I have started working somewhere. There are servers I've been given access to using a public key generated from my computer. However, while the ssh login seems to be fine at first, I can't actually grab the repo using this rsync. It wants a password I shouldn't need. I emailed the previous dev back, and suggested my terminal is ignoring ssh? Is this even possible? How would I fix that?
Need to access this code :/
Thanks for your help!
Last login: Fri Jun 13 11:51:30 on ttys000
Naomis-MacBook-Air:summerspirit.github.io Naomi$ cd
Naomis-MacBook-Air:~ Naomi$ ssh naomi#svn.civicrm.ca
Last login: Fri Jun 13 09:56:56 2014 from 76-10-147-186.dsl.teksavvy.com
[naomi#emily ~]$ ls
community.socialinnovation.ca socialinnovation.ca
[naomi#emily ~]$ ls -alt
total 28
-rw-------. 1 naomi naomi 183 Jun 13 12:43 .bash_history
drwx------. 3 naomi naomi 4096 Jun 13 10:03 .
lrwxrwxrwx. 1 naomi naomi 35 Jun 13 10:03 socialinnovation.ca -> /var/www/vhosts/socialinnovation.ca
lrwxrwxrwx. 1 naomi naomi 45 Jun 13 10:02 community.socialinnovation.ca -> /var/www/vhosts/community.socialinnovation.ca
drwx------. 2 naomi naomi 4096 Jun 13 09:56 .ssh
drwxr-xr-x. 15 root root 4096 Jun 13 09:12 ..
-rw-r--r--. 1 naomi naomi 18 Jul 18 2013 .bash_logout
-rw-r--r--. 1 naomi naomi 176 Jul 18 2013 .bash_profile
-rw-r--r--. 1 naomi naomi 124 Jul 18 2013 .bashrc
[naomi#emily ~]$ mkdir yolo
[naomi#emily ~]$ cd yolo
[naomi#emily yolo]$ rsync -avz naomi#svn.civicrm.ca:/var/www/vhosts/socialinnovation.ca .
The authenticity of host 'svn.civicrm.ca (209.15.213.70)' can't be established.
RSA key fingerprint is 63:99:92:28:c3:dd:b8:eb:c0:ec:c5:3a:11:7a:0f:88.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'svn.civicrm.ca,209.15.213.70' (RSA) to the list of known hosts.
naomi#svn.civicrm.ca's password:
Permission denied, please try again.
naomi#svn.civicrm.ca's password:
Connection closed by UNKNOWN
rsync: connection unexpectedly closed (0 bytes received so far) [receiver]
rsync error: unexplained error (code 255) at io.c(600) [receiver=3.0.6]
[naomi#emily yolo]$
[naomi#emily yolo]$ rsync -avz naomi#svn.civicrm.ca:/var/www/vhosts/socialinnovation.ca .
naomi#svn.civicrm.ca's password:
Permission denied, please try again.
naomi#svn.civicrm.ca's password:
Permission denied, please try again.
naomi#svn.civicrm.ca's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
rsync: connection unexpectedly closed (0 bytes received so far) [receiver]
rsync error: unexplained error (code 255) at io.c(600) [receiver=3.0.6]
[naomi#emily yolo]$
[naomi#emily yolo]$ rsync -avz naomi#svn.civicrm.ca:/var/www/vhosts/community.socialinnovation.ca .
naomi#svn.civicrm.ca's password:
Permission denied, please try again.
naomi#svn.civicrm.ca's password:
Permission denied, please try again.
naomi#svn.civicrm.ca's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
rsync: connection unexpectedly closed (0 bytes received so far) [receiver]
rsync error: unexplained error (code 255) at io.c(600) [receiver=3.0.6]
[naomi#emily yolo]$
from the dev 3:00 PM (19 hours ago)
to me, I'm thinking that your mac is somehow configured to ignore your .ssh keys when connecting.
Baffling, but reminds me why I'm not trying to run a public server ...
It looks like you're ssh'ing from Naomis-MacBook-Air to svn.civicrm.ca (aka emily) and then you're trying to ssh again (via rsync) to svn.civicrm.ca from there.
Three possible solutions:
1. rsync without the network
Because you are trying to rsync naomi#svn.civicrm.ca:/var/www/vhosts/socialinnovation.ca from svn.civicrm.ca you could just use:
rsync -avz /var/www/vhosts/socialinnovation.ca .
By-passing the need to use ssh over the network at all.
2. Make sure you are forwarding your agent
The reason that your .ssh on Naomis-MacBook-Air is being ignored is because you haven't allowed ssh to forward your agent. You can fix this by running:
echo "ForwardAgent yes" > ~/.ssh/config
On Naomis-MacBook-Air. This should allow you to continue using ssh and rsync on emily once you have ssh'd onto that remote server.
You can test that has worked by running ssh localhost repeatedly - it should never ask you for a password!
