Because Secured Copy (SCP) is part of a suite of tools available with Secure Shell (SSH), you must first configure passwordless SSH before you can utilize the same for SCP. Authentication is checked against public key pairs for known hosts, instead of user id and password. Once you have SSH successfully configured to authenticate without a password, you can then utilize unprompted login with a secure copy.
Configuring passwordless scp from host A to host B
1. Host A: Generate Key-pair using the following command. Accept the default filename without entering a pass phrase. If asked for passphase press enter twice.
# ssh-keygen -t rsa
2. This above command will create two new files ( Public and Private RSA keys ) under the $HOME/.ssh/* of the user who fired the command.
id_rsa ( Private Key) id_rsa.pub ( Public Key)
3. For ease in later identification, it is advisable to rename id_rsa.pub to a unique file name representing the system for which the key was created on because later you will copy this file to the other host you want to connect to (hostB). You will want to copy the file without overwriting the id_rsa.pub file for Host B. For Example – my hostname is hostA. So, on Host A :
# cd $HOME/.ssh # mv id_rsa.pub id_rsa.pub-hostA
4. Copy the local public key to the remote host (HostB):
# scp $HOME/.ssh/id_rsa.pub-hostA hostB:$HOME/.ssh/id_rsa.pub-hostA
If this is your first time using ssh to connect to host B, you will receive the following message:
The authenticity of host 'hostB' can't be established. RSA key fingerprint in md5 is: 62:84:2f:30:0b:8e:5a:28:d4:79:0f:c1:ed:c3:ab:d2 Are you sure you want to continue connecting(yes/no)?yes Warning: Permanently added 'hostB,192.168.10.100' (RSA) to the list of known hosts.
You will need to enter the user’s password this one time only. Then, the file will be copied to host B’s .ssh directory.
5. Append your unique public key file to the public key file “authorized_keys” which creates the authorized_keys file in hostB’s .ssh directory, if it does not get created automatically with the next step. For Example, On hostB:
# touch $HOME/.ssh/authorized_keys # cat $HOME/.ssh/id_rsa.pub-hostA >> $HOME/.ssh/authorized_keys
Host B’s .ssh directory should now look like this:
-rw-r--r-- 1 admin admin 225 Aug 3 12:51 authorized_keys drwx------ 2 admin admin 512 Aug 3 12:51 . -rw-r--r-- 1 admin admin 225 Aug 3 12:44 id_rsa.pub-suntime -rw-r--r-- 1 admin admin 229 Aug 3 12:40 known_hosts -rw------- 1 admin admin 883 Aug 3 12:39 id_rsa -rw-r--r-- 1 admin admin 225 Aug 3 12:39 id_rsa.pub drwxr-xr-x 114 admin admin 7680 Aug 3 12:39 ..
Verify
To verify if everything is working as expected, simply scp any file from hostA to hostB. You should not be prompted for password for the transfer.
# scp /tmp/testfile hostB:/tmp/testfile testfile 100% |*****************************| 0 00:00