Shell Programming and Scripting

Hi friends,

I am trying to scp a file from server A to Server C via Server B (which is jump host)

from Server A to Server B i have one pem key. from server B to server C I have different Pem key..

what I tried

Code:

scp -r -o ProxyCommand="ssh  -W %h:%p ec2-user@1.4.5.5 dmu.sh ec2-user@1.5.7.4:/home/ec2-user/

Which is not working.. do i need to mention Pem in proxy.. or how I can redefine it with pem keys...

Pls help

Are you sure the command shown is really working? There's at least one double quote missing.

Not sure I know "pem" keys. Could you elaborate a bit?
Usually, I'd log into server B, and then scp the file from server A to server C, making sure the respective keys exist on A, B, and C.

Hi RudiC,

Thanks for reply, that typo double quote missing but still it does not work..

pem key is private authentication key (instead of password authentication) for servers which we use..

All i am trying to copy from A to C by tunnelling via B..

Sorry if this is not the right forum to paste this question..

Generally the way you try it is the way it works.


What's the error message?

Did you try to run your command with increased verbosity? (ssh -v or even ssh -vv)

Btw.: You need your public key(of server A) placed in authorized_keys of both target hosts(server B+C) for pubkey authentication to work here.


The difference in doing it directly one step after another is that in the manual hopping, user on server a authenticates to user on server b and then user on server b authenticates to server c. With SSH-Proxying, first user on server a authenticates to server b and then user on server a(not b!) authenticates to server c.


You either have to deposit key from server a at server c or import private key from server b to server a, to grant a access to server c, which is not required if you manually login via your jumphost.

Hmm...at last the below worked can help some one looking for similar issue

Code:

scp -i /home/centos/jumphost.pem -o ProxyCommand="ssh -i /home/centos/jumphost.pem -W %h:%p centos@1.4.5.5" /home/centos/abc.csv ec2-user@1.5.7.4:/home/ec2-user/

... and to for convenient use, place an entry in $HOME/.ssh/config, so you do not have to type this long command line everytime you want to use that proxy connection.


Note

You may delete the key from the Jump-Host as a security measure - if no one else needs the key there. But be sure to have enought backups of the key :-D

Yes stomp,

I agree, better to put that inot that ssh/config, yes, i wont forget to remove that pem key on jump Thanks for your input...

The below question is out of this post context..If you have some idea please let me know...

I am trying to ssh into one host with ssh -i abc.pem ec2-user@1.2.3.4
it was working till yesterday..
I just issued a -v option to know what happening...
finally it said permission denied. though i can ping it from other..but not able to login now..it says refused key..
permission on that pem file is 400..so its not too open...-v option not pinpointing issue

any cleanup would help issue. ?