Ssh keys copy to remote host

I have created some ssh keys and trying to connect to a linux remote server
here is the command line:
ssh-copy-id -i ~/.ssh/id.rsa.pub [email protected]
but i get -bash: ssh-copy-id: command not found
what is the correct command please
tim

ssh-copy-id is a script on Linux. Since it is just a script, if you have access to a Linux system, you should be able copy the script to your Mac and use it.
Or you can just use
cat ~/.ssh/id_rsa.pub | ssh [email protected] "umask 077; mkdir -p .ssh ; cat >> .ssh/authorized_keys"
This ASSUMES that the destination [email protected] uses authorized_keys, and not authorized_keys2.
Message was edited by: BobHarris

Similar Messages

Terminal Hangs a few minutes after I SSH in to a remote host

I ssh into my work computer. I work for a few minutes and it just completely hangs. I don't know what is happening. I don't think it is a network problem, as I am able to log in for about 4 to 5 minutes before it completely freezes. Also, I can successfully connect from my iPad/iPhone, so it is a problem with my laptop terminal.

one of the software you installed may cause this issue. ( could be windows update )
if you remember the last time that your computer worked properly, use windows restore. if you don't, try to perform clean windows installation.
( you can also try to re-install power management before system recovery )

SFTP Issue in OSB invocation resulted in an error: com.maverick.ssh.SshException: ssh-dss Key Not Found for host hostname,ip

I created a Proxy Service to do pull file and push it to sftp server
known_hosts file is present on OSB server.
It has abcserverhostname,IP ssh-rsa AA................. ==
I created a business service to do SFTP push to sftp server (remote) - Its not working.
<Error> <SFTPTransport> <BEA-381826> <Key Not Found for host hostname,10.124....>
com.maverick.ssh.SshException: ssh-dss Key Not Found for host hostname,10.124.....
at com.bea.wli.sb.transports.sftp.client.KnownHostVerifier.onUnknownHost(KnownHostVerifier.java:37)
My Business Service
End Point URI : sftp://sftpserverhostname:22/directorypath
Authetication Mode : user name, password.I have created a Service Account for sftpserver and imported in Business Service.
Do I need to give anything else in known_hosts file ?
and hostname can be any random name?
<Dec 11, 2013 1:45:37 PM GMT+08:00> <Error> <SFTPTransport> <BEA-381801> <Error occured for endpoint com.bea.wli.sb.transports.TransportException: com.maverick.ssh.SshException: ssh-dss Key Not Found for host hostname,10.124....
com.bea.wli.sb.transports.TransportException: com.maverick.ssh.SshException: ssh-dss Key Not Found for host
at com.bea.wli.sb.transports.sftp.connector.SFTPTransportProvider.sendMessage(SFTPTransportProvider.java:161)
at com.bea.wli.sb.transports.sftp.connector.SFTPTransportProvider.sendMessageAsync(SFTPTransportProvider.java:111)
at sun.reflect.GeneratedMethodAccessor566.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
Truncated. see log file for complete stacktrace
Caused By: com.maverick.ssh.SshException: ssh-dss Key Not Found for host eirnode2,10.124.10.16
at com.bea.wli.sb.transports.sftp.client.KnownHostVerifier.onUnknownHost(KnownHostVerifier.java:37)
at com.sshtools.publickey.AbstractKnownHostsKeyVerification.A(Unknown Source)
at com.sshtools.publickey.AbstractKnownHostsKeyVerification.verifyHost(Unknown Source)
at com.maverick.ssh2.TransportProtocol.C(Unknown Source)
at com.maverick.ssh2.TransportProtocol.processMessage(Unknown Source)
Truncated. see log file for complete stacktrace

BEA-381826 suggest that there is any issue with your public key in known_host file, can you cross verify it again. Also can you check if known_host file has appropriate permissions and I am assuming it is in /OSB_DOMAIN/osb/transports/sftp folder.
Hostname,IP algorithm publickey are the hostname, ip, and public key of SFTP server.
As per troubleshooting guidelines
The Key not found for IP, host error message indicates that the known_hosts file does not contain an entry that corresponds to the specified IP-host combination. If the entry exists, then try with another algorithm key; for example, if the earlier attempt was with an RSA key, try again with a DSA key.
Cheers,
Sahil

