How do I copy files that need root access with scp?

1

I have an Ubuntu server to which I am connecting using SSH.

I need to upload files from my machine into /var/www/ on the server, the files in /var/www/ are owned by root.

Using PuTTY, after I log in, I have to type sudo su and my password first in order to be able to modify files in /var/www/.

But when I am copying files using WinSCP , I can't create create/modify files in /var/www/, because the user I'm connecting with does not have permissions on files in /var/www/ and I can't say sudo su as I do in case of an ssh session.

Do you know how i could deal with this ?

If I was working on my local machine, I would call gksudo nautilus but in this case I only have terminal access to the machine.

Answers 5

You're right, there is no sudo when working with scp. A workaround is to use scp to upload files to a directory where your user has permissions to create files, then log in via ssh and use sudo to move/copy files to their final...

0 0
2

Image Result For How Do I Copy Files That Need Root Access With Scp

Generally, working in the root account should be an exception, not a rule the way you phrasing your question makes me think maybe you re abusing it a bit, which in turn leads to problems with permissions under normal cir.stances you don t need super admin privileges to access your own files.. First, you need to copy the file to a place where you have write access without sudo, scp yourfile serverb Then move the file using sudo ssh serverb sudo mv yourfile rsync rsync path=”sudo rsync” USER@SERVER root It will copy specific file from source to tmp in current server . I could get this to work on my box, but I m not sure if sudoers option requiretty would break it. On machine B create program that sudo will use to ask for p.words. e.g. home myname askp sh , chmod it x ! bin bash echo “my_p.word”. On machine A create connect script that will establish the ssh .I occasionally have to grab a user s mailbox...

0 0
3

I could get this to work on my box, but I'm not sure if sudoers option requiretty would break it.

On machine B create program that sudo will use to ask for passwords. e.g. /home/myname/askpass.sh, chmod it +x

#!/bin/bash echo "my_password"

On machine A create connect script that will establish the ssh connection for the scp and inject sudo + related commands into remote command. e.g. call it ./fakessh.sh, chmod it +x

#!/bin/bash oldargs=( $@ ) newargs=( ) while : ; do [ "${oldargs[0]}" == "scp" ] && break newargs+=( "${oldargs[0]}" ) oldargs=( "${oldargs[@]:1}" ) done newargs+=( 'export SUDO_ASKPASS=/home/myname/askpass.sh' \; exec sudo -A -- "${oldargs[@]}" ) exec ssh "${newargs[@]}"

Note that the script above references /home/myname/askpass.sh, update path as required.

Now run scp almost normally:

scp -S ./fakessh.sh user@hostname:/etc/shadow ./

This does work for me. YMMV.

I can think of other hacks if you can run something like ncat...

0 0
4

To copy all from Local Location to Remote Location (Upload)

scp -r /path/from/destination username@hostname:/path/to/destination

To copy all from Remote Location to Local Location (Download)

scp -r username@hostname:/path/from/destination /path/to/destination

Custom Port where xxxx is custom port number

scp -r -P xxxx username@hostname:/path/from/destination /path/to/destination

Copy on current directory from Remote to Local

scp -r username@hostname:/path/from/file .

Help:

-r Recursively copy all directories and files Always use full location from /, Get full location by pwd scp will replace all existing files hostname will be hostname or IP address if custom port is needed (besides port 22) use -P portnumber . (dot) - it means current working directory, So download/copy from server and paste here only.

Note: Sometimes the custom port will not work due to the port not being allowed in the firewall, so make sure that custom port is allowed in the...

0 0
5

The situation was like this. I was given a key by sysop. It was named after me. When I log in to terminal I just do:

ssh -i keyfile username@ip

so in the server I am logged as myself, but I need to do

sudo su dev

in order to be able to access some directories. Now my problem is, according to the sysop there's no limitation of my permissions with that keyfile. I can do anything on the server with it. "But", when I tried to use cyberduck for mac, I wasn't able to drag and drop files because I cannot do sudo su dev in cyberduck, as the keyfile is named after me. So how do I do sudo su dev , hence switch to that dev name in order to be able to drag and drop files in cyberduck? Because now, all I can do is,just see the directories and files in the server using that ssh client.Unless I go to terminal and do sudo su...

0 0
6

Linux administrator should be familiar with CLI environment. Since GUI mode in Linux servers is not a common to be installed. SSH may the most popular protocol to enable Linux administrator to manage the servers via remote in secure way. Built-in with SSH command there is SCP command. SCP is used to copy file(s) between servers in secure way.

10 Linux SCP Commands

The below command will read as “copy source_file_name” into “destination_folder” at “destination_host” using “username account”.

