Does scp even transfer private key??

30/11/2006, 17h11

Im having a problem with ssh. And im curious does using scp to transfer
the file from one server to another also copy the private key along
with the public key??
And does it matter for ssh login whether id-rsa is used by one user and
id-dsa is used by another user in the same authorized_keys file???

i.e if one user generated key using rsa and other dsa and both users
append their file to the authorized_keys file does it make the ssh
login to fail?? coz im facing problems with this rite now.

thanks in advance.

30/11/2006, 18h32

Todd H. wrote:
> "thecoolone" <jahan9@gmail.com> writes:
>
> > Im having a problem with ssh. And im curious does using scp to transfer
> > the file
>
> Depends on what specifically you mean by "the file"
>
> > from one server to another also copy the private key along
> > with the public key??
>
> In general, no, if you are using public key authentication, neither of
> the keys get transferred in setting up scp to copy a given file. Say
> you initiate an scp from your home to a remote server. The remote
> server, you will have set up to have your public key file in advance
> somehow by a secure method. Successive scp's using public key
> authentication from your home machine to that remote will initiate
> auth with your private key on your home machine, and if the public key
> on the remote matches, then the scp connection is authenticated.

im trying ot use ssh, cron and rsync to backup files from one server to
another and so i am asking whether using scp to transfer the key.pub
file generated from ssh-keygen from one server to another includes the
private key along with it in the transfer even though i havent used it
in the in the transfer command. Is it a standard process to have the
private key transfered to the remote system???

> > And does it matter for ssh login whether id-rsa is used by one user and
> > id-dsa is used by another user in the same authorized_keys file???
>
> It can. But generally, authorized_keys files are a per-user sort of
> deal.

so now that i have done it how to reverse the process so that it goes
back to normal way it was working before.

> > i.e if one user generated key using rsa and other dsa and both users
> > append their file to the authorized_keys file does it make the ssh
> > login to fail?? coz im facing problems with this rite now.
>
> You could be experiencing any number of problems. Clues to them
> will be shown in using the -v flag in your client connections, and
> looking at the ssh server's log files.

are u implying to have the ssh -v option in the crontab script?? if i
do that how will it display it in the standard output (i.e treminal)??

30/11/2006, 19h01

"thecoolone" <jahan9@gmail.com> writes:

> Im having a problem with ssh. And im curious does using scp to transfer
> the file

Depends on what specifically you mean by "the file"

> from one server to another also copy the private key along
> with the public key??

In general, no, if you are using public key authentication, neither of
the keys get transferred in setting up scp to copy a given file. Say
you initiate an scp from your home to a remote server. The remote
server, you will have set up to have your public key file in advance
somehow by a secure method. Successive scp's using public key
authentication from your home machine to that remote will initiate
auth with your private key on your home machine, and if the public key
on the remote matches, then the scp connection is authenticated.

> And does it matter for ssh login whether id-rsa is used by one user and
> id-dsa is used by another user in the same authorized_keys file???

It can. But generally, authorized_keys files are a per-user sort of
deal.

> i.e if one user generated key using rsa and other dsa and both users
> append their file to the authorized_keys file does it make the ssh
> login to fail?? coz im facing problems with this rite now.

You could be experiencing any number of problems. Clues to them
will be shown in using the -v flag in your client connections, and
looking at the ssh server's log files.

--
Todd H.
http://www.toddh.net/

30/11/2006, 20h04

"thecoolone" <jahan9@gmail.com> writes:

> Todd H. wrote:
> > "thecoolone" <jahan9@gmail.com> writes:
> >
> > > Im having a problem with ssh. And im curious does using scp to transfer
> > > the file
> >
> > Depends on what specifically you mean by "the file"
> >
> > > from one server to another also copy the private key along
> > > with the public key??
> >
> > In general, no, if you are using public key authentication, neither of
> > the keys get transferred in setting up scp to copy a given file. Say
> > you initiate an scp from your home to a remote server. The remote
> > server, you will have set up to have your public key file in advance
> > somehow by a secure method. Successive scp's using public key
> > authentication from your home machine to that remote will initiate
> > auth with your private key on your home machine, and if the public key
> > on the remote matches, then the scp connection is authenticated.
>
> im trying ot use ssh, cron and rsync to backup files from one server to
> another and so i am asking whether using scp to transfer the key.pub
> file generated from ssh-keygen from one server to another includes the
> private key along with it in the transfer even though i havent used it
> in the in the transfer command.

> Is it a standard process to have the private key transfered to the
> remote system???

No. Typically you keep the private key under wraps on the local
side.

>
> > > And does it matter for ssh login whether id-rsa is used by one user and
> > > id-dsa is used by another user in the same authorized_keys file???
> >
> > It can. But generally, authorized_keys files are a per-user sort of
> > deal.
>
> so now that i have done it how to reverse the process so that it goes
> back to normal way it was working before.

remoteserver's authorized_keys for user1 should have user1's public
key generated from ssh-keygen on homeserver.

> are u implying to have the ssh -v option in the crontab script?? if i
> do that how will it display it in the standard output (i.e
> treminal)??

No. I'm implying that you shouldn't write a crontab until you get all
this working from the commandline first. Using -v on the commandline
(as well as checking the logs of the remote server you're connecting
to) will you figure out what is breaking and where.