Setup advice for rsync, ssh keys and launchd - all for remote webserver backup

Hi There,
This is the first time I'm doing this and I have limited command line experience but I need to setup a automatic backup of our webservers.
rsync
I have 4x rsync commands that work when run from the command line manually - here is an example, they just pull files from a few directories:
sudo rsync -avzO -e ssh [email protected]:/backups/ /Volumes/ServerVolume/webserver-backups/DEV/mysql/
I had issues with writing the files locally when running the above so had to do it as root and also add -O (-avzO). But because I need to run these automaticlly, I'm worried that running them as root will require a password - is that correct?
Also, while I've setup ssh keys, I feel unsure this has been done correctly - how do I test this properly?
launchd
While I've set up cron jobs on the webserver (a mysql dump) I don't have any experience with launchd and feel a bit out of my depth after reading the pages here:
http://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSystem Startup/Chapters/ScheduledJobs.html
http://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSystem Startup/Chapters/CreatingLaunchdJobs.html#//apple_ref/doc/uid/TP40001762-104142
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/ man8/launchd.8.html#//apple_ref/doc/man/8/launchd
I'm guessing I need to:
Somehow make the rsync command a file that wil execute in Terminal - do I just put it in a file and give it a .sh extension?
Create a launchd Property List File that will run the script at certain times
Somehow register the Property List File with launchd so it runs
Or maybe I should just use Automator and iCal?
I did try getting automator to run the rsync commands in terminal from iCal (I just pasted the commands straight in and set automator to pass them as arguments) but it doesn't seem to launch terminal so if there are errors, I can't see what they are. Because they started though, I think my SSH keys are setup.
Maybe it would just be better to figure out what is wrong with rsync commands and the permissions and just make these all run unattented from iCal?
Any help or suggestions would be much appreciated.
Cheers
Ben

Hi There,
This is the first time I'm doing this and I have limited command line experience but I need to setup a automatic backup of our webservers.
rsync
I have 4x rsync commands that work when run from the command line manually - here is an example, they just pull files from a few directories:
sudo rsync -avzO -e ssh [email protected]:/backups/ /Volumes/ServerVolume/webserver-backups/DEV/mysql/
I had issues with writing the files locally when running the above so had to do it as root and also add -O (-avzO). But because I need to run these automaticlly, I'm worried that running them as root will require a password - is that correct?
Also, while I've setup ssh keys, I feel unsure this has been done correctly - how do I test this properly?
launchd
While I've set up cron jobs on the webserver (a mysql dump) I don't have any experience with launchd and feel a bit out of my depth after reading the pages here:
http://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSystem Startup/Chapters/ScheduledJobs.html
http://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSystem Startup/Chapters/CreatingLaunchdJobs.html#//apple_ref/doc/uid/TP40001762-104142
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/ man8/launchd.8.html#//apple_ref/doc/man/8/launchd
I'm guessing I need to:
Somehow make the rsync command a file that wil execute in Terminal - do I just put it in a file and give it a .sh extension?
Create a launchd Property List File that will run the script at certain times
Somehow register the Property List File with launchd so it runs
Or maybe I should just use Automator and iCal?
I did try getting automator to run the rsync commands in terminal from iCal (I just pasted the commands straight in and set automator to pass them as arguments) but it doesn't seem to launch terminal so if there are errors, I can't see what they are. Because they started though, I think my SSH keys are setup.
Maybe it would just be better to figure out what is wrong with rsync commands and the permissions and just make these all run unattented from iCal?
Any help or suggestions would be much appreciated.
Cheers
Ben

Public ssh key not working with launchd

I have a simple shell script that has only a couple lines:
rm /Volumes/drive/folder/*
scp -r [email protected]:/Volumes/drive/folder/
the "admin_user" account has an ssh key to be able to connect to the remote server without having to enter in a password.
if i run this script manually, as "admin_user", it works.
i need this to run via launchd at a set time every day, which i've successfully configured, with the UserName key. the script does run via launchd and it successfully deletes the files (the first line of the script).
it is failing, when run via launchd, with the second line. the files are never copied.
the log shows that the ssh key isn't working:
12/19/08 10:43:00 AM edu.example.xxxxxxxml[1386] Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
i'm not sure what i need to do differently as far as configuring the keys.
many thanks,
chris

