I recommend you just hit enter on all the defaults, such as filename and
> passphrase. The public and private keys are put in your /home/.ssh
> directory. You can rename the .pub file to your machine name for support
> sake.
>
> Then, scp the *.pub file to the machine you want to exchange keys with the
> command
> scp <filename>.pub userid@hostname:directory .
> You willl be prompted for a password at this time.
> Then go to your host with the command
> ssh username host
> and again enter the remote password. This command will get you a shell.
>
> I assume you are .using SSH2 so put the .pub file on the remote host at
> their /home/.ssh directory and call it authorized_keys2. The key is just a
> single line, so
> if there is already a authorized_keys2 file just cat file >>
> authorized_keys2.
>
> You should be able to scp your files now without a password
> -Good luck -Pat
>
>
> Patricia E. Morris
> p2003morris@hotmail.com
>
>
>
> <BLOCKQUOTE style='PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT:
> #A0C6E5
> 2px solid; MARGIN-RIGHT: 0px'><font
> style='FONT-SIZE:11px;FONT-FAMILY:tahoma,sans-serif'><hr color=#A0C6E5
> size=1>
> From: <i>Keith Lelacheur <themercuryman@gmail.com></i><br>Reply-To:
> <i>slug@nks.net</i><br>To: <i>slug@nks.net</i><br>Subject: <i>Re: [SLUG]
> Re: SFTP Help</i><br>Date: <i>Tue, 11 Oct 2005 22:20:18 -0400</i><br>
> <br><br><div><span class="gmail_quote">On 10/11/05, <b
> class="gmail_sendername">Ian C. Blenke</b> <<a
> href="mailto:icblenke@nks.net">icblenke@nks.net</a>>
> wrote:</span><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt
> 0.8ex;padding-left:1ex">
> Keith Lelacheur wrote:<br><br>> Alright I am trying to use scp, but I am
> new to the whole<br>> public/private key thing. SCP wants to work but
> it is failing<br>> authentication at the key level and resorting back to
> password
> <br>> authentication. I am sure I am missing something basic, but I
> not<br>> sure what it is at this point. Here is the verbose output
> (sanitized<br>> of course). Any help is appreciated.<br><br><br>On
> LNXPROCSRVR, do:
> <br><br> [root@LNXPROCSVR Backup051011]# ssh-keygen -b 1024 -t dsa
> -P''<br> [root@LNXPROCSVR Backup051011]# scp
> ~/.ssh/id_dsa.pub<br>root@69.?.?.?:.ssh/authorized_keys<br><br>Now you
> have
> root key trust, without a passphrase, which you can use to
> <br>automate that SCP without entering a password.<br><br>With google and
> a
> bit of searching, there are a number of good guides as<br>to how this
> works.<br><br>- Ian C. Blenke <<a
> href="mailto:icblenke@nks.net">icblenke@nks.net
> </a>> <<a href="mailto:ian@blenke.com">ian@blenke.com</a>> <a
> href="http://ian.blenke.com">http://ian.blenke.com
> </a><br><br>-----------------------------------------------------------------------<br>This
> list is provided as an unmoderated internet service by Networked
> <br>Knowledge Systems (NKS). Views and opinions expressed in
> messages<br>posted are those of the author and do not necessarily reflect
> the<br>official policy or position of NKS or any of its
> employees.</blockquote><div><br>
> <br>Thanks for the help folks. I have learned a lot through this, but I
> think I am going to have to go another route to accomplish the end
> goal. It seems that the server that I am attempting to send these
> files to will not accept the keys that I generated. I do not have
> access to my home directory on the server like I would if I had an
> actual shell account. I cannot actually SSH into the server. I have
> tried Putty from windows and ssh from my Mandriva box, and I can not
> actually get to a shell prompt. When I connect using the Secure FTP
> client (with the manual entry of the password) I only have access to
> the one upload directory. I have tried to cd to what should be my home
> directory and it will not let me go there. I tried dumping the keys in
> the upload directory and then connecting using the keys for
> authentication, but to no avail. After googeling for a while I found
> out that "expect" can be used in situations like this. I have no
> Tcl
> experience at this point, but it seems like a good opportunity to learn
> something new. Anyone have any tips or experience doing something like
> this?<br><br><br>Keith <br></div><br></div><br>
>
> <br></font></BLOCKQUOTE>
>
>
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages
> posted are those of the author and do not necessarily reflect the
> official policy or position of NKS or any of its employees.
>
Finally got the thing working in a roundabout way. Maybe not the cleanest
way to do it, but it works and folks are happy. I did not know where to
begin with the "expect" scripting, but thanks to google I stumbled across
"autoexpect" which seems to work like a macro recorder of sorts. I used
"autoexpect" and then sftp'd into the remote server entering the password
manually. Once I was in the script that sftp called with the -b option was
executed and I exited the ftp session. I exited the "autoexpect" shell and
there was the script.exp file generated by autoexpect. I modified the
script.exp for my purposes and then was able to call it from my main
processing scripts, lo and behold the file was moved without manual
intervention. For those at last nights Tampa meeting and anyone else
interested, here is what the meat of the expect script ended up looking
like:
..........
set timeout -1
spawn $env(SHELL)
match_max 100000
send -- "sftp -b sftppush username@69.*.*.*\r"
expect "username@69.*.*.*'s password: "
send -- "password\r"
send -- "exit\r"
expect eof
...........
It looks very simple now that I look at it, but I would have had a devil of
a time without the autoexpect's help or a lot of reading.
The "sftppush" script called by the sftp executable is nothing special but
here it is as well:
put ./phs/PHS*.rtf
exit
Thanks to all for the help from the SLUGers
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:12:23 EDT