-1

I humbly apologize, but I looked everywhere in the net and I still couldn't do this. This is the best guide i've found so far. I've also used this as guide as well. And still nothing works.

I needed to execute a script that automatically sends a local file to a remote machine. Both local and remote machines are Linux. EDIT: script should NOT prompt for password to user - hence why I should use public keys.

What I've done so far:

  • EDIT: executed eval `ssh-agent`, and then ssh-add, and then ssh-copy-id

  • executed ssh-keygen on local machine, to produce id_rsa and id_rsa.pub at ~/.ssh folder

  • Used NO passphrase in ssh-keygen
  • Sent id_rsa.pub to remote machine into its ~/.ssh folder
  • Renamed id_rsa.pub in remote machine into authorized_keys (since it didn't exist originally)

Script file (in local machine)

#!/bin/bash    
scp -i ~/.ssh/id_rsa -o BatchMode=yes -v file.txt meuser@remotemachine:/home/meuser

Output of verbose mode of SCP:

./scp_example.sh
Executing: program /usr/bin/ssh host webui01, user meuser2, command scp -v -t /home/meuser
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to remotemachine [###.###.###.###] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 504/505
debug1: identity file /home/meuser/.ssh/id_rsa type 1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remotemachine' is known and matches the RSA host key.
debug1: Found key in /home/meuser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195

debug1: Next authentication method: publickey
debug1: Offering public key: /home/meuser/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
lost connection

Hopefully someone can shed light into this.

Thanks and best regards.

nobody
  • 19,814
  • 17
  • 56
  • 77
thisNeil
  • 73
  • 1
  • 3
  • 11
  • try using rsync it will solve this: "I needed to execute a script that automatically sends a local file to a remote machine." – Drako Jun 22 '17 at 14:01
  • Try using `ssh-copy-id` to install the public key instead of doing it manually, if possible, it takes care of the caveats. Also (quoting its manpage): "[...] if the remote sshd has `StrictModes` set in its configuration, then the user's home, `~/.ssh` folder, and `~/.ssh/authorized_keys` file may need to have group writability disabled manually, e.g. via `chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys`" – Michael Jaros Jun 22 '17 at 14:07
  • @Drako Sorry I failed to mention that what I need is, in transferring files, there should be no "password" prompt. I've tried rsync and it is almost similar to scp. Thanks for the suggestion though :) – thisNeil Jun 23 '17 at 02:11
  • @MichaelJaros I've looked up on ssh-copy-id and found "https://stackoverflow.com/questions/22530886/ssh-copy-id-no-identities-found-error". Tried their suggestions and still no luck :( Thanks for the help though. I really wonder why it works for other's machines and for some it doesn't? – thisNeil Jun 23 '17 at 02:40
  • look into your logs, maybe you see something... try `/var/log/auth.log` and `tail -F /var/log/*` while attempting to connect. my first guess would have been permissions as Jakuje has pointed out, as this is a common problem with ssh pubkey authentication. – Michael Jaros Jun 23 '17 at 07:50

1 Answers1

0

Your offered key is rejected. Have a look into the server log for the reason, make sure that the home directory, .ssh and .ssh/authorized_keyus is owned by the correct user and not writable by anyone else (which is most common mistake).

Jakuje
  • 24,773
  • 12
  • 69
  • 75