To copy files from local computer to a server with SSH,
scp test.txt testuser@remote.host.com:/tmp/
By this command I can copy test.txt file from current local directory to /tmp/ folder on remote host.
Or to download some files from server to the local computer:
scp testuser@remote.host.com:/tmp/*.txt ~/Downloads
Or to create a directory on remote server:
ssh testuser@remote.host.com "mkdir /home/testuser/newdir"
On every command, when the connection was established, I am asked the password for testuser.
It's a pitty that the password can't pass as a command parameter. So when executing more and more scp commands, each time password will asked.
This annoying problem also restrict me to automatize copy files between local computer and remote server.
So I searched to get over this problem. The solution is using public/private keys for authentication. Here are the steps.
Step 1. On the local computer, create a new private/public keys pair by following command:
$ ssh-keygen -t rsa
This will create two files in your (hidden) ~/.ssh directory.
Private key: id_rsa
Public key: id_rsa.pub
If you don't want to be asked for a password each time you connect, just press enter when asked for a password when creating the key pair.
Step 2. After generating private/public keys pair, now copy the public key id_rsa.pub to the server and rename it as authorized_keys and put it into ~/.ssh/ folder.
So that the location of the public key should be as ~/.ssh/authorized_keys
(In this case the full path is /home/testuser/.ssh/authorized_keys)
To do this automatically:
ssh-copy-id user@server
If server port other than 22, it can be specified as follow:
ssh-copy-id "user@server -p 12345"
That's it. Now we should connect from local computer without asking for password.
Also we can transfer files between local-server without password.
For Better SSH Security
Disable root Login:
Edit /etc/ssh/sshd_config and set the following line
PermitRootLogin no
Allow Only Specified Users:
Open /etc/ssh/sshd_config with text editor and allow specific users to be able to login using SSH.
AllowUsers testuser user2 user3
After changes, restart the SSH service:
service ssh restart
Reference:
#from blog.mbirgin.com, archive, ubuntu, ubuntu tips, centos, centos tips, linux, ssh, scp, disable password, generate public keys, public private keys pair, open ssh, auto login in ssh, secure shell