here is the verbose log... i am not an ssh or sshd_config expert so any guidance is appreciated!:
{quote}
admin_user12/23/08 10:34:00 AM edu.example.deptxxxml[26285] Agent pid 26287
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] Enter passphrase for /Users/adminuser/.ssh/idrsa:
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] Executing: program /usr/bin/ssh host testserver.example.edu, user admin_user, command scp -v -r -f /Volumes/drive/inc/data/dept/
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Reading configuration data /etc/ssh_config
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Connecting to testserver.example.edu [1xx.xx.117.3] port 22.
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Connection established.
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: identity file /Users/admin_user/.ssh/identity type -1
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: identity file /Users/adminuser/.ssh/idrsa type 1
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: identity file /Users/adminuser/.ssh/iddsa type -1
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: match: OpenSSH_4.7 pat OpenSSH*
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Enabling compatibility mode for protocol 2.0
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Local version string SSH-2.0-OpenSSH_5.1
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSGKEXINIT sent
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSGKEXINIT received
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: kex: server->client aes128-cbc hmac-md5 none
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: kex: client->server aes128-cbc hmac-md5 none
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSG_KEX_DH_GEXREQUEST(1024<1024<8192) sent
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: expecting SSH2MSG_KEX_DH_GEXGROUP
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSG_KEX_DH_GEXINIT sent
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: expecting SSH2MSG_KEX_DH_GEXREPLY
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Host 'testserver.example.edu' is known and matches the RSA host key.
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Found key in /Users/adminuser/.ssh/knownhosts:1
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: sshrsaverify: signature correct
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSGNEWKEYS sent
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: expecting SSH2MSGNEWKEYS
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSGNEWKEYS received
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSG_SERVICEREQUEST sent
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: SSH2MSG_SERVICEACCEPT received
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Next authentication method: gssapi-keyex
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: No valid Key exchange context
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Next authentication method: gssapi-with-mic
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Unspecified GSS failure. Minor code may provide more information
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] No credentials cache found
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Unspecified GSS failure. Minor code may provide more information
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] No credentials cache found
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Unspecified GSS failure. Minor code may provide more information
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Next authentication method: publickey
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Trying private key: /Users/admin_user/.ssh/identity
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Offering public key: /Users/adminuser/.ssh/idrsa
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: Server accepts key: pkalg ssh-rsa blen 277
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: PEMreadPrivateKey failed
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: read PEM private key done: type <unknown>
12/23/08 10:34:00 AM edu.example.deptxxxml[26285] debug1: read_passphrase: can't open /dev/tty: Device not configured
{quote}

SFTP receiver error: putFile: Could not connect to remote host; Reason: Unable to open Sftp client. SshReasonCode: CHANNEL_FAILURE

Hi,
When we try to send file over seeburger SFTP (receiver) we are getting the error as below.
Message processing failed. Cause: javax.resource.ResourceException: Fatal exception: javax.resource.ResourceException: >> Description: SFTP transaction error occured.>> Details: putFile: Could not connect to remote host; Reason: Unable to open Sftp client. SshReasonCode: CHANNEL_FAILURE>>SendingStatus: NOT_TRANSMITTED>>FaultCategory: COMMUNICATION_ERROR>>Retryable: true>>Fatal: true, >> Description: SFTP transaction error occured.>> Details: putFile: Could not connect to remote host; Reason: Unable to open Sftp client. SshReasonCode: CHANNEL_FAILURE>>SendingStatus: NOT_TRANSMITTED>>FaultCategory: COMMUNICATION_ERROR>>Retryable: true>>Fatal: true
But we are able to connect through filezilla . we are able to create and delete file using the same username and password which is being used in SFTP adapter.
we have imported the both dsa and rsa keys in SFTP partner folder in NWA. Even though we are getting same error.
Thanks,
Vinayak

Hi Ram,
we checked with network team and port 22 is open and they are able to ping to the target system.
we checked the seeburger logs and we see EOF received from remote site error:
Caused by: com.maverick.ssh.SshException: EOF received from remote side [Unknown cause]
#at com.maverick.ssh2.TransportProtocol.b(Unknown Source)
#at com.maverick.ssh2.TransportProtocol.i(Unknown Source)
#at com.maverick.ssh2.TransportProtocol.nextMessage(Unknown Source)
#at com.maverick.ssh.message.SshMessageRouter.d(Unknown Source)
#at com.maverick.ssh.message.SshMessageRouter.access$000(Unknown Source)
#at com.maverick.ssh.message.SshMessageRouter$_b.run(Unknown Source)
Thanks,
Vinayak.