3. Copy your .ssh/id_rsa.pub and .ssh/id_rsa to the remote server and use them there
This is what you tried to do with pbcopy in the comment on the original question.
Once you've got /home/naomi/.ssh/id_rsa and /home/naomi/.ssh/id_rsa.pub on the remote server, and once you have chmod 400'd both files, you should be able to:
naomi#emily:~$ ssh-agent bash
naomi#emily:~$ ssh-add
naomi#emily:~$ rsync ...
You have to do the manual ssh-agent and ssh-add commands because there won't already be an agent running that you can use. This is not the case on your MacBook Air because MacOS X runs an agent in the background for you.
However I would recommend against this option because it means putting your private key on the remote server, which anybody with root access on that server would then be able to access.
Related
I want to be able to connect to a ftp server automatically using a single file. This input file contains commands to run in ftp session.
I am able to connect and login to a ftp server via terminal using:
ftp <IP>
Connected to <IP>.
220 ProFTPD Server (ProFTPD) [<IP>]
Name (<IP>:current_user): USER
331 Password required for USER
Password:
I enter password, the output is:
230 User USER logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Opening BINARY mode data connection for file list
drwxr-xr-x 4 USER psacln 4096 Aug 11 2020 backups
drwxr-xr-x 2 USER psacln 4096 Mar 2 2019 error_docs
drwxr-xr-x 53 USER psacln 4096 Jul 10 03:18 httpdocs
drwx------ 2 USER root 4096 Aug 4 06:32 logs
drwxrwxr-x 12 USER psacln 4096 Aug 10 2020 moodledata
226 Transfer complete
ftp>
Suppose a single file named cmd includes the command "ls" and also username & password:
#!/bin/bash
HOST=<IP>
USER=USER
PASSWORD=<PASS>
ftp $HOST <<EOF
user $USER $PASSWORD
Using above file as input to:
ftp <ip> < cmd
How to use this file to auto connect to this ftp server?
I've just solved it.
I just use encoded password in the bach script:
#!/bin/bash
HOST=<ip>
USER=USER
PASSWORD=$(echo <encoded password> | base64 --decode)
ftp -inv $HOST <<EOF
user $USER $PASSWORD
ls
bye
EOF
My password contains char &ersand&, so it has error in connecting to ftp server.
Note that <encoded password> is obtained by:
echo '<PASS>' | base64
Just this!
I need to download a file from a ftp server and delete it after is transferred (on remote server)
It's possibly in a single command line?
curl ftp://host/testfile.txt -X 'GET testfile.txt' --user user:password -o local.txt
curl ftp://host/testfile.txt -X 'DELE testfile.txt' --user user:password
Thanks
Yes, it is possible to do this in a single command:
curl -Q '-DELE testfile.txt' --user user:password -o local.txt ftp://host/testfile.txt
From the man page:
-Q, --quote
(FTP SFTP) Send an arbitrary command to the remote FTP or SFTP
server. Quote commands are sent BEFORE the transfer takes place
(just after the initial PWD command in an FTP transfer, to be
exact). To make commands take place after a successful transfer,
prefix them with a dash '-'. To make commands be sent after
curl has changed the working directory, just before the transfer
command(s), prefix the command with a '+' (this is only sup‐
ported for FTP). You may specify any number of commands.
WinSCP has an option -delete that you can combine either with put or get commands, to delete the source file after a succesfull change.
This option lead me to move from curl to WinSCP, because now I can write simpler "transactional" scripts, and I'm sure that when I delete the original file from the "transfer" folder, it is because it was successfully delivered.
https://winscp.net/
https://winscp.net/eng/docs/scriptcommand_get
https://winscp.net/eng/docs/scriptcommand_put
However, curl is quite powerful for other types of scripts and URL management, nowadays I use a mix of both utilities depending on the task to be done.
I recommend creating a script of your FTP commands, and piping them into the built-in ftp client. Here's an example (replace the ls command in the test.ftpscript with your GET/DEL commands) that worked on my machine:
[user#host ~] cat > test.ftpscript
user anonymous anonymous#gmail.com
ls
bye
[user#host ~] ftp -inv ftp.swfwmd.state.fl.us < test.ftpscript
Connected to ftp.swfwmd.state.fl.us (204.76.241.31).
220
331 Please specify the password.
230 Login successful.
227 Entering Passive Mode (204,76,241,31,191,167).
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 7478 Dec 05 09:59 README.txt
drwx------ 2 0 0 16384 Dec 04 13:40 lost+found
drwxr-xr-x 20 0 0 4096 Dec 18 14:42 pub
lrwxrwxrwx 1 0 0 3 Dec 05 10:07 public -> pub
drwxr-xr-x 3 0 0 4096 Dec 04 15:26 pvt
226 Directory send OK.
221 Goodbye.
[user#host ~]
On Ubuntu machine I created a repo' as follows
netcomo#netcomoserver:/opt/git/groupware.git$ ll
Total 12
drwxr-xr-x 3 git git 4096 April 26 16:18 ./
drwxr-xr-x 3 git git 4096 April 26 13:50 ../
drwxr-xr-x 7 git git 4096 April 26 16:18 .git/
netcomo#netcomoserver:/opt/git/groupware.git$
On Windows 7 where I want to clone the repo' I'm having below error.
