SCP命令的含义及使用

SCP命令的含义及使用

1、SCP含义
在本机和远程服务器上中转文件。使用密码进行验证。
基于SSH传输,比较安全。
scp /home/zianed/ls.txt [email protected]:/chome/ls.txt
然后输入用户口令即可将文件进行传输。

Linux之间文件复制方法:
1)ftp,也就是其中一台Linux安装ftp Server,另外一台使用ftp的client程序来进行文件的copy。
2)采用samba服务,类似Windows文件copy的方式来操作;
3)利用scp命令来进行文件复制。

2、SCP测试
复制本地文件到远程主机
SCP复制文件:
Zianed@ubuntu:~$ scp /home/a/n/Zianed/in.txt [email protected]:/home/a/n/Zianed/javahome/in.log
The authenticity of host ‘ubuntu.unix-center.net (192.168.1.15)’ can’t be established.
RSA key fingerprint is 96:41:1e:80:9f:71:69:6c:87:00:23:9d:ba:c3:ca:69.
Are you sure you want to continue connecting (yes/no)? yes
【注:输入yes同意进行连接】
Warning: Permanently added ‘ubuntu.unix-center.net,192.168.1.15′ (RSA) to the list of known hosts.
[email protected]’s password:
in.txt                                        100%   70     0.1KB/s   00:00
Zianed@ubuntu:~$

查看文件如下;
-bash-3.00$ ls -l javahome/in.log
-rw-r–r–  1 Zianed member 70 2009-11-11 18:42 javahome/in.log
-bash-3.00$

复制远程主机文件到本地
Zianed@ubuntu:~$ rm -rf ls.list
Zianed@ubuntu:~$ ls -l ls.list
ls: cannot access ls.list: No such file or directory
Zianed@ubuntu:~$ scp [email protected]:/home/a/n/Zianed/javahome/in.log /home/a/n/Zianed/ls.list
[email protected]’s password:
in.log                                        100%   70     0.1KB/s   00:00
Zianed@ubuntu:~$ ls -l ls.list
-rw-r–r– 1 Zianed member 70 Nov 11 18:50 ls.list
Zianed@ubuntu:~$

实例使用例子如下
root@test-177-ce0 # scp s2new.zip [email protected]:/weblogic/bea/user_projects/applications/app2/
在打包、部署和备份时,很有用处

3、使用技巧
-r参数 操作目录结构

-v测试操作方式,但实际并不进行文件复制操作
Zianed@ubuntu:~$ scp -v [email protected]:/home/a/n/Zianed/javahome/

in.log /home/a/n/Zianed/ls.list
Executing: program /usr/bin/ssh host ubuntu.unix-center.net, user Zianed, command scp -v -f /home/a/n/Zianed/javahome/in.log
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to ubuntu.unix-center.net [192.168.1.15] port 22.
debug1: Connection established.
debug1: identity file /home/a/n/Zianed/.ssh/identity type -1
debug1: identity file /home/a/n/Zianed/.ssh/id_rsa type -1
debug1: identity file /home/a/n/Zianed/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1 Debia

n-8ubuntu1.2
debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host ‘ubuntu.unix-center.net’ is known and matches the RSA host key.
debug1: Found key in /home/a/n/Zianed/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/a/n/Zianed/.ssh/identity
debug1: Trying private key: /home/a/n/Zianed/.ssh/id_rsa
debug1: Trying private key: /home/a/n/Zianed/.ssh/id_dsa
debug1: Next authentication method: password
[email protected]’s password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = C
debug1: Sending command: scp -v -f /home/a/n/Zianed/javahome/in.log
Sending file modes: C0644 70 in.log
Sink: C0644 70 in.log
in.log                                                                                                                     100%   70     0.1KB/s   00:00
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
Zianed@ubuntu:~$

不使用密码登陆的验证可以用ssh-keygen来操作
ssh-keygen
产生公开钥 (pulib key) 和私人钥 (private key),以保障 ssh 联机的安性, 当 ssh 连 shd 服务器,会交换公开钥上,系统会检查 /etc/ssh_know_hosts 内储存的 key,如

果找到客户端就用这个 key 产生一个随机产生的session key 传给服务器,两端都用这个 key 来继续完成 ssh 剩下来的阶段。

它会产生 identity.pub、identity 两个档案,私人钥存放于identity,公开钥 存放于 identity.pub 中,接下来使用 scp 将 identity.pub copy 到远程机器的家目录下.ssh下

的authorized_keys。 .ssh/authorized_keys(这个 authorized_keys 档案相当于协议的 rhosts 档案), 之后使用者能够不用密码去登入。RSA的认证绝对是比 rhosts 认证更来

的安全可靠。

执行:
scp identity.pub [email protected]:.ssh/authorized_keys

若在使用 ssh-keygen 产生钥匙对时没有输入密码,则如上所示不需输入密码即可从 net67.linux1.local-host去登入 linux1.linux1.local-host。在此,这里输入的密码可以跟