SSH Key login not working when added to gpg-agent

Hello,
As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
However, when I try to connect to a server now, the following happens:
ssh -vT [email protected]
OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to XXXXXXXXX port XXXXX.
debug1: Connection established.
debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
debug1: Found key in /home/XXXX/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: No more authentication methods to try.
Permission denied (publickey).
Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
What could the problem be in this case? Thanks a lot!!
Last edited by replax (2015-05-18 19:06:58)

replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
Thanks a lot!!
Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect.

Does anybody have any experience on generating SSH key in Labview?

I'm developing a tool in Labview and this tool needs to generate SSH key then copy them out. I don't see a function in Labview that can generate SSH key pairs. I've tried external programs puttygen.exe and ssh-keygen. None of them are ideal solutions. Because puttygen needs mouse and button press interactions (user interface) and ssh-keygen needs cygwin installation.
Does anyone have any better ideas?
Thanks very much!

I have another question:
I used ssh-keygen with System Exec.vi. The code works fine on my XP machine. But it doesn't work on windows 7 enterprise machine. It seems that windows 7 has different security settings. But I tried to use different location for the working directory for System Exec.vi and it still wouldn't work.
I've attached a snapshot of my code here. I even tried to just have ssh-keygen in the command line and it didn't work either.
Does anyone have any ideas?
Thanks very much!
Attachments:
ssh-keygen.png ‏24 KB

Reading a text file from a remote host. Authentication required.

Hi frnds,
I have to read a text file "config.txt" from a remote host "HOSTNAME". File is shared in a folder - "FOLDER" .
If the folder is shared with no password protection then it works. But if the folder is password protected the code is unable to read the file.
I know the UserName and PassWord of the shared folder. How to code for this.
I don't want to share the Folder to everyone without a password.
Kindly Help.
try {
FileReader fr=new FileReader("\\\\HostName\\folder\\config.txt");
BufferedReader br=new BufferedReader(fr);
String s=null;
while((s=br.readLine())!=null)
/* One line is read */
fr.close();
catch(Exception e)
throw new Exception("Exception in ConfigConstants."+e.toString());
urs
Mishra

ok.. let me define it clearly...
By using ftp as a protocol how can I read a text file
in remote machine........ kindly do reply....Have a look at this article:
http://www.javaworld.com/javaworld/jw-04-2003/jw-0404-ftp.html
and what are the prerequisities that are needed for
such a type of operation.....(At least) an FTP server should be running on the machine where the text file resides.
Message was edited by:
prometheuzz
Oh, you should have your keyboard fixed: the full stop key seems to be stuck, you have a lot of trailing ..... after each sentence.

Sender sFTP Adapter - SSH Key

Hi All,
I have a small doubt regarding Sender sFTP Adapter. This is what we have done to connect with one of Vendor
1.     Basis created a SSH key in NWA for Vendor and sent to them.
2.     They linked the SSH key with user name and asked me to use the same.
3.     We got the firewalls openepd b/w PI and Vendor
4.     I provided the same detail in sFTP adapter, but I am not able to connect,
I am getting below error:
Error: Cannot connect to SFTP server. Host=########, port=22, username=#####. Private key store=########, private key alias=piPKCS12. Timeout=300000 msecs. Absolute home directory=.: KeyStoreException in Method: getPrivateKey( KeyStore, String, String ). The requested keystore type is not available in the default provider package or any of the other provider packages that were searched. (Software version: 3.0.14.2)
Please provide your inputs.
Regards,
Sachin Dhingra

Hi,
The first thing you have to do is use the same userid and the pwd and try to connect to the vendor system from your application layer and see if this is connecting or not. If there is a problem in connection then there are few steps that you have to follow. Below are the steps you need to follow:
1. Open the port from your Vendor side as well as open the port from your XI system(there might be two ports)
2. Generate the key of your vendor system and one you started login to the system then it will ask to instal the key , so acept it.
the IS people can help you out over here.
3. Try to push the one dummy file in that location manually using the command in application layer.
4. check the authorization in the target directory and try to provide the proper authorization,, 777 is used for full authorization.
5. use the same useid and the pwd and then try from your xi system processign a dummy file.
hope this helps.
cheers,
jay

