Linux SCP issue
-
Hey you experts! A Linux admin of ours is having an issue copying a file via scp from one server to another remote server. Here's the script they are using:
[root@ourftpserver msftp]# cat transfer_cdr.sh #!/bin/bash for i in `find /home/msftp/cdr -type f -ctime -1` do sshpass -p 'mypassword' scp $i usyrnet@222.55.888.9:/ doneAny ideas what is wrong? I'm told going the RSA route isn't possible at this time or we'd try that.
-
Are they scp'ing as root? Or is usyrnet the username?
-
As far as I know (I could be wrong) to scp to / you need to be root or sudo the scp
It's also not a good idea to have the password in the script. It should be kept in a file with 400 permissions for the user, or ideally use a key.
-
@BBigford said:
I'm told going the RSA route isn't possible at this time or we'd try that.You mean the keyed route? Find out why and fix that first. Don't let someone just wave off security like it isn't important enough to discuss. Push back hard.
-
@johnhooks said:
As far as I know (I could be wrong) to scp to / you need to be root or sudo the scp
Nope, nothing like that. SCP is just a protocol on SSH. If you can log in, you can SCP.
-
@johnhooks said:
It's also not a good idea to have the password in the script. It should be kept in a file with 400 permissions for the user, or ideally use a key.
It should only ever be a key.
-
@scottalanmiller said:
@johnhooks said:
As far as I know (I could be wrong) to scp to / you need to be root or sudo the scp
Nope, nothing like that. SCP is just a protocol on SSH. If you can log in, you can SCP.
Don't you need to have sudo permissions or be root to copy to the root folder though?
-
@johnhooks said:
Don't you need to have sudo permissions or be root to copy to the root folder though?
Ah, not necessarily. But 99% of the time, yes.
-
for i in
find /home/msftp/cdr -type f -ctime -1Backticks are a bad practice from like a decade ago. It should be written this way:
for i in $(find /home/msftp/cdr -type f -ctime -1) -
Run this command manually, does it fail?
scp $i usyrnet@222.55.888.9:/ -
What error are you getting? You asked us if there was a problem but did not state what issue you were having.
-
@scottalanmiller The remote server is administered by a different company. I was told just a few minutes ago that they haven't asked... Told them to use rsync but haven't heard back yet.
-
What is the output of this command?
find /home/msftp/cdr -type f -ctime -1 -
@BBigford said:
@scottalanmiller The remote server is administered by a different company. I was told just a few minutes ago that they haven't asked...
Should not need to ask. If you have the right to log in as that user, you set up the key yourself. The other company likely has no control there. That would be unlikely.
-
@BBigford said:
@scottalanmiller The remote server is administered by a different company.
So the chances that you have access to write to / are nearly zero, then. That's probably your issue.
-
@scottalanmiller the admin says that the script will run, but simply doesn't copy. There's no error thrown (sorry that isn't more helpful). If he would get back to me already, I'd have him run those commands right now.
-
@BBigford said:
Told them to use rsync but haven't heard back yet.
Rsync is a good tool to use, of course, but unlikely to matter here.
-
Got it figured out. Turns out that the directory being called, didn't exist. All good now though, thanks for all the quick responses!
-
@BBigford said:
Got it figured out. Turns out that the directory being called, didn't exist. All good now though, thanks for all the quick responses!
It did exist, it's the filesystem root. The issue was that the user did not have permissions there
I'm sure this was caused by accidentally forgetting the correct directory when making the script, but there is a director specified, it's just not one you would want to use -
Had to finish some stuff at work and eat dinner with the wife and kiddo, but I was thinking about it. Once they set up a key you can do this with one line (if you don't use a key you would need the password for each file).
find /home/msftp/cdr -type f -ctime -1 -exec scp {} usyrnet@222.55.888.9:/whatever/folder \;
