HowTo: use scp in batch mode

Posted on 2004-04-22
Last Modified: 2013-12-16

I am currently using scp manually to update different files from one host to 3 other hosts : at connection my password is requested and I enter it

I want to setup crontab to do so.

How can I configure scp to avoid password propmpting. I understand I have to use

scp -B -i identity_file cpThisFile root@

How do I generate identity_file for the 3 different targets and where should it be created

The purpose is to propagate IMSS rules, copy /etc/hosts, /etc/postfix/transportList etc from one master to slaves,

If full instruction and readymade scripts, same amount of points will be available

Question by:stefri
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

astrand earned 250 total points
ID: 10893553
(Assuiming OpenSSH) On the client, run:

ssh-keygen -t dsa

Press Enter on all questions. Copy .ssh/ to the remote host(s), to the file .ssh/authorized_keys.

Normally, you do not need to use the -i argument, but if you want, it should point to the file ~/.ssh/id_dsa.

You might need to adjust permissions on .ssh/authorized_keys to mode 0600.

Expert Comment

ID: 10893566
from the note at the address:

i am copy pasting:


On the machine that you want to log into without a password you should have the public key that was generated by running ssh-keygen on the machine that you want to connect from.
The private key stays on the machine that you are connecting from.
The ~/mark/.ssh directory should have 700 permissions, owner mark, group users
The should be called just that, the id_dsa private key has to know what to look for.

Cat the key ( to an empty authorized_keys file

Here is my sshd_config

# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes

# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server

Good luck, take it step by step and it will work.

#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
LVL 13

Author Comment

ID: 10897623
Thank you to both but astrand was the first to answer by 1 minute

If I understood well:

ssh-keygen -t dsa
Geerates two files: ~/.ssh/id_dsa and ./ssh/
Copy with scp to the target machine into .ssh/authorized_keys
Set permissions on .ssh drw----
Repeat the process for each target
use scp -B theFile user@target/thatFile in my crontab


Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to moveā€¦
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question