Consenso all'uso dei cookies

SITO1 -- SITO2 -- Forum1 -- CercaGlobale -- Informativa su Cookie e Privacy


Valutazione discussione:
  • 0 voto(i) - 0 media
  • 1
  • 2
  • 3
  • 4
  • 5
usare il comando scp senza password
#1
salve,

Ho uno script che parte in automatico all’ avvio del pc per trasferire un file dal mio server al mio pc locale tramite il comando scp. Peccato che scp richiede la password, quindi il comando fallisce.


Secondo il manuale di scp pare che sia posasibile fare in modo che non venga richiesta la password.



Codice:
man scp
-B Selects batch mode (prevents asking for passwords or
passphrases).
-i identity_file
Selects the file from which the identity (private key) for public
key authentication is read. This option is directly passed to
ssh(1).



In rete trovo un link che spiega come creare le chiavi pubbliche :


https://www.debian.org/devel/passwordlessssh.it.html

  • Eseguire 
    ssh-keygen
  •  sulla tua macchina e premere Invio quando viene chiesta la password. 
    Verranno generate sia la chiave privata che quella pubblica. Con le vecchie versioni di SSH, le chiavi sarano memorizzate in 

    ~/.ssh/identity
  •  e 
    ~/.ssh/identity.pub
  • ; con le nuove versioni saranno memorizzate in 
    ~/.ssh/id_rsa
  •  e 
    ~/.ssh/id_rsa.pub
  • .
  • Successivamente aggiungere il contenuto del file con la chiave pubblica in 
    ~/.ssh/authorized_keys
  •  sul sito remoto (il file deve essere protetto con permessi 600). 

però a me le chiavi vengono create in home/danilo, quindi ho creato in .ssh la cartella id.rsa e vi ho copiato dentro la miakey. Idem sul server, dove ho creato in .ssh la cartella
Codice:
authorized_keys
e gli ho copiato dentro la miakey.pub





questi sono i permessi che ho dato
In locale:



Codice:
danilo@danilo-CX70-2PF:~$ ls -l /home/danilo/.ssh/id_rsa
ls: impossibile accedere a '/home/danilo/.ssh/id_rsa/miakey': Permesso negato
totale 0
-????????? ? ? ? ? ? miakey
danilo@danilo-CX70-2PF:~$ sudo ls -l /home/danilo/.ssh/id_rsa
[sudo] password di danilo:
totale 4
-rw------- 1 danilo danilo 1679 set 16 07:41 miakey
danilo@danilo-CX70-2PF:~$ ls -l /home/danilo/.ssh/
totale 24
drw------- 2 danilo danilo 4096 set 16 07:46 id_rsa
drw------- 2 danilo danilo 4096 set 16 07:46 id_rsa.pub
-rw-r--r-- 1 danilo danilo 444 ago 24 10:13 known_hosts
-rw-r--r-- 1 danilo danilo 666 lug 15 2017 known_hosts_0
-rw-r--r-- 1 danilo danilo 888 ago 2 17:28 known_hosts_mio_old
-rw-r--r-- 1 danilo danilo 666 lug 10 11:43 known_hosts.old
danilo@danilo-CX70-2PF:~$





e sul server:



Codice:
danilo@danyred:~$ ls -l /home/danilo/.ssh
total 8
drw------- 2 danilo danilo 4096 set 16 07:46 authorized_keys
-rwxrwxrwx 1 danilo danilo 444 set 4 07:20 known_hosts
danilo@danyred:~$ ls -l /home/danilo/.ssh/authorized_keys
ls: cannot access '/home/danilo/.ssh/authorized_keys/miakey.pub': Permission denied
total 0
-????????? ? ? ? ? ? miakey.pub
danilo@danyred:~$ sudo ls -l /home/danilo/.ssh/authorized_keys
total 4
-rw-r--r-- 1 danilo danilo 404 set 16 07:41 miakey.pub
danilo@danyred:~$



ma il comando fallisce, anche se non mi richiede la password:



Codice:
danilo@danilo-CX70-2PF:~$ scp -vvv -B -i /home/danilo/.ssh/authorized_keys/miakey.pub danilo@192.168.1.24:/home/danilo/*.sql /home/danilo/backupsql/.
Executing: program /usr/bin/ssh host 192.168.1.24, user danilo, command scp -v -f /home/danilo/*.sql
Warning: Identity file /home/danilo/.ssh/authorized_keys/miakey.pub not accessible: No such file or directory.
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "192.168.1.24" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.1.24 [192.168.1.24] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/danilo/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Ubuntu-10
debug1: match: OpenSSH_7.4p1 Ubuntu-10 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.1.24:22 as 'danilo'
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vsIVU9dAKaOP0tvN/6dd9YpQNLu3hy0BznPf9Gsd8ss
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug1: Host '192.168.1.24' is known and matches the ECDSA host key.
debug1: Found key in /home/danilo/.ssh/known_hosts:2
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/danilo/.ssh/id_rsa ((nil))
debug2: key: /home/danilo/.ssh/id_dsa ((nil))
debug2: key: /home/danilo/.ssh/id_ecdsa ((nil))
debug2: key: /home/danilo/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-with-mic,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/danilo/.ssh/id_rsa
Load key "/home/danilo/.ssh/id_rsa": Is a directory
debug1: Trying private key: /home/danilo/.ssh/id_dsa
debug3: no such identity: /home/danilo/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/danilo/.ssh/id_ecdsa
debug3: no such identity: /home/danilo/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/danilo/.ssh/id_ed25519
debug3: no such identity: /home/danilo/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
danilo@192.168.1.24: Permission denied (publickey,password).
danilo@danilo-CX70-2PF:~$




Pare che manchino parecchie cose. Come si creano?


Grazie
danilo
Cita messaggio
Grazie da:
#2
hai controllato che l'intero percorso alla chiave sia accessibile? da quello che hai postato sembra che le cartelle dentro le quali ci sono i file siano accessibili solo all'utente. Proverei a modificare i permessi alle cartelle, controllando anche l'intero percorso.

Edit: ho provato la procedura di creazione delle chiavi e a me lo salva nella directory ~/.ssh/id_rsa come spiegato nel link che hai postato. Però io uso Debian, forse le impostazioni di salvataggio dipendono dalla distro.
Linux User # 207701 - Non ho particolari talenti. Sono soltanto appassionatamente curioso - Albert Einstein
Cita messaggio
Grazie da:
#3
grazie,
nel frattempo mi sono accorto che id_rsa non è una cartella, ma il nome che deve avere la chiave.
 ma anche così non cambia niente.
per quanto riguarda i permessi: se li imposto a 777 e non a 600 da subito errore:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for '/home/danilo/.ssh' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.

 per la chiave pubblica sul server, non cambia niente se i permessi sono 600 o 777.
ora la situazione è questa:


Codice:
danilo@danilo-CX70-2PF:~$ scp -vvv -B -i /home/danilo/.ssh/authorized_keys.pub   danilo@192.168.1.24:/home/danilo/*.sql /home/danilo/backupsql/.
Executing: program /usr/bin/ssh host 192.168.1.24, user danilo, command scp -v -f /home/danilo/*.sql
Warning: Identity file /home/danilo/.ssh/authorized_keys.pub not accessible: No such file or directory.
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "192.168.1.24" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.1.24 [192.168.1.24] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/danilo/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Ubuntu-10
debug1: match: OpenSSH_7.4p1 Ubuntu-10 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.1.24:22 as 'danilo'
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vsIVU9dAKaOP0tvN/6dd9YpQNLu3hy0BznPf9Gsd8ss
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug1: Host '192.168.1.24' is known and matches the ECDSA host key.
debug1: Found key in /home/danilo/.ssh/known_hosts:2
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/danilo/.ssh/id_rsa ((nil))
debug2: key: /home/danilo/.ssh/id_dsa ((nil))
debug2: key: /home/danilo/.ssh/id_ecdsa ((nil))
debug2: key: /home/danilo/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-with-mic,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/danilo/.ssh/id_rsa
debug3: sign_and_send_pubkey: RSA SHA256:TSqlDJetFI7Uv4kVZlIZfwNfzzd4mm7T94/HOitwMmA
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/danilo/.ssh/id_dsa
debug3: no such identity: /home/danilo/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/danilo/.ssh/id_ecdsa
debug3: no such identity: /home/danilo/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/danilo/.ssh/id_ed25519
debug3: no such identity: /home/danilo/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
danilo@192.168.1.24: Permission denied (publickey,password).
danilo@danilo-CX70-2PF:~$
Cita messaggio
Grazie da:
#4
@vor-paul, cortesemnete quando inserisci dei listati così lunghi usa i tag code.
Per ora ho provveduto io  At
mandi...Eugenio
Cita messaggio
Grazie da:
#5
Hai creato le chiavi sia per il pc locale che per il server e poi le hai condivise una con l'altro? è possibile che l'identità faccia riferimento alla chiave sul pc locale e non quella sul server e che quindi ti dia errore perchè non la trova?
Linux User # 207701 - Non ho particolari talenti. Sono soltanto appassionatamente curioso - Albert Einstein
Cita messaggio
Grazie da:
#6
innanzitutto scusatemi per non aver usato i tag.