Basic syntax of SCPscp source_file_name [email protected]_host:destination_folder

There are much parameters in SCP command that you can use. Here are the parameters that may useful on daily basis usage.

Provide the detail information of SCP process using -v parameter

Basic SCP command without parameter will copy the files in background. User will see nothing unless the process is done or some error appears. You can use “-v” parameter to print debug information...

0 0
7

While I was working on my new project I had a situation where we need to copy our files from Amazon AWS to Rackspace server.

On Amazon server as per the app architecture we are having multiple elastic private servers and we wanted to copy data from private server to the AWS public server and then to Rackspace. As I am not expert of Unix so it look some time for me to figure out how to do it.

I was aware that I have to use SCP or Rsync etc command but things were not working, because I was not having the root access to Amazon. Finally after googling and trying various commands / options I got it working. Here are my notes on that

scp -i :

In SCP

-i indicates the identity_file

: – Source from where we would like to copy the file/folder

– Destination location where we would like to copy it, it can be a local/remote location

If we have to copy file from Local to remote server and we have access to a specific port of that server...

0 0
8

First of all, can you login to remote system with ssh and do sudo cat /etc/shadow (just do not paste output here, we don't need it)? If you can you are good, if you can't you need to add your remote user to sudoers and/or wheel and try again.

Then, if you are doing something like this often consider adding another admin account to remote machine (not another root) with just enough permissions and groups to do what is necessary.

If you need just this time then either use one of other answers to connect and copy or upload to temporary file, connect with normal user account and sudo mv /home/user/uploadedfile.cnf /to/here/mysql.cnf and sudo chown root:root /to/here/mysql.cnf to give it right...

0 0
9

How do I scp all files except for ... ?

Hi, don't really know where to ask this question, so I'm putting it here (after all, I am fairly new).

Ok, so. I want to `scp' a whole bunch of files to another server :

$ scp * username@otherserver:/dir/dir/dir/

... which works fine.
Next, I want to do the same thing but for all files EXCEPT for the files with 'foo' or 'bar' in the name. After sniffing around a while I found several different solutions one of them was to pipe ls into grep -v ... twice:

$ ls | grep -v 'foo' | grep -v 'bar'
file.1
lala.2
...
yadda.3

Ok, that worked great! Now let's see if I have this `command substitution` thing worked out:

$ echo `ls | grep -v 'foo' | grep -v 'bar'`
file.1 lala.2 ... yadda.3

Hooray! So now I can do my scp ...

$ scp `ls | grep -v 'foo' | grep -v 'bar'` username@otherserver:/dir/dir/dir/
file.1: No such file or directory
...

0 0
10

In this article, I show you how to use the scp (secure copy) command without needing to use passwords. I then show you how to use this command in two scripts. One script lets you copy a file to multiple Linux boxes on your network, and the other allows you to back up all of your Linux boxes easily.

If you're a Linux sysadmin, you frequently need to copy files from one Linux box to another. Or, you may need to distribute a file to multiple boxes. You could use FTP, but using scp has many advantages. For instance, scp is much more secure than FTP. scp travels across the LAN/WAN encrypted, while FTP uses clear text, even for passwords.

But what I like best about scp is it's easily scriptable. Suppose you need to distribute a file to 100 Linux boxes. I'd rather write a script to do this than type 100 sets of copy commands. If you use FTP in your script, things can get messy, because each Linux box you log into is going to ask for a password. But if you use scp in your...

0 0
11

I‘m using scp command to copy files from one server to another server. The problem is that I’m unable to copy all hidden files (such as .bash_history). How do I copy hidden files using the scp command under Unix like operating systems?

The scp command copies files between servers (computers) on a network. It uses ssh for data transfer, and uses the same authentication and provides the same security as ssh.

scp Command

The correct syntax is as follows to copy all files including hidden dot files:
$ scp -rp /path/to/source/. user@server2:/path/to/dest/
Where,

-r : Recursively copy entire directories. Note that scp follows symbolic links encountered in the tree trave-p : Preserves modification times, access times, and modes from the original file./path/to/source/. : Appending a dot (.) symbol is very important when you specify /path/to/source as a source path. If you skip dot in path it will only copy normal files and scp will skip all hidden...
0 0
12

I have a big list of servers. Using a PHP script, I need to get the apache2 access logs from each server. I had originally tested this with a test file and my webuser using SCP and it worked great, but at the time I didn't realize that root can't use SCP by default, so when I switched over to grab the actual files... it failed.