帐号的密码不同,也可以不输入密码。

4、RCP
RCP是一种服务

C:/Documents and Settings/Zianed>rcp /?
Copies files to and from computer running the RCP service.
RCP [-a | -b] [-h] [-r] [host][.user:]source [host][.user:] path/destination

-a                 Specifies ASCII transfer mode. This mode converts
the EOL characters to a carriage return for UNIX
and a carriage
return/line feed for personal computers. This is
the default transfer mode.
-b                 Specifies binary image transfer mode.
-h                 Transfers hidden files.
-r                 Copies the contents of all subdirectories;
destination must be a directory.
host               Specifies the local or remote host. If host is
specified as an IP address OR if host name contains
dots, you must specify the user.
.user:             Specifies a user name to use, rather than the
current user name.
source             Specifes the files to copy.
path/destination   Specifies the path relative to the logon directory
on the remote host. Use the escape characters
(/ , “, or ‘) in remote paths to use wildcard
characters on the remote host.
C:/Documents and Settings/Zianed>

Solaris
rcp – remote file copy

Copies files from one computer to another computer. Note: RCP is not a secure or encrypted method of transferring files.

rcp
R*命令不加密数据,导致密码以明码在网上传输,不安全。

5、SCP帮助
root@test-177-ce0 # man scp
NAME
scp – secure copy (remote file copy program)

SYNOPSIS
scp [-pqrvBC46] [-F ssh_config] [-S program] [-P port]
[-c cipher] [-i identity_file] [-o ssh_option]
[ [user@]host1:]file1 []… [ [user@]host2:]file2

DESCRIPTION
The scp utility copies files between hosts on a network.  It
uses ssh(1) for data transfer, and uses the same authentica-
tion and  provides  the  same  security  as  ssh(1).  Unlike
rcp(1),  scp  will  ask for passwords or passphrases if they
are needed for authentication.

Any file name may contain a host and user  specification  to
indicate  that  the  file is to be copied to/from that host.
Copies between two remote hosts are permitted.

OPTIONS
The following options are supported:

-4                  Forces scp to use IPv4 addresses only.

-6                  Forces scp to use IPv6 addresses only.

-B                  Selects batch mode. (Prevents asking for
passwords or passphrases.)

-c cipher           Selects the cipher to use for encrypting
the   data   transfer.  This  option  is
directly passed to ssh(1).

-C                  Compression enable. Passes the  -C  flag
to ssh(1) to enable compression.

-F ssh_config       Specifies an alternative per-user confi-
guration file for ssh(1.).

-i identity_file    Selects the file from which the identity
(private  key) for RSA authentication is
read. This option is directly passed  to
ssh(1).

SunOS 5.10          Last change: 22 Jun 2007                    1

User Commands                                              scp(1)

-o ssh_option       The given option is directly  passed  to
ssh(1).

-p                  Preserves  modification  times,   access
times, and modes from the original file.

-P port             Specifies the port to connect to on  the
remote  host. Notice that this option is
written with a capital `P’,  because  -p
is  already  reserved for preserving the
times and modes of the file in rcp(1).

-q                  Disables the progress meter.

-r                  Recursively copies entire directories.

-S program          Specifies the name of the program to use
for  the  encrypted connection. The pro-
gram must understand ssh(1) options.

-v                  Verbose mode. Causes scp and  ssh(1)  to
print  debugging  messages  about  their
progress. This is helpful  in  debugging
connection,  authentication,  and confi-
guration problems.

OPERANDS
The following operands are supported:

host1, host2,…    The name(s) of the host from or to which
the file is to be copied.

file1, file2,…    The file(s) to be copied.

EXIT STATUS
The following exit values are returned:

0    Successful completion.

1    An error occurred.

SunOS 5.10          Last change: 22 Jun 2007                    2

User Commands                                              scp(1)

ATTRIBUTES
See attributes(5) for descriptions of the  following  attri-
butes:

____________________________________________________________
|       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
|_____________________________|_____________________________|
| Availability                | SUNWsshu                    |
|_____________________________|_____________________________|
| Interface Stability         | Evolving                    |
|_____________________________|_____________________________|

SEE ALSO
rcp(1),  ssh(1),  ssh-add(1),  ssh-agent(1),  ssh-keygen(1),
sshd(1M), ssh_config(4), attributes(5)

NOTES
Generally, use of scp with password or  keyboard-interactive
authentication   method  and two remote hosts does not work.
It does work with either the pubkey,  hostbased  or  gssapi-
keyex  authentication  method. For the pubkey authentication
method, either private keys not protected by  a  passphrase,
or  an  explicit  ssh  agent forwarding have to be used. The
gssapi-keyex   authentication   method    works   with   the
kerberos_v5  GSS-API  mechanism,  but  only  if  the GSSAPI-
DelegateCredentials option is enabled.

References
SCP操作不输密码

http://blog.csdn.net/cdtdx/archive/2008/08/01/2752208.aspx

http://wangwei.cao.blog.163.com/blog/static/10236252620099156594789/

http://wiki.chinaunix.net/index.php/Rcp

http://bbs.chinaunix.net/viewthread.php?tid=127021

你可能感兴趣的:(ssh,user,ubuntu,File,Authentication,attributes)