Also be sure you read and understand the following as a way to debug
your problem further:
http://www.onlamp.com/pub/a/onlamp/excerpt/ssh_8/

--
Todd H.
http://www.toddh.net/

30/11/2006, 17h11	#1
thecoolone Messages: n/a Hébergeur:	Does scp even transfer private key?? Im having a problem with ssh. And im curious does using scp to transfer the file from one server to another also copy the private key along with the public key?? And does it matter for ssh login whether id-rsa is used by one user and id-dsa is used by another user in the same authorized_keys file??? i.e if one user generated key using rsa and other dsa and both users append their file to the authorized_keys file does it make the ssh login to fail?? coz im facing problems with this rite now. thanks in advance.

30/11/2006, 18h32	#2
thecoolone Messages: n/a Hébergeur:	Re: Does scp even transfer private key?? Todd H. wrote: > "thecoolone" <jahan9@gmail.com> writes: > > > Im having a problem with ssh. And im curious does using scp to transfer > > the file > > Depends on what specifically you mean by "the file" > > > from one server to another also copy the private key along > > with the public key?? > > In general, no, if you are using public key authentication, neither of > the keys get transferred in setting up scp to copy a given file. Say > you initiate an scp from your home to a remote server. The remote > server, you will have set up to have your public key file in advance > somehow by a secure method. Successive scp's using public key > authentication from your home machine to that remote will initiate > auth with your private key on your home machine, and if the public key > on the remote matches, then the scp connection is authenticated. im trying ot use ssh, cron and rsync to backup files from one server to another and so i am asking whether using scp to transfer the key.pub file generated from ssh-keygen from one server to another includes the private key along with it in the transfer even though i havent used it in the in the transfer command. Is it a standard process to have the private key transfered to the remote system??? > > And does it matter for ssh login whether id-rsa is used by one user and > > id-dsa is used by another user in the same authorized_keys file??? > > It can. But generally, authorized_keys files are a per-user sort of > deal. so now that i have done it how to reverse the process so that it goes back to normal way it was working before. > > i.e if one user generated key using rsa and other dsa and both users > > append their file to the authorized_keys file does it make the ssh > > login to fail?? coz im facing problems with this rite now. > > You could be experiencing any number of problems. Clues to them > will be shown in using the -v flag in your client connections, and > looking at the ssh server's log files. are u implying to have the ssh -v option in the crontab script?? if i do that how will it display it in the standard output (i.e treminal)??

30/11/2006, 19h01	#3
Todd H. Messages: n/a Hébergeur:	Re: Does scp even transfer private key?? "thecoolone" <jahan9@gmail.com> writes: > Im having a problem with ssh. And im curious does using scp to transfer > the file Depends on what specifically you mean by "the file" > from one server to another also copy the private key along > with the public key?? In general, no, if you are using public key authentication, neither of the keys get transferred in setting up scp to copy a given file. Say you initiate an scp from your home to a remote server. The remote server, you will have set up to have your public key file in advance somehow by a secure method. Successive scp's using public key authentication from your home machine to that remote will initiate auth with your private key on your home machine, and if the public key on the remote matches, then the scp connection is authenticated. > And does it matter for ssh login whether id-rsa is used by one user and > id-dsa is used by another user in the same authorized_keys file??? It can. But generally, authorized_keys files are a per-user sort of deal. > i.e if one user generated key using rsa and other dsa and both users > append their file to the authorized_keys file does it make the ssh > login to fail?? coz im facing problems with this rite now. You could be experiencing any number of problems. Clues to them will be shown in using the -v flag in your client connections, and looking at the ssh server's log files. -- Todd H. http://www.toddh.net/

30/11/2006, 20h04	#4
Todd H. Messages: n/a Hébergeur:	Re: Does scp even transfer private key?? "thecoolone" <jahan9@gmail.com> writes: > Todd H. wrote: > > "thecoolone" <jahan9@gmail.com> writes: > > > > > Im having a problem with ssh. And im curious does using scp to transfer > > > the file > > > > Depends on what specifically you mean by "the file" > > > > > from one server to another also copy the private key along > > > with the public key?? > > > > In general, no, if you are using public key authentication, neither of > > the keys get transferred in setting up scp to copy a given file. Say > > you initiate an scp from your home to a remote server. The remote > > server, you will have set up to have your public key file in advance > > somehow by a secure method. Successive scp's using public key > > authentication from your home machine to that remote will initiate > > auth with your private key on your home machine, and if the public key > > on the remote matches, then the scp connection is authenticated. > > im trying ot use ssh, cron and rsync to backup files from one server to > another and so i am asking whether using scp to transfer the key.pub > file generated from ssh-keygen from one server to another includes the > private key along with it in the transfer even though i havent used it > in the in the transfer command. > Is it a standard process to have the private key transfered to the > remote system??? No. Typically you keep the private key under wraps on the local side. > > > > And does it matter for ssh login whether id-rsa is used by one user and > > > id-dsa is used by another user in the same authorized_keys file??? > > > > It can. But generally, authorized_keys files are a per-user sort of > > deal. > > so now that i have done it how to reverse the process so that it goes > back to normal way it was working before. remoteserver's authorized_keys for user1 should have user1's public key generated from ssh-keygen on homeserver. > are u implying to have the ssh -v option in the crontab script?? if i > do that how will it display it in the standard output (i.e > treminal)?? No. I'm implying that you shouldn't write a crontab until you get all this working from the commandline first. Using -v on the commandline (as well as checking the logs of the remote server you're connecting to) will you figure out what is breaking and where. Also be sure you read and understand the following as a way to debug your problem further: http://www.onlamp.com/pub/a/onlamp/excerpt/ssh_8/ -- Todd H. http://www.toddh.net/

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email