TAC+: TCP/IP open to 10.20.17.2/49 failed -- Connection timed out; remote host not responding

TACACS+ configured on router and router is in ACS. I can ping the ACS but the router cannot establish a connection to authenticate users.
aaa group server tacacs+ hq_acs-1
server 10.20.17.2
ip tacacs source-interface GigabitEthernet0/0
aaa authentication login default group tacacs+ local
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 10 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting nested
aaa accounting update newinfo periodic 60
aaa accounting auth-proxy default start-stop group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
aaa accounting resource default start-stop group tacacs+
BigTree_3945#sh ip int br
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.4.3.1 YES NVRAM down down
GigabitEthernet0/1 10.12.10.26 YES NVRAM up up
Serial0/2/0 unassigned YES NVRAM down down
Serial0/2/0.602 10.12.15.10 YES NVRAM down down
Apr 13 11:08:13.673: TPLUS: Queuing AAA Authentication request 79 for processing
Apr 13 11:08:13.673: TPLUS: processing authentication start request id 79
Apr 13 11:08:13.675: TPLUS: Authentication start packet created for 79(cisscdb)
Apr 13 11:08:13.675: TPLUS: Using server 10.20.17.2
Apr 13 11:08:13.675: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: Started 5 sec timeout
Apr 13 11:08:18.676: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out
Apr 13 11:08:18.676: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out, clean up
Apr 13 11:08:18.676: TPLUS(0000004F)/0/1BDD9C34: Processing the reply packet
Apr 13 11:08:25.834: TPLUS: Queuing AAA Authentication request 79 for processing
Apr 13 11:08:25.834: TPLUS: processing authentication start request id 79
Apr 13 11:08:25.834: TPLUS: Authentication start packet created for 79(cisscdb)
Apr 13 11:08:25.834: TPLUS: Using server 10.20.17.2
Apr 13 11:08:25.834: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: Started 5 sec timeout
Apr 13 11:08:30.836: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out
Apr 13 11:08:30.836: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out, clean up
Apr 13 11:08:30.836: TPLUS(0000004F)/0/1BDD9C34: Processing the reply packet
Apr 13 11:08:43.689: TAC: Using default tacacs server-group "tacacs" list.
Apr 13 11:08:43.689: TAC+: Opening TCP/IP to 10.20.17.2/49 timeout=5
Apr 13 11:08:51.057: TPLUS: Queuing AAA Authentication request 79 for processing
Apr 13 11:08:51.057: TPLUS: processing authentication start request id 79
Apr 13 11:08:51.057: TPLUS: Authentication start packet created for 79(cisscdb)
Apr 13 11:08:51.057: TPLUS: Using server 10.20.17.2
Apr 13 11:08:51.057: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: Started 5 sec timeout
Apr 13 11:08:54.692: TAC+: TCP/IP open to 10.20.17.2/49 failed -- Connection timed out; remote host not responding
Apr 13 11:08:54.692: TPLUS: Queuing AAA Accounting request 76 for processing
Apr 13 11:08:54.692: TPLUS: processing accounting request id 76
Apr 13 11:08:54.692: TPLUS: Sending AV task_id=332
Apr 13 11:08:54.692: TPLUS: Sending AV timezone=EDT
Apr 13 11:08:54.692: TPLUS: Sending AV service=shell
Apr 13 11:08:54.692: TPLUS: Sending AV start_time=1334329734
Apr 13 11:08:54.692: TPLUS: Sending AV priv-lvl=15
Apr 13 11:08:54.692: TPLUS: Sending AV cmd=show logging <cr>
Apr 13 11:08:54.692: TPLUS: Accounting request created for 76(n20j03t)
Apr 13 11:08:54.692: TPLUS: Using server 10.20.17.2
Apr 13 11:08:54.692: TPLUS(0000004C)/1/NB_WAIT/20FD90EC: Started 5 sec timeout
Apr 13 11:08:56.058: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out
Apr 13 11:08:56.058: TPLUS(0000004F)/0/NB_WAIT/1BDD9C34: timed out, clean up
Apr 13 11:08:56.058: TPLUS(0000004F)/0/1BDD9C34: Processing the reply packet
Apr 13 11:08:59.693: TPLUS(0000004C)/1/NB_WAIT/20FD90EC: timed out
Apr 13 11:08:59.693: TPLUS(0000004C)/1/NB_WAIT/20FD90EC: timed out, clean up
Apr 13 11:08:59.693: TPLUS(0000004C)/1/20FD90EC: Processing the reply packet
BigTree_3945#
AAA Client IP Address
10.4.3.* 10.12.15.10
Key
Network Device Group
Test
NJT
AccessLink
(Not Assigned)
Authenticate Using
TACACS+ (Cisco IOS)
RADIUS (Cisco Aironet)
RADIUS (Cisco BBSM)
RADIUS (Cisco IOS/PIX)
RADIUS (Cisco VPN 3000)
RADIUS (Cisco VPN 5000)
RADIUS (IETF)
RADIUS (Ascend)
RADIUS (Juniper)
RADIUS (Nortel)
RADIUS (iPass)
Single Connect TACACS+ AAA Client (Record stop in accounting on failure).
The 10.12.10.* range is listed under the HQ site.
Your help is greatly appreciated.

