SCP from one server to another without password prompt

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
17
down vote

favorite
5












What is the best way of doing scp from one box to the other without prompting for password?



There are two servers:



  • Server A (10.152.2.10): /home/oracle/export/files.txt


  • Server B (10.152.2.11): /home/oracle/import/


If I want to transfer the files using scp from server A to server B without being prompted to enter a password



[running this from Server A, /home/oracle/export/]



scp files.txt oracle@10.152.2.11:/home/oracle/import


This would prompt me for a password upon entering the command.



I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:



ssh-keygen -t rsa


This gives me two files stored in /home/oracle/.ssh:



id_rsa
id_rsa.pub


1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?



While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.



2. Am I supposed to create this file on my own?



I seem to be confused on what is the right way to do this.



Btw, the two servers are running Suse Linux Enterprise Edition 9...










share|improve this question















migrated from stackoverflow.com Jun 2 '11 at 0:53


This question came from our site for professional and enthusiast programmers.










  • 1




    Try 'keychain': gentoo.org/proj/en/keychain
    – Adam Bernier
    Feb 27 '09 at 6:18














up vote
17
down vote

favorite
5












What is the best way of doing scp from one box to the other without prompting for password?



There are two servers:



  • Server A (10.152.2.10): /home/oracle/export/files.txt


  • Server B (10.152.2.11): /home/oracle/import/


If I want to transfer the files using scp from server A to server B without being prompted to enter a password



[running this from Server A, /home/oracle/export/]



scp files.txt oracle@10.152.2.11:/home/oracle/import


This would prompt me for a password upon entering the command.



I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:



ssh-keygen -t rsa


This gives me two files stored in /home/oracle/.ssh:



id_rsa
id_rsa.pub


1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?



While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.



2. Am I supposed to create this file on my own?



I seem to be confused on what is the right way to do this.



Btw, the two servers are running Suse Linux Enterprise Edition 9...










share|improve this question















migrated from stackoverflow.com Jun 2 '11 at 0:53


This question came from our site for professional and enthusiast programmers.










  • 1




    Try 'keychain': gentoo.org/proj/en/keychain
    – Adam Bernier
    Feb 27 '09 at 6:18












up vote
17
down vote

favorite
5









up vote
17
down vote

favorite
5






5





What is the best way of doing scp from one box to the other without prompting for password?



There are two servers:



  • Server A (10.152.2.10): /home/oracle/export/files.txt


  • Server B (10.152.2.11): /home/oracle/import/


If I want to transfer the files using scp from server A to server B without being prompted to enter a password



[running this from Server A, /home/oracle/export/]



scp files.txt oracle@10.152.2.11:/home/oracle/import


This would prompt me for a password upon entering the command.



I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:



ssh-keygen -t rsa


This gives me two files stored in /home/oracle/.ssh:



id_rsa
id_rsa.pub


1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?



While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.



2. Am I supposed to create this file on my own?



I seem to be confused on what is the right way to do this.



Btw, the two servers are running Suse Linux Enterprise Edition 9...










share|improve this question















What is the best way of doing scp from one box to the other without prompting for password?



There are two servers:



  • Server A (10.152.2.10): /home/oracle/export/files.txt


  • Server B (10.152.2.11): /home/oracle/import/


If I want to transfer the files using scp from server A to server B without being prompted to enter a password



[running this from Server A, /home/oracle/export/]



scp files.txt oracle@10.152.2.11:/home/oracle/import


This would prompt me for a password upon entering the command.



I understand that a keygen is required to be generated and copied to Server A. Thus [at server A]:



ssh-keygen -t rsa


This gives me two files stored in /home/oracle/.ssh:



id_rsa
id_rsa.pub


1. Am I supposed to copy the two files (id_rsa, id_rsa.pub) over into server B /home/oracle/.ssh ?



While doing some google search on this, some articles mentioned about appending/concatenating this to authorized_keys.



2. Am I supposed to create this file on my own?



I seem to be confused on what is the right way to do this.



Btw, the two servers are running Suse Linux Enterprise Edition 9...







ssh scp key-authentication






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited May 29 '16 at 13:29









jimmij

30.4k869103




30.4k869103










asked Feb 27 '09 at 5:55







N2EE











migrated from stackoverflow.com Jun 2 '11 at 0:53


This question came from our site for professional and enthusiast programmers.






migrated from stackoverflow.com Jun 2 '11 at 0:53


This question came from our site for professional and enthusiast programmers.









  • 1




    Try 'keychain': gentoo.org/proj/en/keychain
    – Adam Bernier
    Feb 27 '09 at 6:18












  • 1




    Try 'keychain': gentoo.org/proj/en/keychain
    – Adam Bernier
    Feb 27 '09 at 6:18







1




1




Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18




Try 'keychain': gentoo.org/proj/en/keychain
– Adam Bernier
Feb 27 '09 at 6:18










5 Answers
5






active

oldest

votes

















up vote
15
down vote













  1. No, you keep id_rsa to yourself; however, id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of ~/.ssh/authorized_keys.

