On the AIX side, is there anything in the sshd_config about chroot-ing the users if they use sftp or scp?
no, there isn't. Here is the complete config (comments stripped):
Code:
Protocol 2
SyslogFacility AUTH
LogLevel INFO
PermitRootLogin no
PermitEmptyPasswords no
UsePAM yes
AllowTcpForwarding yes
X11Forwarding yes
PrintMotd yes
UseDNS no
Subsystem sftp /usr/sbin/sftp-server
Quote:
Originally Posted by fpmurphy
If "ssh AIXHOST /bin/true"
I have tried it and it produced nothing.
In the meanwhile i have found out a bit more, alas nothing of any remedial value:
I tried to create another user completely unknown to LDAP to make certain the authentication between LDAP and system don't get confused: no change of the symptoms described above.
I tried to initiate the scp from the other direction and learned that there is a firewall between these two hosts, which seemingly forbids scp-communication in the other direction. There is simply no response at all when trying like this, not even an error message. The command will just time out eventually:
Code:
bakunin@aix $ scp bakunin@linux:~/file .
We tried to scp from a third system (also AIX, but IMHO this makes any difference) with a different user-ID, which works. It is at least established therefore, that the scp-system on the AIX-host in question is not broken in itself.
The following ksh script is trying to get a file's cksum then, scp it over to a remote machine - get the cksum there and then compare the two cksums to make sure they match. I am having problems setting a variable on the remote host where it can be read locally. Is this even possible - reading a... (1 Reply)
Server, running AIX 6.1 developed strange problem when logging in via SSH -- ssh client hangs without any error.
It is possible to run commands on server, using ssh ("ssh servername ls -l" is OK)
It is possible to log in normally, using serial console connected to server.
It was possible to... (2 Replies)
Hi All,
I have a setup of around 100 servers with atleast 10 users on each box.The public key from one server has been created and updated on all other servers , so that passwordless login can be done from any use.
We recently had a problem that ssh keys on one of the system was changed and... (2 Replies)
Dear All,
whenever i try the command ssh , it is giving the below error.
ld.so.1: ssh: fatal: relocation error: file /usr/bin/ssh: symbol SUNWcry_installed: referenced symbol not found
Killed
For SCP also the same error is coming.
Pl reply me if you have answers.
Rj (4 Replies)
OK , ..
This is an odd one. I have a new server and I need to have a tunnel open to it.
I have this exact process running on a few others but this new one I just got is not allowing the script to connect.
I set up my users account and ssh keys
from the server that will host the tunneling i... (6 Replies)
Dear expert,
I have gone through the thread
A similar error arising for me , please find the debug logs.
I have tried from another server to push a file using scp but not working for me.
i am using SunOS SUNW,SPARC-Enterprise machine.
Thanks (5 Replies)
I know the "how to setup passwordless SSH" question is asked probably 5 times a week.
I know how to setup passwordless SSH, it's not tough, however after reinstalling linux on my server, I found a problem. I could SSH into my server just fine, no password required, however SCP still required a... (4 Replies)
Hi All,
I have a many cron jobs scheduled in my AIX server.
Only one cron not getting executed in the same server but that job is good on all other servers.
Here is my cron , which will keep last 30 files and remove others.,
00 00 * * * /usr/bin/find /tmp/reports/nmon -name *.nmon -mtime... (9 Replies)
I am sorry if i post in wrong Form.
i have AIX server in which ssh works for all users but sftp only works for root user .
it is too much important for me to solve this .
Your help will be greatly appreciated. (1 Reply)
I cant ping to some of my machines, but ping works.
I attach screenshots. Port is open and it is 22.
I can't figure out why i cant access.
https://www.unix.com/attachments/unix-for-advanced-and-expert-users/7492d1541541072-cant-ssh-but-ping-works-sshlisten-jpg... (17 Replies)
Discussion started by: tomislav91
17 Replies
LEARN ABOUT OPENSOLARIS
scp
scp(1) User Commands scp(1)NAME
scp - secure copy (remote file copy program)
SYNOPSIS
scp [-pqrvBC46] [-F ssh_config] [-S program] [-P port]
[-c cipher] [-i identity_file] [-o ssh_option]
[ [user@]host1:]file1 []... [ [user@]host2:]file2
DESCRIPTION
The scp utility copies files between hosts on a network. It uses ssh(1) for data transfer, and uses the same authentication and provides
the same security as ssh(1). Unlike rcp(1), scp will ask for passwords or passphrases if they are needed for authentication.
Any file name may contain a host and user specification to indicate that the file is to be copied to/from that host. Copies between two
remote hosts are permitted.
OPTIONS
The following options are supported:
-4 Forces scp to use IPv4 addresses only.
-6 Forces scp to use IPv6 addresses only.
-B Selects batch mode. (Prevents asking for passwords or passphrases.)
-c cipher Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh(1).
-C Compression enable. Passes the -C flag to ssh(1) to enable compression.
-F ssh_config Specifies an alternative per-user configuration file for ssh(1.).
-i identity_file Selects the file from which the identity (private key) for RSA authentication is read. This option is directly passed
to ssh(1).
-o ssh_option The given option is directly passed to ssh(1).
-p Preserves modification times, access times, and modes from the original file.
-P port Specifies the port to connect to on the remote host. Notice that this option is written with a capital `P', because -p
is already reserved for preserving the times and modes of the file in rcp(1).
-q Disables the progress meter.
-r Recursively copies entire directories.
-S program Specifies the name of the program to use for the encrypted connection. The program must understand ssh(1) options.
-v Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging con-
nection, authentication, and configuration problems.
OPERANDS
The following operands are supported:
host1, host2,... The name(s) of the host from or to which the file is to be copied.
file1, file2,... The file(s) to be copied.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO rcp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), sshd(1M), ssh_config(4), attributes(5)NOTES
Generally, use of scp with password or keyboard-interactive authentication method and two remote hosts does not work. It does work with
either the pubkey, hostbased or gssapi-keyex authentication method. For the pubkey authentication method, either private keys not pro-
tected by a passphrase, or an explicit ssh agent forwarding have to be used. The gssapi-keyex authentication method works with the ker-
beros_v5 GSS-API mechanism, but only if the GSSAPIDelegateCredentials option is enabled.
SunOS 5.11 22 Jun 2007 scp(1)