02-11-2011
so it sounds like from what you show'd is that the IP has multiple hosts attached and you may not get the same host (ssh key) in response every time. But since the known_hosts know's part of the information it is trying to auth and fails. And now wants a response to add it to the known_hosts file. Do you have control of the target server(s)?
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello everybody!
I am writing a script to connect to a sftp server from a client (both are Linux machines) and pull some files from there.
The script is supposed to check if the files are already put on the server and if yes take them. If not, check again in 10 minutes, let's say.
Everything... (2 Replies)
Discussion started by: abcd
2 Replies
2. Shell Programming and Scripting
I have a script that is working:
#!/bin/bash
sftp user@domain.com <<EOF
cd somedir
mget *.csv
quit
EOF
but on a crontab I want to only pull newer files, so I want to do something like:
while read ls current dir local file != true do
mget that new file
but I'm not sure the syntax... (2 Replies)
Discussion started by: unclecameron
2 Replies
3. UNIX for Dummies Questions & Answers
I re-post my question to seek your help and critique. I was required to verify a very large and tab-delimited file, named 'MyFile'.
1. The each line in 'MyFile' has 7 columns, and that the values in the 5th column are integers. I need to use shell functions (and standard LINUX/UNIX filters) to... (1 Reply)
Discussion started by: duke0001
1 Replies
4. Shell Programming and Scripting
I need to create a script that has a user enter a value. I want to verify that the value is either 1,2, or 3. If it is not then I want them to try entering it again. I am using a while loop to force them to retry.
I am able to test the input against 1,2, and 3, but when I test agains an... (4 Replies)
Discussion started by: spartiati
4 Replies
5. Shell Programming and Scripting
Hi,
I have situation where i need to automate transferring 10000+ files using sftp.
while read line
do
if ; then
echo "-mput /home/student/Desktop/folder/$line/* /cygdrive/e/folder/$line/">>sftpCommand.txt
fi
done< files.txt
sftp -b sftpCommand.txt stu@192.168.2.1
The above... (1 Reply)
Discussion started by: noobrobot
1 Replies
6. Homework & Coursework Questions
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
1. The problem statement, all variables and given/known data:
I have written a script for a dice game that: (1) tells user that each of the 2 die are 6 sided (Spots=6); (2)... (3 Replies)
Discussion started by: LaurenRose
3 Replies
7. Shell Programming and Scripting
I have to send few gzipped files from local server to SFTP server.
My Server Info
Distributor ID: Ubuntu Description: Ubuntu 12.04.4 LTS Release: 12.04 Codename: precise
Created a bash script and could able to send files to sftp, but i want to send email if transfer is successful.
... (1 Reply)
Discussion started by: krux_rap
1 Replies
8. Shell Programming and Scripting
Hello,
when running the scripts below I am not getting message bb2.
Can you please help?
#!/bin/bash
TLOG=/tmp/bb/amatest.log
FTPRESULTS=/tmp/bb/amlist
export TLOG FTPRESULTS
>$TLOG
>$FTPRESULTS
echo bb1
sftp -oPort=2222 XXXXXXXXXXXXX@sftp.userssedi.com <<EOF
cd... (5 Replies)
Discussion started by: biljana
5 Replies
9. Shell Programming and Scripting
The below bash is a file validation check executed that will verify the correct header count of 10 and the correct data type in each field of the tab-delimited file. The key has the data type of each field in it. My real data has 58 headers in it but only the header and next row need to be... (6 Replies)
Discussion started by: cmccabe
6 Replies
10. Shell Programming and Scripting
In the bash below the out put of a process is written to input. What I am trying to do is read each line in the input and verify/check it for specific text (there are always 6 lines for each file and the specific text for each line is in the description). There will always be 6 lines in each... (5 Replies)
Discussion started by: cmccabe
5 Replies
SSHFP(1) Internet / DNS SSHFP(1)
NAME
sshfp - Generate SSHFP DNS records from knownhosts files or ssh-keyscan
SYNTAX
sshfp [-k <knownhosts_file>] [-d] [-a] | [<host1> [host2 ...]] sshfp -s [-p <port>] [-d] <-a> [-n <nameserver>] <domain1> [domain2] |
<host1> [host2 ...] >
DESCRIPTION
sshfp generates RFC4255 SSHFP DNS records based on the public keys stored in a known_hosts file, which implies the user has previously
trusted this key, or public keys can be obtained by using ssh-keyscan (1). Using ssh-keyscan (1) implies a secure path to connect to the
hosts being scanned. It also implies a trust in the DNS to obtain the IP address of the hostname to be scanned. If the nameserver of the
domain allows zone tranfers (AXFR), an entire domain can be processed for all its A records.
OPTIONS
-s / --scan <hostname1> [hostname2 ...]
Scan hosts or domain for public SSH keys using ssh-keyscan
-k / --knownhosts <knownhosts_file> <hostname1> [hostname2 ...]
Obtain public SSH keys from a known_hosts file. Defaults to using ~/.ssh/known_hosts
-a / --all
Scan all hosts in the known_hosts file when used with -k. When used with -s, it will attempt an zone transfer (AXFR) to obtain all A
records in the domain specified.
-d / --trailing-dot
Add a trailing dot to the hostname in the SSHFP records. It is not possible to determine whether a known_hosts or dns query is for a
FQDN (eg www.xelerance.com) or not (eg www) or not (unless -d domainname -a is used, in which case a trailing dot is always appended).
Non-FQDN get their domainname appended through /etc/resolv.conf These non-FQDN will happen when using a non-FQDN (eg sshfp -k www) or
known_hosts entries obtained by running ssh www.sub where .domain.com is implied. When -d is used, all hostnames not ending with a dot,
that at least contain two parts in their hostname (eg www.sub but not www get a trailing dot. Note that the output of sshfp can also
just be manually editted for trailing dots.
-o / --output <filename>
Write to filename instead of stdout
-p / --port <portnumber>
Use portnumber for scanning. Note that portnumbers do NOT appear in SSHFP records.
-h / --help
Output help information and exit.
-v / --version
Output version information and exit.
-q / --quiet
Output less miscellany to stderr
FILES
~/.ssh/known_hosts
REQUIREMENTS
sshfp requires python-dns (http://www.pythondns.org)
Fedora: yum install python-dns
Debian: apt-get install python-dnspython
BUGS
if a domain contains non-working glue A records, then ssh-keyscan aborts instead of skipping the single broken entry.
This program can look up hashed hostnames in a known_hosts file if a recent-enough ssh-keygen is present
EXAMPLES
typical usage:
sshfp (implies -k -a)
sshfp -a -d (implies -k)
sshfp -k bofh.xelerance.com (from known_hosts)
sshfp -s bofh.xelerance.com (from a scan to the host)
sshfp -k ~paul/.ssh/known_hosts bofh.xelerance.com www.openswan.org -o /tmp/mysshfp.txt
sshfp -a -d -d xelerance.com -n ns0.xelerance.net >> /var/named/primary/xelerance.com
SEE ALSO
ssh-keyscan(1) ssh(1) and RFC-4255
http://www.xelerance.com/software/sshfp/
http://lists.xelerance.com/mailman/listinfo/sshfp/
AUTHORS
Paul Wouters <paul@xelerance.com>, Jacob Appelbaum <jacob@appelbaum.net>, James Brown <jbrown@yelp.com>
COPYRIGHT
Copyright 2006-2010 Xelerance Corporation
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See
<http://www.fsf.org/copyleft/gpl.txt>.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License (file COPYING in the distribution) for more
details.
Paul Wouters April 12, 2011 SSHFP(1)