  2. Yes, you may create ~/.ssh/authorized_keys if it is not already created; otherwise, just append to the end of the file, using cat id_rsa.pub >>~/.ssh/authorized_keys.





share|improve this answer



























    up vote
    11
    down vote













    Also there is a tool that sorts all this for you called ssh-copy-id.



    It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa






    share|improve this answer





























      up vote
      5
      down vote













      You should also check the permissions on the various files and directories:



      authorized_keys needs perms of 600 (chmod 600 authorized_keys)
      the .ssh directory should be 700
      your home directory should be at most 744


      Your home directory must not be writable by anyone other than you.






      share|improve this answer



























        up vote
        0
        down vote













        In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:



        sftp -v -oPort=22 userid@server


        Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
        which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.






        share|improve this answer





























          up vote
          0
          down vote













          I would do the following:




          On the client:




          ssh-keygen -t rsa
          ssh-copy-id oracle@10.152.2.11


          This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.



          • Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.


          On the Server:




          I would at the vary least, turn off Password Authentication.






          share|improve this answer




















            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f14196%2fscp-from-one-server-to-another-without-password-prompt%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown
























            5 Answers
            5






            active

            oldest

            votes








            5 Answers
            5






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            15
            down vote













            1. No, you keep id_rsa to yourself; however, id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of ~/.ssh/authorized_keys.

            2. Yes, you may create ~/.ssh/authorized_keys if it is not already created; otherwise, just append to the end of the file, using cat id_rsa.pub >>~/.ssh/authorized_keys.





            share|improve this answer
























              up vote
              15
              down vote













              1. No, you keep id_rsa to yourself; however, id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of ~/.ssh/authorized_keys.

              2. Yes, you may create ~/.ssh/authorized_keys if it is not already created; otherwise, just append to the end of the file, using cat id_rsa.pub >>~/.ssh/authorized_keys.





              share|improve this answer






















                up vote
                15
                down vote










                up vote
                15
                down vote









                1. No, you keep id_rsa to yourself; however, id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of ~/.ssh/authorized_keys.

                2. Yes, you may create ~/.ssh/authorized_keys if it is not already created; otherwise, just append to the end of the file, using cat id_rsa.pub >>~/.ssh/authorized_keys.





                share|improve this answer












                1. No, you keep id_rsa to yourself; however, id_rsa.pub, which is your public key, may be copied to servers to which you wish to have access. Concatenate them onto the end of ~/.ssh/authorized_keys.

                2. Yes, you may create ~/.ssh/authorized_keys if it is not already created; otherwise, just append to the end of the file, using cat id_rsa.pub >>~/.ssh/authorized_keys.






                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Feb 27 '09 at 6:08









                mipadi

                25114




                25114






















                    up vote
                    11
                    down vote













                    Also there is a tool that sorts all this for you called ssh-copy-id.



                    It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa






                    share|improve this answer


























                      up vote
                      11
                      down vote













                      Also there is a tool that sorts all this for you called ssh-copy-id.



                      It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa






                      share|improve this answer
























                        up vote
                        11
                        down vote










                        up vote
                        11
                        down vote









                        Also there is a tool that sorts all this for you called ssh-copy-id.



                        It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa






                        share|improve this answer














                        Also there is a tool that sorts all this for you called ssh-copy-id.



                        It will append the key in your agent if you have one running to the authorized_keys file and create it if it does not exist with the right permissions. If you aren't running an agent you can specify the key to push with -i: ssh-copy-id -i ~/.ssh/id_rsa







                        share|improve this answer














                        share|improve this answer



                        share|improve this answer








                        edited Jun 2 '11 at 5:10









                        alex

                        4,18931827




                        4,18931827










                        answered Jun 2 '11 at 4:42









                        mauilion

                        39646




                        39646




















                            up vote
                            5
                            down vote













                            You should also check the permissions on the various files and directories:



                            authorized_keys needs perms of 600 (chmod 600 authorized_keys)
                            the .ssh directory should be 700
                            your home directory should be at most 744


                            Your home directory must not be writable by anyone other than you.






                            share|improve this answer
























                              up vote
                              5
                              down vote













                              You should also check the permissions on the various files and directories:



                              authorized_keys needs perms of 600 (chmod 600 authorized_keys)
                              the .ssh directory should be 700
                              your home directory should be at most 744


                              Your home directory must not be writable by anyone other than you.






                              share|improve this answer






















                                up vote
                                5
                                down vote










                                up vote
                                5
                                down vote









                                You should also check the permissions on the various files and directories:



                                authorized_keys needs perms of 600 (chmod 600 authorized_keys)
                                the .ssh directory should be 700
                                your home directory should be at most 744


                                Your home directory must not be writable by anyone other than you.






