PDA

View Full Version : scp


reddwarf2956
12th April 2004, 08:16 PM
I am trying to us scp to move files back to a computer that I reinstalled. I can ssh just fine but the error message with scp is:

Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
lost connection

Although I don't have DNS setup, I am using IP addresses. This should not matter because I can use ssh too. What is messed up?

bskahan
13th April 2004, 04:10 AM
can you cut/paste the scp command your using? are you specifying a path on remote that you don't have access to?

reddwarf2956
13th April 2004, 05:16 AM
Originally posted by bskahan
can you cut/paste the scp command your using? are you specifying a path on remote that you don't have access to?

sure

scp -p -r 192.168.1.100:/dirfrom 192.168.1.2:/dirto

I have access to both. I just don't know how to set this up right for it to work right.

Jman
14th April 2004, 03:38 AM
Try adding a -v to those options for verbose output for debugging.

It appears like the wrong password a few times, then it kicks you off.

It also looks like you're logging into two remote machines at once. You're sure of both passwords?

ghenry
22nd April 2004, 12:57 PM
I have just tried it with my machines, and I get exactly the same response:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
lost connection


Hmm....
Investigating......

ghenry
22nd April 2004, 01:25 PM
So far I have discoverd these:

1. http://www.openssh.org/faq.html#2.9
2. http://sunportal.sunmanagers.org/pipermail/summaries/2002-November/002782.html

Ug
22nd April 2004, 01:47 PM
Too much time on your hands, young man.

ghenry
22nd April 2004, 01:49 PM
Also a bug from years ago. Who to fix?

http://www.geocrawler.com/archives/3/342/1999/4/0/1936235/

basically, if ~/.bashrc or /etc/bashrc generate any output, it will break scp.

I think mine breaks as I have "Message of the Day"/a banner enabled, for security reasons.

Also, after reading this:

http://www.stat.umn.edu/~charlie/woof.html#if

I tried to a -z to the $PS1 call, didn't work. How can this be like this? I noticed Debian doesn't do this.

Time for a bug report, patch, when I fix it.

ghenry
22nd April 2004, 02:08 PM
From http://dsplab.ece.iisc.ernet.in/~karthik/labfaq.html:

Q13: Help! scp won't work!

A13: There are many reasons why scp couldn't be working on your machine, or why it won't work between a particular pair of machines.

I'm assuming that you're doing something like "scp [source] [target]", and maybe you're getting an error like this:

> scp: warning: ssh_packet_wrapper_input: invalid packet received: len
> 1299783792 closing the offending input channel.

Maybe you're not getting this particular error, or maybe something altogether different. In any case, try moving the .bashrc file in your home directory in the source machine to a different file temporarily. ( Try " mv .bashrc{,-} " - this will move .bashrc to .bashrc- ). If this fixes the problem, we're in business! If not, then yell for the sysad.

What's happening:
This issue is dealt with in the OpenSSH FAQ! Check out http://www.openssh.com/faq.html#2.9 . The problem is *NOT* with .bashrc having too many lines, it's because something in your .bashrc is producing output for non-interactive sessions. Perhaps you have a line with "/usr/games/fortune" in your .bashrc, or something similar. Or maybe it's something like /etc/motd (which you can't touch!). If you find that there is something .bashrc producing output for non-interactive sessions, then comment it out. If it's something you really need and can't chuck it, then use the mv .bashrc{,-} trick. If it's not anything in your bashrc, it's time to call your friendly neighbourhood sysadmin.

ghenry
22nd April 2004, 02:08 PM
Still, this should have been addressed by now.

ghenry
22nd April 2004, 02:10 PM
Just look at all these:

http://groups.google.com/groups?q=scp%20.bashrc&hl=en&lr=&ie=UTF-8&oe=UTF-8&sa=N&tab=wg

I don't understand why this hasn't been sorted.

ghenry
22nd April 2004, 02:12 PM
http://groups.google.com/groups?q=scp+.bashrc&start=10&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=auvcq4%246ks%241%40news.cc.tut.fi&rnum=20

ghenry
22nd April 2004, 02:13 PM
Mine only says hi. What gives?

ghenry
22nd April 2004, 02:16 PM
Loads of stuff here:

http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&group=comp.security.ssh

I'll be back soon.

ghenry
22nd April 2004, 11:17 PM
See my thread:

http://www.redhat.com/archives/fedora-devel-list/2004-April/thread.html

Called:

scp and ~/.bashrc errors, still around with Fedora.

i.e. It is broken and always will be.

reddwarf2956
24th April 2004, 04:06 AM
WOW! :D I did not know what can of worms I must have opened. I know that you did a lot of work to find out it is broke, so I will have to say a big thanks ghenry. I don't think I was thinking it was big issue as I see you have found it to be. I was thinking it was just me being a newbie with Linux. I guess in a sad way, I am glad that you have the same problem.

