Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tlug] Multiple scp targets?



Darren Cook writes:

 > I have a batch file that does something like this:
 >  scp file1 file2 host1:/target/path1/
 >  scp file1 file2 host1:/target/path2/
 > 
 > The downside is it asks me the password twice. As I'm about to increase
 > that to 4 or more target paths I'm thinking there must be another way.
 > 
 > Any suggestions? Is there scp syntax to support this?

Not that I've heard of.  Nor for rsync.  Any such syntax would either
be rather complicated, or ambiguous.

 > I'm reluctant to use key-login for this; I like having to type a
 > password, as I have a different password for each machine, and I've
 > sometimes caught a typo with wrong target machine this way. And it feels
 > a bit more secure.

Unless you have a lot better memory for 15-place BASE 85 numbers than
most people, if you can remember the password, it is *less* secure
over the net than public key.  How secure the whole system is depends
on how secure the host you are scp-ing from is.  It is possible to put
time limits on your ssh agent, as well, with the -t option.  Whether
this will help you with typos, I don't know.

How about

#! /bin/sh
seconds=30            # TTL for ssh-agent; season to taste
host=$1; shift
echo "Sending $@ to host $host..."
ssh-add -t $seconds ~/.ssh/$host

# if <target> or <pathN> need to vary by host, use "case $host in ..."
# if <pathN> needs to be specified on the command line, you'll need
# more trickery
for path in path1 path2; do scp $@ ${host}:/target/$path; done
# end script

 > My final idea is to keep file1,file2, etc. in an svn repository.

Gawd, no.  git or hg.  gitosis for git (would that be halitosis for
hg?) can help with configuration and security, although I don't know
how much for your particular case.  Still, if it's good enough for
Curt "Yayakoshiya" Sampson, it's worth looking at.

 > (I.e. I've got userX can access /var/svn/project1/, but I'm not sure
 > there is anything to stop them accessing /var/svn/project2/ ) Perhaps I
 > just need to find a good svn tutorial?

I'm sure there's a way to do this with svn if you must do it with svn,
but how secure it is I don't know.  I would imagine the classic
"avail" script used for CVS access via ssh would work.



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links