{"id":2753,"date":"2017-01-10T12:43:51","date_gmt":"2017-01-10T19:43:51","guid":{"rendered":"http:\/\/mattfife.com\/?p=2753"},"modified":"2023-11-04T22:35:00","modified_gmt":"2023-11-05T05:35:00","slug":"scp-without-entering-a-password-each-time","status":"publish","type":"post","link":"https:\/\/mattfife.com\/?p=2753","title":{"rendered":"scp without entering a password each time"},"content":{"rendered":"
\n

Lets say you want to copy between two hosts\u00a0host_src<\/span><\/b><\/span>\u00a0and\u00a0remote_machine<\/span><\/b>. host_src<\/span><\/span><\/b> <\/b>is the host where you would run \u00a0<\/span>scp<\/span><\/span>,<\/span><\/span> ssh<\/span><\/span> or<\/span><\/span> rsyn<\/span><\/span>, <\/span>irrespective of the direction of the file copy.<\/span><\/span><\/p>\n

    \n
  1. On <\/span>host_src<\/span><\/span><\/b>, run this command as the user that runs <\/span>scp<\/span><\/span>\/<\/span>ssh<\/span><\/span>\/<\/span>rsync
    \n<\/span><\/span>$ ssh-keygen -t rsa
    \n<\/span><\/span>This will prompt for a passphrase. Just press the enter key.
    \n<\/span>If you assign a password to the key, then you’ll need to enter it each time you scp. It will then generate a private key and a public key. ssh-keygen<\/span> shows where it saved the public key. This is by default ~\/.ssh\/id_rsa.pub.
    \n<\/span><\/span>Your public key has been saved in <your_home_dir>\/.ssh\/id_rsa.pub<\/span><\/span><\/li>\n<\/ol>\n
      \n
    1. Copy the<\/span><\/span> id_rsa.pub<\/span><\/span> file to<\/span><\/span> remote_machine<\/span><\/span>\u00a0by either<\/span><\/span> ftp<\/span><\/span>, <\/span>scp<\/span><\/span>,<\/span><\/span> rsync<\/span><\/span> or any other method.<\/span><\/span><\/li>\n<\/ol>\n
        \n
      1. On\u00a0remote_machine<\/span><\/b><\/span><\/span>, login as the remote user which you plan to use when you run <\/span><\/span>scp<\/span><\/span>, <\/span><\/span>ssh<\/span><\/span>or <\/span><\/span>rsync<\/span><\/span>.<\/span><\/span><\/li>\n
      2. Append the contents of <\/span><\/span>id_rsa.pub<\/span><\/span> to <\/span><\/span>~\/.ssh\/authorized_keys
        \n<\/span><\/span>$ cat id_rsa.pub >>~\/.ssh\/authorized_keys
        \n$ chmod 700 ~\/.ssh\/authorized_keys<\/li>\n<\/ol>\n

        If this file does not exists, then the above cat command will create it. Make sure you remove permission for others to read this file via chmod. If its a public key, why prevent others from reading this file? Probably, the owner of the key has distributed it to a few trusted users and has not placed any additional security measures to check if its really a trusted user.<\/span><\/span><\/p>\n

        Optional – allowing root to ssh:<\/h3>\n
          \n
        1. ssh by default does not allow root to log in. This has to be explicitly enabled on\u00a0remote_machine<\/span><\/b>. This can be done by editing \/etc\/ssh\/sshd_config<\/span> and changing the option of PermitRootLogin\u00a0<\/span><\/b>from no<\/span><\/b> to yes<\/span><\/b>.<\/li>\n
        2. Don’t forget to restart sshd<\/b> so that it reads the modified config file.<\/li>\n
        3. Do this only<\/b><\/i> if you want to use the root login.<\/li>\n<\/ol>\n

          That’s it. Now you can run <\/span>scp<\/span>, <\/span>ssh\u00a0<\/span>and <\/span>rsync\u00a0<\/span>on <\/span>host_src<\/span><\/b> connecting to\u00a0remote_machine<\/span><\/b><\/span>\u00a0and it won’t prompt for the password. Note that this will still prompt for the password if you are running the commands on <\/span>remote_machine <\/span><\/strong>connecting to\u00a0<\/span>host_src<\/span><\/b>. You can reverse the steps above (generate the public key on\u00a0remote_machine<\/span><\/b><\/span>\u00a0and copy it to <\/span>host_src<\/span><\/b>) and you have a two way setup ready!<\/span><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

          Lets say you want to copy between two hosts\u00a0host_src\u00a0and\u00a0remote_machine. host_src is the host where you would run \u00a0scp, ssh or rsyn, irrespective of the direction of the file copy. On host_src, run this command as the user that runs scp\/ssh\/rsync $ ssh-keygen -t rsa This will prompt for a passphrase. Just press the enter key. If you assign a password to the key, then you’ll need to enter it each time you scp. It will then generate a private key…<\/p>\n

          Read More Read More<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"scp without entering a password each time","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,5],"tags":[],"class_list":["post-2753","post","type-post","status-publish","format-standard","hentry","category-technicalproblemsolutions","category-technical"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4WECr-Ip","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2753","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2753"}],"version-history":[{"count":4,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2753\/revisions"}],"predecessor-version":[{"id":9852,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2753\/revisions\/9852"}],"wp:attachment":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2753"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2753"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2753"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}