As it is, what can I do to have a secure copy of files and directories from one box to another one?

sftp does not allow -r as scp should do. I am trying to not install ftp, telnet, or rsh and to make my box secure from these. How I was reading these 3 are the desired cracker cracks. And I have been building my security around this by seting up to use ssh, sftp, and scp as the means of doing the same things. I see I can still do ssh and sftp, but not scp. The one thing with this for now is the computers are all on my LAN so I can get away without the security, but I was wanting to have a "hole" as to use my laptop remotely to save, copy and use files. I guess that is on hold until I can get a good work around.

:confused:

ghenry thanks again, so far.
John

reddwarf2956
24th April 2004, 04:18 AM
By the way, I might want to add that mine is FC 1 just out of the box so to speak.

And the /root/.bashrc is below (It is different from the /home/john/.bashrc file by including the alias commands.):

# .bashrc

# User specific aliases and functions

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi

reddwarf2956
24th April 2004, 04:24 AM
Originally posted by Ug
Too much time on your hands, young man.

Who, I hope you don't mean me? because I am ready to scream bout this. I do have more important things to do than to just play with the machines. Yet nothing seems to work the way that ***I*** want it too.

reddwarf2956
24th April 2004, 05:48 AM
Originally posted by Jman
Try adding a -v to those options for verbose output for debugging.

It appears like the wrong password a few times, then it kicks you off.

It also looks like you're logging into two remote machines at once. You're sure of both passwords?


This had me going 'No, I don't have two remote machines. "

But now I have tried something. I thought that I needed to state the from machines ip with the directory name (or in the current case the to machine). So I changed the line to from IP:dir to just dir.

Hmmm, it is working.

I still have to wonder about the command error. I think this is still a bug in that you should be able to state the full location of a file and copy it to another location with its full location stated too.

I guess it is wanting me to have two remotes and does not like it when I gave it a remote and the machine itself.

How to summit a bug to the ssh folks?

ghenry
24th April 2004, 03:24 PM
I wouldn't bother submitting a bug report as it's well known.

scp does work providing no password prompting is done. The moment password prompting
is done remote to remote scp breaks badly, i.e. use key-based authentication.

The two methods I would try, as mentioned in the mailing list thread are:

1. ssh -t -x userx@host1 "scp file usery@host2"
2. Follow this guide, ssh key-baased authentication (http://software.newsforge.com/software/04/03/15/211214.shtml?tid=78&tid=82) , which means scp will work.

reddwarf2956
24th April 2004, 05:09 PM
ghenry,

I think you missed what I stated in my last post. I got scp to work using thoughts of Jman and yourself and the links that you gave. I now see it is not an issue with passwords and keys, but an issue with ip addresses.

Think about it like this:

I stated fromcomputerIP:dirname
which IP is this IP for the computer is it itself or another remote. There are at less two ways to stated the computer itself
127.0.0.1 and the eth0 IP (or eth1 IP). If you state like I did the computers eth0 IP it goes looking for that remote and gets lost.

I used the link with openssh FAQ to link to the home of openssh. From there I made a bugzila report. It is numbered 865.

Being that I got it to work, and filed a bug report this issue is resolved.

ghenry
24th April 2004, 06:03 PM
Ok, was it this on filed yesterday?

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=121568

reddwarf2956
25th April 2004, 02:18 AM
Originally posted by ghenry
Ok, was it this on filed yesterday?

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=121568

May have been, I read "Opened by (Ronny Buchmann) on 2004-04-23 04:50 " I posted mine with openssh and reads different. I wonder if you used his patch or was able to get you machine to work with what I stated? I guess I am questioning if his is a real patch for the same problem or a look alike which may not work. I know that by removing the computer info I could do the work that I need to do. But I don't like the fact that it does not work the way that I think it should. A full computer:dirname/filename should be able to be stated if wanted or needed.

I got it to work with the password asked for only once, this means to me that scp may have a flaw in the setup for working with two remotes. I wonder if someone has tested that? I know that I was trying to do just one remote. With two, there maybe a security issue. But this can be handled if treated as two issues working together. I will let the power better than me do the dirt work.

La Possession Photos on Instagram - Sao Mateus do Maranhao Photos on Instagram - Shrirangapattana