                                share|improve this answer












                                You should also check the permissions on the various files and directories:



                                authorized_keys needs perms of 600 (chmod 600 authorized_keys)
                                the .ssh directory should be 700
                                your home directory should be at most 744


                                Your home directory must not be writable by anyone other than you.







                                share|improve this answer












                                share|improve this answer



                                share|improve this answer










                                answered Mar 17 '09 at 20:42









                                dr-jan

                                41639




                                41639




















                                    up vote
                                    0
                                    down vote













                                    In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:



                                    sftp -v -oPort=22 userid@server


                                    Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
                                    which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.






                                    share|improve this answer


























                                      up vote
                                      0
                                      down vote













                                      In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:



                                      sftp -v -oPort=22 userid@server


                                      Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
                                      which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.






                                      share|improve this answer
























                                        up vote
                                        0
                                        down vote










                                        up vote
                                        0
                                        down vote









                                        In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:



                                        sftp -v -oPort=22 userid@server


                                        Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
                                        which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.






                                        share|improve this answer














                                        In case you configure the key generated from ssh-keygen but still password less transfer doesn't work, then verify the public key used on source machine in verbose mode command as below:



                                        sftp -v -oPort=22 userid@server


                                        Usually it refers to public key at /home/<user>/.ssh/id_rsa.pub
                                        which might be different from one you generated using ssh-keygen. You need to add this id_rsa.pub at destination server.







                                        share|improve this answer














                                        share|improve this answer



                                        share|improve this answer








                                        edited Sep 2 '16 at 7:58









                                        Kevdog777

                                        2,087123259




                                        2,087123259










                                        answered Sep 2 '16 at 7:16









                                        Raj

                                        1




                                        1




















                                            up vote
                                            0
                                            down vote













                                            I would do the following:




                                            On the client:




                                            ssh-keygen -t rsa
                                            ssh-copy-id oracle@10.152.2.11


                                            This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.



                                            • Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.


                                            On the Server:




                                            I would at the vary least, turn off Password Authentication.






                                            share|improve this answer
























                                              up vote
                                              0
                                              down vote













                                              I would do the following:




                                              On the client:




                                              ssh-keygen -t rsa
                                              ssh-copy-id oracle@10.152.2.11


                                              This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.



                                              • Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.


                                              On the Server:




                                              I would at the vary least, turn off Password Authentication.






                                              share|improve this answer






















                                                up vote
                                                0
                                                down vote










                                                up vote
                                                0
                                                down vote









                                                I would do the following:




                                                On the client:




                                                ssh-keygen -t rsa
                                                ssh-copy-id oracle@10.152.2.11


                                                This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.



                                                • Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.


                                                On the Server:




                                                I would at the vary least, turn off Password Authentication.






                                                share|improve this answer












                                                I would do the following:




                                                On the client:




                                                ssh-keygen -t rsa
                                                ssh-copy-id oracle@10.152.2.11


                                                This copys the key from the client to the server. You will need the password of the server to make it add your key to its ring.



                                                • Password Authentication either needs to be on or you need to hand deliver the keyfile to the server.


                                                On the Server:




                                                I would at the vary least, turn off Password Authentication.







                                                share|improve this answer












                                                share|improve this answer



                                                share|improve this answer










                                                answered Nov 26 at 2:36









                                                Michael Prokopec

                                                71516




                                                71516



























                                                    draft saved

                                                    draft discarded
















































                                                    Thanks for contributing an answer to Unix & Linux Stack Exchange!


                                                    • Please be sure to answer the question. Provide details and share your research!

                                                    But avoid


                                                    • Asking for help, clarification, or responding to other answers.

                                                    • Making statements based on opinion; back them up with references or personal experience.

                                                    To learn more, see our tips on writing great answers.





                                                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                                                    Please pay close attention to the following guidance:


                                                    • Please be sure to answer the question. Provide details and share your research!

                                                    But avoid


                                                    • Asking for help, clarification, or responding to other answers.

                                                    • Making statements based on opinion; back them up with references or personal experience.

                                                    To learn more, see our tips on writing great answers.




                                                    draft saved


                                                    draft discarded














                                                    StackExchange.ready(
                                                    function ()
                                                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f14196%2fscp-from-one-server-to-another-without-password-prompt%23new-answer', 'question_page');

                                                    );

                                                    Post as a guest















                                                    Required, but never shown





















































                                                    Required, but never shown














                                                    Required, but never shown












                                                    Required, but never shown







                                                    Required, but never shown

































                                                    Required, but never shown














                                                    Required, but never shown












                                                    Required, but never shown







                                                    Required, but never shown






                                                    Popular posts from this blog

                                                    How to check contact read email or not when send email to Individual?

                                                    Displaying single band from multi-band raster using QGIS

                                                    How many registers does an x86_64 CPU actually have?