What could be the reason? (as you can see the repo' server is reachable)
Looks like your git server is reachable.
You are using SSH to access the GIT repo. In that case you need to create an SSH key.
If you doing so, store your public key
.ssh/authorized_keys
on your Ubuntu maschine.
On Windows you can create SSH keys using Putty http://www.putty.org/
I should have checked a few things as follows:
To copy public key from a client machine to the server using "ssh-copy-id" command (example is shown below), I need to change a option of sshd_config file to 'yes' on the server computer.
Command:
$ ssh-copy-id ~/.ssh/id_rsa netcomo#netcomoserver
$ sudo vi /etc/ssh/sshd_config
PasswordAuthentication yes
After copying the public key to the server, the 'yes' changed above needs to be changed back to 'no'
For your reference, if you need to access multiple server accounts, you have to copy the same public key for each different accounts, see examples that follow.
$ ssh-copy-id ~/.ssh/id_rsa netcomo#netcomoserver
$ ssh-copy-id ~/.ssh/id_rsa netcomo2#netcomoserver
.
From the Keychain app I have the option to delete just the reference to a listed Keychain that was unlocked and listed via command line.
But from the command line (man security) I don't seem to have this option but to delete the file + reference to this keychain.
How can I just remove a reference to a keychain I unlocked previously from the command line? I want to clean up and remove (unlist?) the keychain again after I performed some operations with it (because it remains visible in the Keychain app if not deleted).
The delete-keychain command-line option to security deletes the keychain file and removes it from the search list of keychains. To just delete the reference of the keychain from the search list use list-keychains -s, rewriting the list while removing the one you want to disappear.
list-keychains vs. delete-keychain
At the command-line the references are handled by list-keychains and the database/keychain-file is handled by delete-keychain.
Usual workflow
# Get a list of user keychains, make a note of the names
security list-keychains -d user
# Create a new keychain
security create-keychain -p password MyNew.keychain
# Adjust the 'references' by rewriting the search list
security list-keychains -s MyNew.keychain <space separated list of other keychains>
# Delete the keychain
security delete-keychain MyNew.keychain
You delete the file directly using rm command. Location will be one of the following depending upon whether the keychain is in system domain or user domain.
System domain keychain location
$ ls -l /Library/Keychains/
total 392
-rw-r--r-- 1 root wheel 20460 Aug 21 2014 ConnectedBackup.keychain
-rw-r--r-- 1 root wheel 23732 Aug 21 2014 FileVaultMaster.keychain
-rw-r--r-- 1 root wheel 89560 Sep 19 21:37 System.keychain
-rw-r--r-- 1 root wheel 20460 Nov 10 2014 System.keychain-orig
User domain keychain location
$ ls -l ~/Library/Keychains/
total 1392
drwx------ 8 Kevin 1437522721 272 Jul 1 2015 386EC17D-8428-522E-B9DD-CE89C60F0F10
-rw-r--r--# 1 Kevin 1437522721 40776 Jan 25 2016 Microsoft_Entity_Certificates
-rw-r--r--# 1 Kevin 1437522721 34368 Jan 25 2016 Microsoft_Intermediate_Certificates
-rw-r--r--# 1 Kevin 1437522721 513136 Sep 27 20:05 login.keychain
-rw------- 1 Kevin 1437522721 87552 Sep 28 16:59 metadata.keychain
So if you want to delete login keychain from user domain you would
$ rm -rf ~/Library/Keychains/login.keychain
(Name of the keychain as it appears in the keychain utility is filename without the suffix .keychain)
EDIT
macOS Sierra and above have -db extensions
ftp rstatus $remotefile
is giving '?Invalid command' error on solaris. I came to know that there is no ftp command like rstatus on Solaris 10 unlike HP-UX. Basically on HP-UX, rstatus was used to get status of remote file. output like i.e.
-rw-r--r-- 1 dearshady users 20 Aug 2 10:28 remoteFile
On solaris ftp has ls command, but that is only for directory not file. Can anyone suggest a solution to get status of remote file on Solaris ftp?
You can use dir instead of rstatus
ftp> rstatus z
?Invalid command
ftp> dir z
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
-rw-r--r-- 1 root root 34 mars 16 23:05 z
226 Transfer complete.
remote: z
58 bytes received in 0,00014 seconds (402,98 Kbytes/s)