Using SCP to transfer files without password in Linux

Time:2021-6-2

Recently, I found a very scary thing. There is no backup file in the backup directory of the backup server. If you look at it carefully, it turns out that the SCP command needs a password. The trust relationship has been established before, which may be due to the modification of the root password. Next, let’s talk about the specific operation.
Generally, when using SCP command to get the other Linux host file through SSH, you need to enter the password to confirm, but by establishing a trust relationship, you can achieve no password.

Let’s assume that the IP of server s to be backed up is 192.168.0.1
IP of server B used as backup: 192.168.0.2

You need to copy the file from s password free input to B.

1. Execute the following command on server s to generate the pairing key:
ssh-keygen -t rsa
Follow the prompts. Please do not enter password. Because my password has been operated before, it also prompts whether to override. Just enter “Y”. Other tips are as follows
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ff:8e:85:68:85:94:7c:2c:46:b1:e5:2d:41:5c:e8:9b [email protected]

2. Change the ID in / root /. SSH / directory to_ The rsa.pub file is copied to the / root /. SSH / directory of server B and renamed authorized_ keys。
scp .ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys

In the future, no password is needed from server s SCP to server B.

3. To use this method, you should pay attention to: the two computers copied need to use the same account name, here is root. For the sake of security, you need to create the same account in two machines, and then switch to the account with Su command on server s, and then execute step 1. When copying files in step 2, the ~ /. SSH / directory may not exist, and you need to create it manually.

In step 2, if authorized already exists in the machine_ Keys file, it should be noted that this file can contain multiple SSH authentication information. At this time, the cat > > command can be used to attach the contents of the authentication file.

Now execute the script SCP ~ /. SSH / ID on server s_ rsa.pub [email protected] :/root/.ssh/s.pub

Then execute cat ~ /. SSH / S.pub > > ~ /. SSH / authorized on server B_ keys

Finally, you can try a small text file.
Execute on server s
touch ~/test
scp ~/test [email protected]:/root/

Use LS on server B to check whether the transmission is successful. In fact, when SCP was executed on server s just now, it indicated that the transmission was successful.


scp

This work adoptsCC agreementReprint must indicate the author and the link of this article