在两个远程服务器之间安全地复制文件

在两个远程服务器之间安全地复制文件

我正在尝试将文件从一台远程服务器复制 (scp) 到另一台远程服务器。远程服务器运行 Ubuntu 并使用 SSH 身份验证。服务器与 LDAP 同步,所有用户公钥都存储在 LDAP 服务器上。

我正在运行装有 OSX Mavericks 的 Mac - 我按照以下说明在 Mac 上设置代理转发:https://developer.github.com/guides/using-ssh-agent-forwarding/

当我尝试运行命令时:

luca-macbook:~ luca$ scp users@remoteserver:/home/ubuntu/file users@remoteserver:/home/ubuntu/ 

我收到以下错误:

Host key verification failed.
lost connection

有人能告诉我我做错了什么吗?

其次,如果我想复制整个目录,我是否只需输入与上面相同的内容,它就会移动目录中的所有文件,还是需要在某处使用 -R?

提前致谢。

答案1

该错误意味着远程主机的密钥已更改或您正在使用StrictHostKeyChecking

StrictHostKeyChecking
   If this flag is set to “yes”, ssh(1) will never automatically add host keys to the
   ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed.
   This provides maximum protection
   against trojan horse attacks, though it can be annoying when the /etc/ssh
   /ssh_known_hosts file is poorly maintained or when connections to new hosts are
   frequently made.  This option forces the user to manually add all new hosts.  
   If this flag is set to “no”, ssh will automatically add new host keys to the user
   known hosts files.  If this flag is set to “ask”, new host keys will be added to the
   user known host files only after the user has confirmed that is what they really want
   to do, and ssh will refuse to connect to hosts whose host key has changed.  The host
   keys of known hosts will be verified automatically in all cases.  The argument must 
   be “yes”, “no”, or “ask”.  The default is “ask”.

使用以下方法清除:

$ ssh-keygen -R $remoteserver

然后重试。这一次,您应该被要求通过其密钥指纹来确认远程服务器的身份。

要传输整个目录,-r使用以下命令:

-r      Recursively copy entire directories.  Note that scp follows symbolic links
        encountered in the tree traversal.

这一切都记录在scp(1)ssh-keygen(1)ssh_config(5)手册页。

相关内容