 ora ho rigenerato le chiavi chiamandole direttamente come indicato nel link,
 ho dato il 600 alla chiave locale e 777 a quella del server.

nel comando scp nel path relativo alla chiave ho messo quello della chiave locale (prima usavo quello del server)
ora molti errori sono spariti, ma il comando fallisce sempre per lo stesso motivo
(Permission denied (publickey,password)).

Codice:
danilo@danilo-CX70-2PF:~$ scp -vvv -B -i /home/danilo/.ssh/id_rsa   danilo@192.168.1.24:/home/danilo/*.sql /home/danilo/backupsql/.
Executing: program /usr/bin/ssh host 192.168.1.24, user danilo, command scp -v -f /home/danilo/*.sql
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "192.168.1.24" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.1.24 [192.168.1.24] port 22.
debug1: Connection established.
debug1: identity file /home/danilo/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Ubuntu-10
debug1: match: OpenSSH_7.4p1 Ubuntu-10 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.1.24:22 as 'danilo'
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vsIVU9dAKaOP0tvN/6dd9YpQNLu3hy0BznPf9Gsd8ss
debug3: hostkeys_foreach: reading file "/home/danilo/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/danilo/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 192.168.1.24
debug1: Host '192.168.1.24' is known and matches the ECDSA host key.
debug1: Found key in /home/danilo/.ssh/known_hosts:2
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/danilo/.ssh/id_rsa (0x55d3d4e20800), explicit, agent
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-with-mic,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:LIYYN2Eo7WAHCHQslEjHz28FVDPYUu7EsLJ03DBM4t4 /home/danilo/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
danilo@192.168.1.24: Permission denied (publickey,password).
danilo@danilo-CX70-2PF:~$
Citazione:m3nhir: Hai creato le chiavi sia per il pc locale che per il server e poi le hai condivise una con l'altro?
 come si fa a condividerle? io dopo averle create ho copiato quella pubblica sul server chiamandola authorized_keys

Citazione:m3nhir: è possibile che l'identità faccia riferimento alla chiave sul pc locale e non quella sul server e che quindi ti dia errore perchè non la trova?
probabilmente è così, ma ora l' ho cambiata.
Cita messaggio
Grazie da:
#7
Citazione: Citazione:
m3nhir: Hai creato le chiavi sia per il pc locale che per il server e poi le hai condivise una con l'altro?

come si fa a condividerle? io dopo averle create ho copiato quella pubblica sul server chiamandola authorized_keys
Intendevo dire di creare le chiavi sia sul server che sul pc locale e poi importare la chiave pubblica del server sul pc e quella del pc sul server.
Linux User # 207701 - Non ho particolari talenti. Sono soltanto appassionatamente curioso - Albert Einstein
Cita messaggio
Grazie da:
#8
ho provato ora tutta la procedura e funziona. Ho usato un raspberry come seconda macchina su cui trasferire i files (su tutte e due le macchine gira Debian) questi i passi:
Ho generato le chiavi con il comando come da link che hai postato. Poi ho copiato la chiave id_rsa.pub del pc nella home utente del raspberry e quella del raspberry nella home utente del pc.
Quindi ho eseguito questo comando (sia sul pc che sul raspberry)
Codice:
cat id_rsa.pub > ~/.ssh/authorized_keys
"authorized_keys" è un file, non una cartella. Quindi ho testato il tutto trasferendo un file di prova:
Codice:
scp -v -B -i /home/utente_pc/.ssh/id_rsa file_di_prova.txt utente_raspberry@ip_raspberry:/home/utente_raspberry/
e funziona. Smile
Linux User # 207701 - Non ho particolari talenti. Sono soltanto appassionatamente curioso - Albert Einstein
Cita messaggio
Grazie da:
#9
grazie,
ho provato, ma senza successo.
ora cancello tutto quello che riguarda le chiavi generate sia sul pc che sul server e ci riprovo.
Cita messaggio
Grazie da:
#10
ho riprovato: niente da fare:

lato pc:

Codice:
danilo@danilo-CX70-2PF:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/danilo/.ssh/id_rsa): /home/danilo/.ssh/id_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/danilo/.ssh/id_rsa.
Your public key has been saved in /home/danilo/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:TCjGsULRANT/sVWR1zzy8Zz8ctKHzYAHw8QnJdBrFZA danilo@danilo-CX70-2PF
The key's randomart image is:
+---[RSA 2048]----+
|oo=+.     .B*+=. |
| . o.o .   oE+o= |
|  . * . . . .O+.=|
|   o o + .  + o+o|
|      . S  . . *.|
|       o      + B|
|               +.|
|                 |
|                 |
+----[SHA256]-----+

poi ho copiato la id_rsa.pub dalla .ssh del server  alla /home/danilo del pc
Codice:
danilo@danilo-CX70-2PF:~$ ls -l id_rsa*
-rw-r--r-- 1 danilo danilo 396 set 17 11:00 id_rsa.pub
danilo@danilo-CX70-2PF:~$ cat id_rsa.pub > ~/.ssh/authorized_keys
danilo@danilo-CX70-2PF:~$ ls -l .ssh/
totale 28
-rw-r--r-- 1 danilo danilo  396 set 17 11:01 authorized_keys
-rw------- 1 danilo danilo 1675 set 17 10:57 id_rsa
-rw-r--r-- 1 danilo danilo  404 set 17 10:57 id_rsa.pub
-rw-r--r-- 1 danilo danilo 1328 set 16 12:13 known_hosts
-rw-r--r-- 1 danilo danilo  666 lug 15  2017 known_hosts_0
-rw-r--r-- 1 danilo danilo  888 ago  2 17:28 known_hosts_mio_old
-rw-r--r-- 1 danilo danilo  666 lug 10 11:43 known_hosts.old
danilo@danilo-CX70-2PF:~$



lato server:
Codice:
danilo@danyred:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/danilo/.ssh/id_rsa): /home/danilo/.ssh/id_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/danilo/.ssh/id_rsa.
Your public key has been saved in /home/danilo/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:VQe2AuRR60S8oxRMRsOu2aokHQh51jb652a9Jdau+Xs danilo@danyred
The key's randomart image is:
+---[RSA 2048]----+
|       *Ooo +..  |
| . .   o+=.+ o   |
|o o +  ...=..    |
| + + .  o+o.     |
|  o .  =S...     |
|   o .o o.       |
|  . + .oo o      |
|   o o+..=  E    |
|    .+. +++o     |
+----[SHA256]-----+


poi ho copiato la id_rsa.pub dalla .ssh del pc sulla /home/danilo del server

"
danilo@danyred:~$ cat id_rsa.pub > ~/.ssh/authorized_keys
danilo@danyred:~$ ls -l id_rsa*
-rw-r--r-- 1 danilo danilo 404 set 17 10:59 id_rsa.pub
danilo@danyred:~$ ls -l .ssh/id_rsa*
-rw------- 1 danilo danilo 1679 set 17 10:57 .ssh/id_rsa
-rw-r--r-- 1 danilo danilo  396 set 17 10:57 .ssh/id_rsa.pub
danilo@danyred:~$ ls -l .ssh/auth*
-rw-rw-r-- 1 danilo danilo 404 set 17 11:00 .ssh/authorized_keys
danilo@danyred:~$ 

"



prova:

"danilo@danilo-CX70-2PF:~$ scp -v -B -i /home/danilo/.ssh/id_rsa pippolo.txt danilo@192.168.1.24:/home/danilo/.
Executing: program /usr/bin/ssh host 192.168.1.24, user danilo, command scp -v -t /home/danilo/.
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.1.24 [192.168.1.24] port 22.
debug1: Connection established.
debug1: identity file /home/danilo/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/danilo/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Ubuntu-10
debug1: match: OpenSSH_7.4p1 Ubuntu-10 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.24:22 as 'danilo'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:vsIVU9dAKaOP0tvN/6dd9YpQNLu3hy0BznPf9Gsd8ss
debug1: Host '192.168.1.24' is known and matches the ECDSA host key.
debug1: Found key in /home/danilo/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:TCjGsULRANT/sVWR1zzy8Zz8ctKHzYAHw8QnJdBrFZA /home/danilo/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
danilo@192.168.1.24: Permission denied (publickey,password).
lost connection
danilo@danilo-CX70-2PF:~$ "



Scusatemi, ma per per gli ultimi due non sono riuscito ad usare nessun tipo di tag
Cita messaggio
Grazie da:


Vai al forum:


Utenti che stanno guardando questa discussione: 1 Ospite(i)