Shulou(Shulou.com)06/01 Report--

Reason: The company uses key-based login, although there are firewalls and other devices, and does not allow root direct login and password login. Because the company's network is not good, there is a need to copy 2 multi-G data to other servers at a time. I was thinking scp (although there are other command tools), but I forgot that passwords are not allowed now. Although there are other ways (such as lrzz or winscp ftp etc.), it will take too much time to download and then upload. After all, the local area network of the server is the fastest. If you go to the company and upload it again, it will be too troublesome. So look at scp --help and see that there is a-i argument. So it's the way to support the key. After careful study, it is really easy to use, so I wrote a document and shared it with everyone.

[root@node1 ~]# scp --help

usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-iidentity_file]

[-l limit] [-ossh_option] [-P port] [-S program]

[[user@]host1:]file1 ... [[user@]host2:]file2

[root@node1 ~]#

Detailed grammar:

-1246BCpqrv：

-1 forced scp protocol 1

-2 forced scp protocol 2

-4 Mandatory scp with IPV4 URL

-6 Mandatory scp with IPV6 URL

-B Select batch mode (prevent password entry)

-C allows compression. Label-C to ssh(1) to allow compression

-p Specifies the number of modifications, the number of joins, and the schema for the original file

-Q, turn off the progress parameter.

-r Recursively copies the entire folder

-v Detailed mode display output

-c cipher: Select cipher to encrypt data transmission.

-F ssh_config: Specify the configuration file for ssh

-I identity_file: Select the file whose private password is read by RSA authentication.

-I limit: limit the transmission bandwidth, that is, the speed in Kbit/s

-o ssh_option: You can transfer configuration formats from ssh_config to ssh.

-P port: Specify ssh port

-S program: Specifies an encryption program.

user@ user

host1 Host (IP or domain name)

Test environment:

node1:192.168.1.220 centos6.6mini

node2:192.168.1.221 centos6.6mini

node1:

Upload folder to node2;

scp -P 21386 -r/usr/local/tomcat/ root@192.168.1.221:/root

Note: If you do not add-r, you will report an error.

/usr/local/tomcat: not aregular file

If you need to rename, you can specify the location and file name on the remote host

scp -P 21386 -r/usr/local/tomcat/ root@192.168.1.221:/root/tomcat1

Upload compressed files to node2

scp -P 21386 -r /usr/local//root@192.168.1.221:/root

Transfer the node2 file directory or compressed file to node1.

scp -P 21386 -rroot@192.168.1.221:/root/tomcat /root

scp -P 21386 -rroot@192.168.1.221:/root/mysql.tar.gz /root

Of course, you can also operate from node2.

Since the above operation always requires a password, then do an SSH mutual trust next.

Since I changed the default port, I changed it back to the default port of 22.

All the way to enter!

ssh-copy-id -i.ssh/id_rsa.pub root@192.168.1.221

If you need DNS, do DNS or hosts in advance, and then do SSH mutual trust.

Testing:

ssh -help

The basic SSH is no longer a problem. However, the production environment, with a key authentication is also a lot, then the following do a key-based authentication. And prohibit root login and password login (operation slightly, too simple)

Delete data from node2 and transfer data from node1 to node2.

Because password login is not allowed, and root login is not allowed directly. Now it's key-based login, then switch to root, so now scp is the only way to use keys. And it can only be uploaded to the key user's home directory. Unless the corresponding user has permission in the specified directory. However, it is just an SCP, and the goal can be achieved.

scp -i Identity -P21386mysql.tar.gz node2@192.168.1.221:/home/node2

scp -i Identity -P21386 -r tomcat2/ node2@192.168.1.221:/home/node2

scp -i Identity -P21386 -r tomcat node2@192.168.1.221:/home/node2

Note: Enter prompt for password.

A small experience to share with everyone. I hope to share with you a lot.

QQ：1145507435

E-mail: renzhiyuan6666@vip.qq.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.