Linux 远程到远程复制的 scp 主机密钥验证失败
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9795662/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
scp host key verification failed for remote to remote copy
提问by necromancer
scp foo user@remote:barworks fine
scp foo user@remote:bar工作正常
scp user@remote:foo barworks fine
scp user@remote:foo bar工作正常
scp user@remote:foo user@remote:barfails with error:
scp user@remote:foo user@remote:bar失败并出现错误:
Host key verification failed.
lost connection
I am guessing this is because scp disallows remote to remote copy (between two different remote hosts or the same remote host) because it is inefficient to channel the data from point Ato point Lto point Brather than directly from point Ato point B.
我猜这是因为 scp 不允许远程到远程复制(在两个不同的远程主机或同一个远程主机之间),因为将数据从point Atopoint L传送到topoint B而不是直接从point Ato 传送数据效率低下point B。
Is that the right rationale for why it doesn't work? How come the command-line usage instructions in the manual does not document it? Or is it just that the specific scp on my Ubuntu distribution is trying to be paternal?
这是为什么它不起作用的正确理由吗?为什么手册中的命令行使用说明没有记录?或者只是我的 Ubuntu 发行版上的特定 scp 试图成为父系?
采纳答案by dAm2K
It works. Your problem is the SSH authentication between user@remote and user@remote. If it's the same user on the same server and you are using RSA authentication, you have to append the public key (~/.ssh/id_rsa.pub) into ~/.ssh/authorized_keys of the user itself.
有用。您的问题是 user@remote 和 user@remote 之间的 SSH 身份验证。如果是同一台服务器上的同一用户并且您使用的是 RSA 身份验证,则必须将公钥 (~/.ssh/id_rsa.pub) 附加到用户本身的 ~/.ssh/authorized_keys 中。
Pay attention to name resolution too. In your case "remote" can be a server name that make sense to your client, but could not make sense from the remote point of view. Use the server IP (if the server is not behind nat) or set a common server name into /etc/hosts on your client and server machine: "remote" should be resolvable from your client and your server machine.
也要注意名称解析。在您的情况下,“remote”可以是对您的客户端有意义的服务器名称,但从远程的角度来看没有意义。使用服务器 IP(如果服务器不在 nat 之后)或在您的客户端和服务器机器上将公共服务器名称设置为 /etc/hosts:“远程”应该可以从您的客户端和服务器机器解析。
回答by Worldcrafter
"It is important to note that SCP cannot be used to remotely copy from the source to the destination when operating in password or keyboard-interactive authentication mode, as this would reveal the destination server's authentication credentials to the source." http://en.wikipedia.org/wiki/Secure_copy#Remote_to_remote_mode
“重要的是要注意,在密码或键盘交互身份验证模式下操作时,SCP 不能用于从源远程复制到目标,因为这会向源泄露目标服务器的身份验证凭据。” http://en.wikipedia.org/wiki/Secure_copy#Remote_to_remote_mode
Try using key-based authentication to pull off a remote to remote scp.
尝试使用基于密钥的身份验证从远程到远程 scp。
回答by Travis Stevens
Check out the option:
查看选项:
-3 : Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. Note that this option disables the progress meter.
-3 :两个远程主机之间的副本通过本地主机传输。如果没有此选项,数据将直接在两个远程主机之间复制。请注意,此选项会禁用进度表。
This option became available in OpenSSH 5.7
此选项在OpenSSH 5.7 中可用
