How to scp File from root user in one server to say crt user in another server and avoid password? Post: 302914846

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Dowloading a File from FTP Server to a local Server where User Id's are different

Hi, The Setup is like this. I'm connecting to Unix machine from my local machine. After connecting to Unix M/c, i need to connect FTP server. Am successful in connecting to FTP server, but am not able to download the file from the ftp server to my local machine. I have different user id's and...

2. Shell Programming and Scripting

scp file to another server without asking for password

hi I tried reading some of the threads w.r.t scp/sftp file to another server in the same network without asking for password while copying files.....but couldnot succeed. i have generated the public key for the system using "ssh-keygen -t " and kept it in the .ssh/authorized_keys file. ...

3. Shell Programming and Scripting

[SSH] Need to connect to remote server as different user and without password

I have a task requiring that USER_A run a script, which connects to HOST_B as USER_B and does not ask for a password. If I am logged in on HOST_A as USER_B, I can connect to HOST_B without a password, no problem. However, if I try running ssh with the command line "ssh USER_B@HOST_B" while...

4. UNIX for Dummies Questions & Answers

How to avoid logging with root user?

I have created a linux machine and installed some softwares on it with root user privileges . I used to login with root user credentials for doing the various task. Later i have realise that this is not the best practice to follow and there should be a new user with less privileges to be created...

5. Linux

How do I run HTTP server on port 80 using a non root user?

Hi experts, I want to run HTTP server on port 80, I learn from somewhere that it MUST not be run as root for security reason, how to do that? Thank you in advance!

6. Shell Programming and Scripting

How to give user name and password in a single command to login to remote server

Hello All, I'm new to unix and i need the below favour from you. I have list of 50 unix server. I need to login to all the server one by one and with the same user and password. I will declare the user name and password globally in the script. for example : servername- hyperV user name...

7. UNIX for Dummies Questions & Answers

Terminate scp when user not enter the password.

Hi All, Is there any way to terminate scp command when the password was not entered for some specific amount of time.

8. Shell Programming and Scripting

I want to scp file from one server to another, both server have different user name and

i want to scp file from one server to another. both server have different user name and it needs to give password to transfer file.how can we mention password in the script itself so that we need not mention password while running the script. Say from servers cpli with user abc and file path /opt...

9. UNIX for Advanced & Expert Users

Setup Samba Server to always ask user and password

How do I setup a Samba server to always ask to user and password, when a windows user, prints your files using a shared printer through a Samba Linux Server (CUPS)?

LEARN ABOUT NETBSD

lprng_certs

lprng_certs(1)                                                  lprng_certs command                                                 lprng_certs(1)

NAME

       lprng_certs - lprng SSL certificate management

SYNOPSIS

       lprng_certs option
        Options:
         init     - make directory structure
         newca    - make new root CA
         defaults - set new default values for certs
         gen      - generate user, server, or signing cert
         index [dir] - index cert files
         verify [cert] - verify cert file
         encrypt keyfile
                  - set or change keyfile password

DESCRIPTION

       The lprng_certs program is used to manage SSL certificates for the LPRng software.  There SSL certificate structure consists of a hierarchy
       of certificates.  The LPRng software assumes that the following types of certificates will be used:

       CA or root
              A top level or self-signed certificate.

       signing
              A certificate that can be used to sign other certificates.  This is signed by the root CA or another signing certificate.

       user   A certificate used by a user to identify themselves to the lpd server.

       server A certificate used by the lpd server to identify themselves to the user or other lpd servers.

Signing Certificates
       All of the signing certificates, including the root certificate (root CA), /etc/lprng/ssl.ca/ca.crt, are in the same directory as the  root
       CA  file.  Alternately, all of the signing certs can be concatenated and put into a single file, which by convention is assumed to have the
       same name as the root CA file, /etc/lprng/ssl.ca/ca.crt.  The ssl_ca_file, ssl_ca_path, and ssl_ca_key printcap and  configuration  options
       can  be  used to specify the locations of the root CA files, a directory containing the signing certificate files, and the private key file
       for the root CA file respectively.

