scp no password copy as root

Vram lamsokvr at xprt.net
Wed Nov 9 05:44:17 UTC 2005


Ok...I see the answer way at the bottom..


Where I should be..

OK



On Tue, 2005-11-08 at 21:27 -0800, Vram wrote:
> 
> 
> I guess I am confused..
> 
> Why do you need to copy files as root..
> 
> This is a BAD practice..
> 
> 
> Vram
> 
> 
> 
> On Wed, 2005-11-09 at 16:14 +1100, Steven Heimann wrote:
> > Vram
> > 
> > Thanks for your interest.  I should have thought to include the config
> > file.  I think it is back to unchanges from the default.
> > 
> > Steven
> > 
> > 
> > # Package generated configuration file
> > # See the sshd(8) manpage for details
> > 
> > # What ports, IPs and protocols we listen for
> > Port 22
> > # Use these options to restrict which interfaces/protocols sshd will
> > bind to
> > #ListenAddress ::
> > #ListenAddress 0.0.0.0
> > Protocol 2
> > # HostKeys for protocol version 2
> > HostKey /etc/ssh/ssh_host_rsa_key
> > HostKey /etc/ssh/ssh_host_dsa_key
> > #Privilege Separation is turned on for security
> > UsePrivilegeSeparation yes
> > 
> > # Lifetime and size of ephemeral version 1 server key
> > KeyRegenerationInterval 3600
> > ServerKeyBits 768
> > 
> > # Logging
> > SyslogFacility AUTH
> > LogLevel INFO
> > 
> > # Authentication:
> > LoginGraceTime 120
> > PermitRootLogin yes
> > StrictModes yes
> > 
> > RSAAuthentication yes
> > PubkeyAuthentication yes
> > AuthorizedKeysFile	%h/.ssh/authorized_keys
> > 
> > # Don't read the user's ~/.rhosts and ~/.shosts files
> > IgnoreRhosts yes
> > # For this to work you will also need host keys in /etc/ssh_known_hosts
> > RhostsRSAAuthentication no
> > # similar for protocol version 2
> > HostbasedAuthentication no
> > # Uncomment if you don't trust ~/.ssh/known_hosts for
> > RhostsRSAAuthentication
> > #IgnoreUserKnownHosts yes
> > 
> > # To enable empty passwords, change to yes (NOT RECOMMENDED)
> > PermitEmptyPasswords no
> > 
> > # Change to yes to enable challenge-response passwords (beware issues
> > with
> > # some PAM modules and threads)
> > ChallengeResponseAuthentication no
> > 
> > # Change to no to disable tunnelled clear text passwords
> > #PasswordAuthentication yes
> > 
> > 
> > # To change Kerberos options
> > #KerberosAuthentication no
> > #KerberosOrLocalPasswd yes
> > #AFSTokenPassing no
> > #KerberosTicketCleanup no
> > 
> > # Kerberos TGT Passing does only work with the AFS kaserver
> > #KerberosTgtPassing yes
> > 
> > X11Forwarding yes
> > X11DisplayOffset 10
> > PrintMotd no
> > PrintLastLog yes
> > KeepAlive yes
> > #UseLogin no
> > 
> > #MaxStartups 10:30:60
> > #Banner /etc/issue.net
> > 
> > # Allow client to pass locale environment variables
> > AcceptEnv LANG LC_*
> > 
> > Subsystem sftp /usr/lib/openssh/sftp-server
> > 
> > UsePAM yes
> > 
> > 
> > On Tue, 2005-11-08 at 20:03 -0800, Vram wrote:
> > > On Wed, 2005-11-09 at 14:46 +1100, Steven Heimann wrote:
> > > > I am trying to perform a passwordless scp from one computer to my
> > > > desktop which is running Ubuntu 5.10.
> > > > 
> > > > I have performed the usual key generation and copied it to my desktop.
> > > > I am sure the keys were generated without a password.  The system works
> > > > fine as an ordinary user but I can't get it to work as root.
> > > > 
> > > > I have tried :
> > > > 
> > > > 1. creating a root password on the desktop.  I can perform the copy once
> > > > the password is supplied even thogh there is definitely a passwordless
> > > > entry authorized_keys.
> > > > 
> > > > 2. changing PermitRootLogin from yes to without-password.  This results
> > > > in the password still being asked for but not accepted.
> > > > 
> > > > 3.  putting a copy of authosized_keys in authorized_keys2
> > > > 
> > > > 4.  making a copy in /home/root/.ssh (just in case it might work)
> > > > 
> > > > What could be stopping me doing the root copy?  ( I need to do it as
> > > > root as this is backing up a database server with files owned by a
> > > > number of different users and some files are read only)
> > > > 
> > > > Thank you
> > > > Steven
> > > > 
> > > > 
> > > 
> > > 
> > > 
> > > What does /etc/ssh/sshd_config say??
> > > 
> > > 
> > > Vram
> > > 
> > > 
> > > 
> > > 
> 
> 





More information about the ubuntu-users mailing list