SCP is I underestimated you---based on key transfer!

Reason: The company is based on the key login, although there are firewalls and other devices, and does not allow root direct login and do not allow password login. Because the company's network is not good, there is a need to copy one time 2 multi-G data to another server. I was thinking of the SCP (although there are other command tools) but I forgot to allow the password to login now. Although there are other ways (such as Lrzsz or WINSCP FTP, etc.), it will take too much time to download and upload it first. After all, go to the server LAN is the fastest, if you go to the company, and then upload, it is too troublesome. So look at the SCP--help found to have a-i parameter. So is the way to support the key. Careful study, really good, so, I wrote a document, and share with you.

[Email protected] ~]# SCP--help

USAGE:SCP [ -1246BCPQRV] [-C cipher] [-f ssh_config] [-iidentity_file]

[-L limit] [-ossh_option] [-P Port] [-S program]

[[Email Protected]]host1:]file1 ... [[Email Protected]]host2:]file2

[Email protected] ~]#

Syntax Explanation:

-1246BCPQRV :

-1 Mandatory SCP with protocol 1

-2 Mandatory SCP with protocol 2

-4 Web site for mandatory SCP with IPV4

-6 Web site for mandatory SCP with IPV6

- b Select batch mode (prevents password entry)

- C allow compression. Callout-C to SSH (1) to allow compression

- P Specify the number of changes, number of connections, and schema for the original file

- Q Turn off the progress parameters .

- R recursively copy an entire folder

- v verbose display output

- C cipher : Select cipher to encrypt the data transfer.

- F Ssh_config : Specify the configuration file for SSH

- I. Identity_file              : Select the file to read the private password by RSA authentication.

- I. Limit : Limit transmission bandwidth, which is speed with kbit/s speed

- o ssh_option                   : The configuration format in Ssh_config can be uploaded to ssh.

- P Port : Specify SSH port

- S program : Specifies an encryption program.

[email protected] User

host1 Host (can be an IP or a domain name)

Test environment:

node1:192.168.1.220 Centos6.6mini

node2:192.168.1.221 Centos6.6mini

  

Node1:

upload folders to Node2;

scp-p 21386-r/usr/local/tomcat/ [email protected]:/root

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/80/EF/wKiom1dFFULDlkhzAAMQspx2SKc990.jpg "title=" 1.jpg " alt= "Wkiom1dffuldlkhzaamqspx2skc990.jpg"/>

Note: If you do not add-r, you will get an error

/usr/local/tomcat:not aregular File

If you need to rename, you can specify the location and file name on the remote host

Scp-p 21386-r/usr/local/tomcat/[Email protected]:/root/tomcat1

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/80/EF/wKiom1dFFY2xyg1IAABHz7GB0L8714.png "title=" 2.png " alt= "Wkiom1dffy2xyg1iaabhz7gb0l8714.png"/>

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/80/EE/wKioL1dFFqWSWhNYAAHOEQ0dVjU827.jpg "title=" 3.jpg " alt= "Wkiol1dffqwswhnyaahoeq0dvju827.jpg"/>

Uploading compressed files to Node2

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/80/EE/wKioL1dFFrzS-XBwAACgOxpQ4Pc736.png "title=" 4.png " alt= "Wkiol1dffrzs-xbwaacgoxpq4pc736.png"/>

scp-p 21386-r/usr/local// [email protected]:/root

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/EE/wKioL1dFFtCQxGY5AABYv1c6lV4370.png "title=" 5.png " alt= "Wkiol1dfftcqxgy5aabyv1c6lv4370.png"/>650) this.width=650; src= http://s1.51cto.com/wyfs02/M02/80/EE/ Wkiol1dffuvzrm0oaaao5xecxbm249.png "title=" 6.png "alt=" Wkiol1dffuvzrm0oaaao5xecxbm249.png "/>

Transfer the Node2 file directory or the compressed file to the Node1.

Scp-p 21386 [Email protected]:/root/tomcat/root

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/80/EF/wKiom1dFFg6h3E6zAABNGq3j0R0715.png "title=" 7.png " alt= "Wkiom1dffg6h3e6zaabngq3j0r0715.png"/>scp-p 21386 [email protected]:/root/mysql.tar.gz/root

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/80/EF/wKiom1dFFjexabdnAAMW62UxAps453.jpg "title=" 8.jpg " alt= "Wkiom1dffjexabdnaamw62uxaps453.jpg"/>

Of course, you can also do it from the Node2.

Because of the above operation, always require a password, then do a SSH trust.

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/80/EF/wKiom1dFFl6idJ3-AAAf8ycTwUE687.png "title=" 9.png " alt= "Wkiom1dffl6idj3-aaaf8yctwue687.png"/>

Since I changed the default port, I changed it back to the default port of 22.

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M00/80/EE/wKioL1dFF2rQ8oR7AAM6UQIYvVY502.jpg "title=" 10.jpg "alt=" Wkiol1dff2rq8or7aam6uqiyvvy502.jpg "/>

All the way to enter!

ssh-copy-id-i.ssh/id_rsa.pub [email protected]

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/80/EE/wKioL1dFF5GQwvJ5AAQNSdek2rs740.jpg "title=" 11jpg.jpg "alt=" Wkiol1dff5gqwvj5aaqnsdek2rs740.jpg "/>

If you need DNS, do DNS, or hosts, and then do SSH trust.

Test:

Ssh–help

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/80/EF/wKiom1dFFsDR699-AANDEJv9ayc316.jpg "title=" 12.jpg "alt=" Wkiom1dffsdr699-aandejv9ayc316.jpg "/>

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M02/80/EE/wKioL1dFF8zzv1APAAOw5T6dSP0441.jpg "title=" 13.jpg "alt=" Wkiol1dff8zzv1apaaow5t6dsp0441.jpg "/>

Do the above, basic SSH is no problem. However, the production environment, with a lot of key authentication, then do a key-based authentication. and disable root login and password login (slightly too simple to operate)

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/80/EE/wKioL1dFF-vSJRVSAAIqSquu_VU470.jpg "title=" 14.jpg "alt=" Wkiol1dff-vsjrvsaaiqsquu_vu470.jpg "/>

Delete the Node2 data and transfer the data on the Node1 to Node2.

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/80/EE/wKioL1dFGATQOeQ8AAAzTc7GcOQ250.png "title=" 15.png "alt=" Wkiol1dfgatqoeq8aaaztc7gcoq250.png "/>

Because passwords are not allowed to log in, and root is not allowed to log in directly. Now it is based on the key login and then switch to root, so now only use the SCP in the way of the key. And can only be uploaded to the key user home directory. Unless the appropriate user has permissions in the specified directory. However, it is an SCP, which can be achieved.

scp-i identity-p21386mysql.tar.gz [email protected]:/home/node2

scp-i identity-p21386-r tomcat2/ [email protected]:/home/node2

scp-i identity-p21386-r Tomcat [email protected]:/home/node2

Note: Enter the prompt for the password.

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/80/EE/wKioL1dFGCfRAa4kAAN40Eaa43U297.jpg "title=" 16.jpg "alt=" Wkiol1dfgcfraa4kaan40eaa43u297.jpg "/>

A little experience to share with everyone. We hope to communicate and share with you.

qq:1145507435

Email: [Email protected]

This article comes from "? Only! "Blog, be sure to keep this provenance http://renzhiyuan.blog.51cto.com/10433137/1782910

SCP is I underestimated you---based on key transfer!