You stated that you can ping ACS from the router, did you try sourcing the packets from the GigabitEthernet 0/0 interface (which is the one TACACS+ will try to use, given the configuration that you posted)?
What does the network path between the router and ACS look like (ie, any firewalls, NAT, etc)?
Can you connect to port 49 at the ACS IP address from the router sourcing the packets from GigabitEthernet 0/0 ?
Are you using VRFs?
What version of IOS?

Seeburger SFTP is not able connect to remote host

Hi,
I have configured seeburger adapter (STPF) on XI 3.0 SP19 as per the seeburger installation document,
but when we are trying to send the data to a file server using SFTP, we are getting below error in
reciver communication channel, please help me
"Unable to forward message to JCA adapter. Reason: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: >> Description: putFile: Could not connect to remote host; Reason: com.maverick.ssh.SshException>> Details: putFile: Could not connect to remote host; Reason: com.maverick.ssh.SshException>>SendingStatus: NOT_TRANSMITTED>>FaultCategory: COMMUNICATION_ERROR>>Retryable: true>>Fatal: true, >> Description: putFile: Could not connect to remote host; Reason: com.maverick.ssh.SshException>> Details: putFile: Could not connect to remote host; Reason: com.maverick.ssh.SshException>>SendingStatus: NOT_TRANSMITTED>>FaultCategory: COMMUNICATIO "
Thanking you in advance.
Sonali

Hi,
In similar condition , we also getting below errors:
Message processing failed. Cause: javax.resource.ResourceException: Fatal exception:
com.sap.aii.af.ra.cci.XIDeliveryException: >> Description: putFile: Could not connect
to remote host; Reason: SFTP client was not able to connect: com.seeburger.sftp.exception.
ConfigurationException: Could not initialize SSH transport layer, reason : Connection timed out:
could be due to invalid address>> Details: putFile: Could not connect to remote host;
Reason: SFTP client was not able to connect: com.seeburger.sftp.exception.ConfigurationException:
Could not initialize SSH transport layer, reason : Connection timed out:could be due to invalid
address>>SendingStatus: NOT_TRANSMITTED>>FaultCategory: COMMUNICATION_ERROR>>
Retryable: false>>Fatal: false, >> Description: putFile: Could not connect to remote host;
Reason: SFTP client was not able to connect: com.seeburger.sftp.exception.ConfigurationException:
Could not initialize SSH transport layer, reason : Connection timed out:could be due to invalid
address>> Details: putFile: Could not connect to remote host; Reason: SFTP client was not able
to connect: com.seeburger.sftp.exception.ConfigurationException: Could not initialize SSH
transport layer, reason : Connection timed out:could be due to invalid address>>SendingStatus:
NOT_TRANSMITTED>>FaultCategory: COMMUNICATION_ERROR>>Retryable: false>>Fatal: false
Can you share , how you have resolved the errors?
You mentioned to change the owner to seeburger , please give details , where to do this.?
Thanks,
Anit

BIND appends my domain to remote host names when querying

I'm running BIND v9.3.0 on Solaris 8.
All the zone files, named.conf, resolv.conf etc seem to be properly
configured.
I get normal name resolution for hosts located inside my v-lan.
Sendmail works inside my v-lan.
However, when I try to hit an internet site outside of my v-lan it
won't resolv.
So, setting nslookup to debug mode, I did a lookup of a remote host.
The result is that, when my local dns is queried, the host name alone
is used, like its supposed to
i.e.
;;res_nmkquery(QUERY, hostname, IN A)
This is a remote host so, obviously, my DNS has no record of it, so it
tries the remote server. This is where the problem comes in. When
the remote server is queried, my domain gets appended to the host
name:
i.e.
;;res_nmkquery(QUERY, hostname.MYDOMAIN, IN A)
Since the host does not reside in my domain, obviously this fully
qualified domain name will never resolve because it isn't correct.
How do I make it stop????!!!!!

