HowTo: use scp in batch mode

Posted on 2004-04-22
Last Modified: 2013-12-16

I am currently using scp manually to update different files from one host to 3 other hosts : at connection my password is requested and I enter it

I want to setup crontab to do so.

How can I configure scp to avoid password propmpting. I understand I have to use

scp -B -i identity_file cpThisFile root@

How do I generate identity_file for the 3 different targets and where should it be created

The purpose is to propagate IMSS rules, copy /etc/hosts, /etc/postfix/transportList etc from one master to slaves,

If full instruction and readymade scripts, same amount of points will be available

Question by:stefri

Accepted Solution

astrand earned 250 total points
ID: 10893553
(Assuiming OpenSSH) On the client, run:

ssh-keygen -t dsa

Press Enter on all questions. Copy .ssh/ to the remote host(s), to the file .ssh/authorized_keys.

Normally, you do not need to use the -i argument, but if you want, it should point to the file ~/.ssh/id_dsa.

You might need to adjust permissions on .ssh/authorized_keys to mode 0600.

Expert Comment

ID: 10893566
from the note at the address:

i am copy pasting:


On the machine that you want to log into without a password you should have the public key that was generated by running ssh-keygen on the machine that you want to connect from.
The private key stays on the machine that you are connecting from.
The ~/mark/.ssh directory should have 700 permissions, owner mark, group users
The should be called just that, the id_dsa private key has to know what to look for.

Cat the key ( to an empty authorized_keys file

Here is my sshd_config

# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes

# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server

Good luck, take it step by step and it will work.

#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
LVL 13

Author Comment

ID: 10897623
Thank you to both but astrand was the first to answer by 1 minute

If I understood well:

ssh-keygen -t dsa
Geerates two files: ~/.ssh/id_dsa and ./ssh/
Copy with scp to the target machine into .ssh/authorized_keys
Set permissions on .ssh drw----
Repeat the process for each target
use scp -B theFile user@target/thatFile in my crontab


Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now