Apache2 logs are protected and can only be accessed by root. This is fine, as I have the credentials. However - I cannot just use SCP with root as root doesn't have access to SCP, and I can't go in and give spc permission to root on each server. I also can't change the log permissions so that my webuser can access it.

Is there some sort of workaround to this?

I've considered using exec to simply ssh into each remote server as root, and use scp in reverse to push back down to my local server - right now I'm working on my local and I don't have a static IP to specify, is there a way to specify the host? Perhaps I could ssh is as root, copy...

0 0
13

> On 4/14/07, Douglas Allan Tutty

[hidden email]

> wrote:

> >In the past, to move config or script files from one box to another on

> >my home network I've used scp or rsync.

> >

> >However, recent discussions on the list have pointed out that root login

> >with ssh should not be allowed.

> >

> >How then to copy files that either only root can read or only root can

> >place, or that need owner/permissions to be unchanged?

> >

> >I have sshd setup to only allow ssh based on pre-existing keys (no

> >password login allowed), and it only listens on the local interface, and

> >I've got shorewall running and doesn't allow ssh to/from the net.

>

> Well, the main idea behind "root login shouldn't be allowed" is, that

> root is known to exist on every linux system, so bruteforcing is one

> step easier (you already know username), plus if root gets

> compromised, all...

0 0
14

secure copy (remote file copy program)


see also : rcp - sftp - ssh - ssh-add - ssh-agent - ssh-keygen

Synopsis

scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [

[user@]host1: ]file1 ... [
[user@]host2: ]file2


add an example, a script, a trick and tips

examples

source

scp $SCPOPTS $ARCHIVE $SCPTO

source

scp *rb newt:twitter/tgraph

source

scp slave.exe taibei:

scp slave.exe moon:

#scp slave.exe root@l56:

scp slave.exe root@l76:

scp slave.exe root@l80:

scp slave.exe root@l80:

scp slave.exe root@l81:

#scp slave.exe root@l82:

scp slave.exe root@l83:

scp slave.exe root@e09:

source

WinSCP client for Ubuntu

In the top-left corner you have three menus. Select the middle one, and then the entry named...

0 0
15

Secure copy

Scp (Secure Copy) is a command line tool to copy or transfer files across hosts. It uses the same kind of security mechanism like the ssh program. Infact it uses an ssh connection in the background to perform the file transfer. scp refers both to the "protocol" that defines how secure copy should work and the "program" (command) which is installed as a part of OpenSSH suite of tools.

In this quick tutorial we shall look at a few examples the scp command and how it can be used to transfer files securely.

Installing scp

Scp is generally installed by default on most linux distros as a part of openssh packages. On ubuntu/debian for example, the openssh-client package provides the scp program.

$ dpkg -L openssh-client | grep scp /usr/bin/scp /usr/share/man/man1/scp.1.gz

Its the OpenSSH package that provides the ssh, scp, sftp programs along with many other tools. So we do not have to do anything extra in here, except to use and learn the...

0 0
16
...
0 0
17
Unix Toolbox

This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users. This is a practical guide with concise explanations, however the reader is supposed to know what s/he is doing.

Listing | Priority | Background/Foreground | Top | Kill

Listing and PIDs

Each process has a unique number, the PID. A list of all running process is retrieved with

ps

.

# ps -auxefw # Extensive list of all running process

However more typical usage is with a pipe or with

pgrep

(for OS X install

proctools

from

MacPorts

):

# ps axww | grep cron 586 ?? Is 0:01.48 /usr/sbin/cron -s # ps axjf # All processes in a tree format (Linux) # ps aux | grep 'ss[h]' # Find all ssh pids without the grep pid # pgrep -l sshd # Find the PIDs of processes by (part of) name # echo $$ # The PID of your shell # fuser -va 22/tcp # List...
0 0
18

The secure shell, ssh, and its companion, scp, are tools that I use more or less on a daily basis. Being able to move files between machines without having to setup SAMBA or NFS is very handy when working with multiple systems. All that you need is to enable the secure shell daemon - sshd.

Before we go into the details of the sshfs, let's run through a quick re-cap of ssh. The secure shell daemon runs on port 22 by default. It makes it possible to run an encrypted shell session. With the -Y flag, you can even run X11-forwarding, allowing you to run X11, i.e. graphical, programs on the remote machine and displaying the windows on the terminal that you are sitting at.

You can configure sshd through the /etc/ssh/sshd_config file (that is the location on my Kubuntu machine). Here, you can disable root access, older protocols, X11 forwarding, etc. The notion is that the more limits you put on the remote access, the more secure your system is from potential attacks. You...

0 0