       The root certificate (root CA file) /etc/lprng/ssl.ca/ca.crt has a private key file /etc/lprng/ssl.ca/ca.key as well.  By  convention,  the
       private keys for the other signing certificate files are stored in the certificate file.

       The OpenSSL software requires that this directory also contain a set of hash files which are, in effect, links to these files.

       By default, all signing certificates are assumed to be in the same directory as the root certificate.

Server Certificates
       The  certificate used by the lpd server are kept in another directory.  These files do not need to have hash links to them.  By convention,
       the private keys for these certificate files are stored in the  certificate  file.   The  server  certificate  file  is  specified  by  the
       ssl_server_cert  and has the default value /etc/lprng/ssl.server/server.crt.  This file contains the cert and private key.  The server cer-
       tificate password  file is specified by the ssl_server_password option with the default value

       and contains the password used to decrypt the servers private key and use it for authentication.  This key file should be read only by  the
       lpd server.

User Certificates
       The  certificates  used  by  users are kept in a separate directory in the users home directory.  By convention, the private keys for these
       certificate files are stored in the certificate file.

       The user certificate file is specified by the LPR_SSL_FILE environment variable, otherwise the ${HOME}/.lpr/client.crt is used.  The  pass-
       word is taken from the file specified by the LPR_SSL_PASSWORD environment variable, otherwise the ${HOME}/.lpr/client.pwd file is read.

USING LPRNG_CERTS
       The  organization  of the SSL certificates used by LPRng is similar to that used by other programs such as the Apache mod_ssl support.  The
       lprng_certs program is used to create the directory structure, create certificates for the root CA, signing, user and servers.  In order to
       make management simple, the following support is provided.

lprng_certs init
       This command creates the directories used by the lpd server.  It is useful when setting up a new lpd server.

lprng_certs newca
       This  command  creates  a  self-signed certificate, suitable for use as a root CA certificate.  It also sets up a set of default values for
       other certificate creation.

lprng_certs defaults
       This command is used to modify the set of default values.

       The default values are listed and should be self-explanatory, except for the value of the signer certificate.  By default, the root CA  can
       be  used  to  sign  certificates.  However, a signing certificate can be used as well.  This allows delegation of signing authority without
       compromising the security of the root CA.

lprng_certs gen
       This is used to generate a user, server, or signing certificate.

lprng_certs index
       This is used to create the indexes for the signing certificates.

lprng_certs verify [cert]
       This checks the certificate file using the Openssl openssl verify command.

lprng_certs encrypt keyfile
       This removes all key information from the key file, reencrypts the key information, and the puts the encrypted key information in the file.

LPRng OPTIONS
       Option                   Purpose
       ssl_ca_path              directory holding the SSL signing certs
       ssl_ca_file              file holding the root CA or all SSL signing certs
       ssl_server_cert          cert file for the server
       ssl_server_password      file containing password for server server
       ${HOME}/.lpr/client.crt  client certificate file
       ${HOME}/.lpr/client.pwd  client certificate private key password

ENVIRONMENT VARIABLES

       LPR_SSL_FILE             client certificate file
       LPR_SSL_PASSWORD         client certificate private key password

EXIT STATUS

       The following exit values are returned:

       zero (0)       Successful completion.

       non-zero (!=0) An error occurred.

SEE ALSO

       lpd.conf(5), lpc(8), lpd(8), checkpc(8), lpr(1), lpq(1), lprm(1), printcap(5), lpd.conf(5), pr(1), lprng_certs(1), lprng_index_certs(1).

AUTHOR

       Patrick Powell <papowell@lprng.com>.

HISTORY

       LPRng is a enhanced printer spooler system with functionality similar to the Berkeley LPR software.  The LPRng developer  mailing  list  is
       lprng-devel@lists.sourceforge.net; subscribe by visiting https://lists.sourceforge.net/lists/listinfo/lprng-devel or sending mail to lprng-
       request@lists.sourceforge.net with the word subscribe in the body.
       The software is available via http://lprng.sourceforge.net

LPRng                                                               2006-12-09                                                      lprng_certs(1)