scp no password copy as root
Vram
lamsokvr at xprt.net
Wed Nov 9 05:44:17 UTC 2005
Ok...I see the answer way at the bottom..
Where I should be..
OK
On Tue, 2005-11-08 at 21:27 -0800, Vram wrote:
>
>
> I guess I am confused..
>
> Why do you need to copy files as root..
>
> This is a BAD practice..
>
>
> Vram
>
>
>
> On Wed, 2005-11-09 at 16:14 +1100, Steven Heimann wrote:
> > Vram
> >
> > Thanks for your interest. I should have thought to include the config
> > file. I think it is back to unchanges from the default.
> >
> > Steven
> >
> >
> > # Package generated configuration file
> > # See the sshd(8) manpage for details
> >
> > # What ports, IPs and protocols we listen for
> > Port 22
> > # Use these options to restrict which interfaces/protocols sshd will
> > bind to
> > #ListenAddress ::
> > #ListenAddress 0.0.0.0
> > Protocol 2
> > # HostKeys for protocol version 2
> > HostKey /etc/ssh/ssh_host_rsa_key
> > HostKey /etc/ssh/ssh_host_dsa_key
> > #Privilege Separation is turned on for security
> > UsePrivilegeSeparation yes
> >
> > # Lifetime and size of ephemeral version 1 server key
> > KeyRegenerationInterval 3600
> > ServerKeyBits 768
> >
> > # Logging
> > SyslogFacility AUTH
> > LogLevel INFO
> >
> > # Authentication:
> > LoginGraceTime 120
> > PermitRootLogin yes
> > StrictModes yes
> >
> > RSAAuthentication yes
> > PubkeyAuthentication yes
> > AuthorizedKeysFile %h/.ssh/authorized_keys
> >
> > # Don't read the user's ~/.rhosts and ~/.shosts files
> > IgnoreRhosts yes
> > # For this to work you will also need host keys in /etc/ssh_known_hosts
> > RhostsRSAAuthentication no
> > # similar for protocol version 2
> > HostbasedAuthentication no
> > # Uncomment if you don't trust ~/.ssh/known_hosts for
> > RhostsRSAAuthentication
> > #IgnoreUserKnownHosts yes
> >
> > # To enable empty passwords, change to yes (NOT RECOMMENDED)
> > PermitEmptyPasswords no
> >
> > # Change to yes to enable challenge-response passwords (beware issues
> > with
> > # some PAM modules and threads)
> > ChallengeResponseAuthentication no
> >
> > # Change to no to disable tunnelled clear text passwords
> > #PasswordAuthentication yes
> >
> >
> > # To change Kerberos options
> > #KerberosAuthentication no
> > #KerberosOrLocalPasswd yes
> > #AFSTokenPassing no
> > #KerberosTicketCleanup no
> >
> > # Kerberos TGT Passing does only work with the AFS kaserver
> > #KerberosTgtPassing yes
> >
> > X11Forwarding yes
> > X11DisplayOffset 10
> > PrintMotd no
> > PrintLastLog yes
> > KeepAlive yes
> > #UseLogin no
> >
> > #MaxStartups 10:30:60
> > #Banner /etc/issue.net
> >
> > # Allow client to pass locale environment variables
> > AcceptEnv LANG LC_*
> >
> > Subsystem sftp /usr/lib/openssh/sftp-server
> >
> > UsePAM yes
> >
> >
> > On Tue, 2005-11-08 at 20:03 -0800, Vram wrote:
> > > On Wed, 2005-11-09 at 14:46 +1100, Steven Heimann wrote:
> > > > I am trying to perform a passwordless scp from one computer to my
> > > > desktop which is running Ubuntu 5.10.
> > > >
> > > > I have performed the usual key generation and copied it to my desktop.
> > > > I am sure the keys were generated without a password. The system works
> > > > fine as an ordinary user but I can't get it to work as root.
> > > >
> > > > I have tried :
> > > >
> > > > 1. creating a root password on the desktop. I can perform the copy once
> > > > the password is supplied even thogh there is definitely a passwordless
> > > > entry authorized_keys.
> > > >
> > > > 2. changing PermitRootLogin from yes to without-password. This results
> > > > in the password still being asked for but not accepted.
> > > >
> > > > 3. putting a copy of authosized_keys in authorized_keys2
> > > >
> > > > 4. making a copy in /home/root/.ssh (just in case it might work)
> > > >
> > > > What could be stopping me doing the root copy? ( I need to do it as
> > > > root as this is backing up a database server with files owned by a
> > > > number of different users and some files are read only)
> > > >
> > > > Thank you
> > > > Steven
> > > >
> > > >
> > >
> > >
> > >
> > > What does /etc/ssh/sshd_config say??
> > >
> > >
> > > Vram
> > >
> > >
> > >
> > >
>
>
More information about the ubuntu-users
mailing list