[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

scp mit RSA-Zertifikat

Ich bekomme es einfach nicht wieder zum laufen!
scp mit Kennwort funktioniert problemlos! Für die RSA-Variante bin ich auf dem Rechner raspberrypi-hzg wie folgt vorgegangen: 

   #~# ssh-keygen -t rsa
   #~# su pi
   #~# ssh-keygen -t rsa
   #~# exit

mit dem Ergebnis:

   #~# dir /root/.ssh/
   insgesamt 20
   drwx------  2 root root 4096 2016-10-16 18:52 .
   drwx------ 12 root root 4096 2016-10-14 10:38 ..
   -rw-------  1 root root 1766 2016-10-16 18:48 id_rsa
   -rw-r--r--  1 root root  402 2016-10-16 18:48 id_rsa.pub
   -rw-r--r--  1 root root  222 2016-10-16 18:52 known_hosts
   #~# dir /home/pi/.ssh/
   insgesamt 20
   drwxr-xr-x 2 pi pi 4096 2016-10-16 18:54 .
   drwxr-xr-x 5 pi pi 4096 2016-10-14 22:51 ..
   -rw------- 1 pi pi 1766 2016-10-16 18:49 id_rsa
   -rw-r--r-- 1 pi pi  400 2016-10-16 18:49 id_rsa.pub
   -rw-r--r-- 1 pi pi  222 2016-10-16 18:54 known_hosts

soweit so gut weiter ging es mit
#~# cat ~/.ssh/*.pub | ssh -p 123 pi@192.168.0.113 'umask 077; cat >>.ssh/authorized_keys' 
   #~#su pi
#~# cat ~/.ssh/*.pub | ssh -p 123 pi@192.168.0.113 'umask 077; cat >>.ssh/authorized_keys' 
   #~#exit

was auf dem Rechner ...113 folgendes Ergebnis zeigt

   #~# dir /home/pi/.ssh/
   insgesamt 16
   drwx------ 2 pi pi 4096 2016-10-16 19:51 .
   drwxrwxrwx 3 pi pi 4096 2016-10-16 19:04 ..
   -rw------- 1 pi pi  802 2016-10-16 18:55 authorized_keys
   	
   #~# nano /home/pi/.ssh/authorized_keys
     ssh-rsa ... root@raspberrypi-hzg
     ssh-rsa ... pi@raspberrypi-hzg
aus meiner Sicht immer noch logisch, als müsste jetzt scp ohne Kennworteingabe funktionieren, tut es aber nicht!
root@19:46:02#~# scp -P123 -pv /home/pi/heizung.xlm.bz2 pi@192.168.0.113:/home/pi/ Executing: program /usr/bin/ssh host 192.168.0.113, user pi, command scp -v -p -t /home/pi/ 
   OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t  3 May 2016
   debug1: Reading configuration data /etc/ssh/ssh_config
   debug1: /etc/ssh/ssh_config line 19: Applying options for *
   debug1: Connecting to 192.168.0.113 [192.168.0.113] port 123.
   debug1: Connection established.
   debug1: permanently_set_uid: 0/0
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_rsa type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_rsa-cert type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_dsa type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_dsa-cert type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_ecdsa type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_ecdsa-cert type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_ed25519 type -1
   debug1: key_load_public: No such file or directory
   debug1: identity file /root/.ssh/id_ed25519-cert type -1
   debug1: Enabling compatibility mode for protocol 2.0
   debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3 debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000 
   debug1: SSH2_MSG_KEXINIT sent
   debug1: SSH2_MSG_KEXINIT received
   debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
   debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
   debug1: sending SSH2_MSG_KEX_ECDH_INIT
   debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 0d:eb:ab:6b:89:56:0c:aa:b4:3f:b0:89:0a:9f:50:57 debug1: Host '[192.168.0.113]:123' is known and matches the ECDSA host key. 
   debug1: Found key in /root/.ssh/known_hosts:1
   debug1: SSH2_MSG_NEWKEYS sent
   debug1: expecting SSH2_MSG_NEWKEYS
   debug1: SSH2_MSG_NEWKEYS received
   debug1: SSH2_MSG_SERVICE_REQUEST sent
   debug1: SSH2_MSG_SERVICE_ACCEPT received
   debug1: Authentications that can continue: publickey,password
   debug1: Next authentication method: publickey
   debug1: Trying private key: /root/.ssh/id_rsa
   debug1: Trying private key: /root/.ssh/id_dsa
   debug1: Trying private key: /root/.ssh/id_ecdsa
   debug1: Trying private key: /root/.ssh/id_ed25519
   debug1: Next authentication method: password
   pi@192.168.0.113's password:
   debug1: Authentication succeeded (password).
   Authenticated to 192.168.0.113 ([192.168.0.113]:123).
   debug1: channel 0: new [client-session]
   debug1: Requesting no-more-sessions@openssh.com
   debug1: Entering interactive session.
   debug1: Sending environment.
   debug1: Sending env LANG = de_DE.UTF-8
   debug1: Sending command: scp -v -p -t /home/pi/
   File mtime 1476477419 atime 1476477387
   Sending file timestamps: T1476477419 0 1476477387 0
   Sink: T1476477419 0 1476477387 0
   Sending file modes: C0644 2605749 heizung.xlm.bz2
   Sink: C0644 2605749 heizung.xlm.bz2 100% 2545KB   2.5MB/s   00:00
   debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
   debug1: channel 0: free: client-session, nchannels 1
   debug1: fd 0 clearing O_NONBLOCK
   debug1: fd 1 clearing O_NONBLOCK
   Transferred: sent 2611600, received 2384 bytes, in 0.1 seconds
   Bytes per second: sent 47558827.8, received 43414.1
   debug1: Exit status 0
Das kopieren klappt als, aber nicht ohne Kennwort, wo mache ich den (Denk-)Fehler? 

--
Gruß aus der Stadt der CeBIT
Jochen
Reply to: