Hi all,

What I have already done:
1. Same user created on both system and passwordless ssh form system a to system b through that user

I need to write a small script to copy /etc/shadow file of sytem a to system b,
script needs to be executed on system b.
But as /etc/shadow file is owned by root ,it shows message like permission denied.

inshort i want to execute

scp 192.168.1.21:/etc/shadow localmachine

You'll have to log in as root, or somehow contrive to get root access after logging in.

Even the slightest insecurity in the system you use could have dire consequences.

Hey ,

But give me an exaple as how to do it ?

Thanks,
Manali

on Server A
as root user

chmod 444 /etc/shadow

chmod 644 /etc/shadow
cp /etc/shadow /etc/shadow.keep   # this is to revert if it screws up
scp me@serverA::/etc/shadow .
chmod 400 /etc/shadow

chmod 400 /etc/shadow

HI ,
Thanks for your replies.

But my requirement is this. below is my script and I need to SCP /etc/shadow from remote server to my DR system.

Now please guide as how to accomplish thisbecause it ask for root password before copying,
NOte I have setpasswordless login from same user on all the systems.

#!/bin/bash

MACHINE=mainserver
for server in "system1" "system2" "system3" "system4" "system5"
SSH_SERVER=`ssh $server exec uname -n`
echo "Copying file from $SSH_SERVER......."
if [ $SSH_SERVER = $MACHINE ]; then
scp -q $SSH_SERVER:/etc/passwd /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/group /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/services /DR/$SSH_SERVER /etc/profile
scp -q $SSH_SERVER:/etc/printers.conf /DRs/$SSH_SERVER
scp -q $SSH_SERVER:/etc/profile /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/dfs/dfstab /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/dfs/sharetab /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/vfstab /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/shells /DR/$SSH_SERVER

else
scp -q $SSH_SERVER:/etc/passwd /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/group /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/services /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/printers.conf /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/profile /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/vfstab /DR/$SSH_SERVER
scp -q $SSH_SERVER:/etc/shells /DR/$SSH_SERVER
fi
done

You cannot copy /etc/shadow in the same way as you are scp'ing /etc/passwd and the other files you list. You need root permission to make this happen because of the mode (permissions) of /etc/shadow. Just doing a passwordless scp is not going to fix this issue for you.