I notice the following error logs in server :
EXCH.xxxx.org.xx in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default Frontend EXCH with a FQDN parameter of EXCH.xxxx.org.xx. If the connector's FQDN is not specified, the computer's
FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft
Exchange Transport service has access to the certificate key.
What this issues,

Seahorse keeps asking about password, even when ssh-key is used

Hi,
I want easy access to my repos on bitbucket.
I have set my id_rsa.pub in bitbucket preferences, but when I try take any action on repo I have to type password .
First there is graphical popup menu to type password, when I cancel it I can type password in terminal.
error: unable to read askpass response from '/usr/lib/seahorse/seahorse-ssh-askpass'
Password for 'https://[email protected]':
I have tried set ssh-key for bitbucket on my raspberry pi, and it works properly (no password is needed).

I do not use Bitbucket, but I think this is similar to the issue with GitHub that I have noticed. Basically, when the url scheme of the remote is https:// , I am always asked for a password, but when there is no scheme (for github this is 'remote [email protected]:XXX/XXX') (or when the scheme is ssh:// , I assume), the ssh key is used.
I suggest you see whether you can use an alternate url scheme and see if it fixes the problem.
Hope this helps!

Error in uploading files on remote host

hello all
i use commons-net-2.2.jar for connection to my FTP account and managing my directories and uploading files on the remote server
i use the below statements for 1- connecting to my ftp account of my host 2- listing files on the htdocs/images directory of my host and 3-uploading a file on my host
firstly i import this classes from commons-net.jar to my servlet
*import org.apache.commons.net.ftp.FTP;*
*import org.apache.commons.net.ftp.FTPClient;*
*import org.apache.commons.net.ftp.FTPFile;*
*import org.apache.commons.net.ftp.FTPReply;*
then i connet from ftp protocol to the remote host
*FTPClient client = new FTPClient();*
 *// Connect to the FTP server as anonymous*
 *client.connect("www.salekan.ir");// setting ftp host*
 *client.login( "MyUsername", "MyPassword" ); //setting ftp username and password*
 *client.setFileType(FTP.BINARY_FILE_TYPE);*
 *String remoteDir = "/htdocs/images";*
 *client.changeWorkingDirectory(remoteDir);// change working directory to htdocs/images*
 *int reply=client.getReplyCode();*
 *if(FTPReply.isPositiveCompletion(reply)){// testing the connection*
 *out.print("Connected Success... ");*
then listing the files on the htdocs/images directory by this statements
Code:
*FTPFile[] remoteFiles = client.listFiles();//listing files on the folder to a array*
 *out.print( "Files in " + remoteDir+" count= "+ remoteFiles.length +" " );*
 *for (int i = 0; i < remoteFiles.length; i++) {*
 *String name = remoteFiles.getName( );*
*long length = remoteFiles[i].getSize( );*
out.print( name + ":\t\t" + length +" " );
and finally i tried to upload text1.txt file to the working directory of the remote server and then disconnect
Code:
File file=new File("c:\\text1.txt");
*if(file.isFile()){*
out.print(" "+file.getName()+" ");
InputStream in=new FileInputStream(file);
client.storeFile(file.getName(), in);
out.print("Uploading Success");
client.disconnect( );
when i run this web app and this servlet on my computer and localhost this servlet execute correctly and the file upload on the server correctly
but when i send this web app and run from there step1: connecting to the host using ftp protocole and step2: listing the files execute correctly but step3:uploading file on the server dont run and don't send any errors(run incorrectly)
Edited by: EJP on 7/02/2011 11:45: used the code tags. Please copy.

step3:uploading file on the server dont run and don't send any errors(run incorrectly)Please make up your mind. Either it doesn't run or it runs incorrectly. Which is it? and if 'incorrectly', please define 'incorrect'.

Ssh keys copy to remote host

Similar Messages

Maybe you are looking for