Scp only: Difference between revisions

From CompleteNoobs
Jump to navigation Jump to search
VisualWikitext
AwesomO (talk | contribs)
223 edits
Created page with "==scp only account key and path== ===Create Account on Server=== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> * TIP: If logged in as '''root''' for permissions reasons you may want to run as user: <code>su - <username> -c "<command>"</code> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see err..."
 
(No difference)

Latest revision as of 23:45, 20 March 2025

scp only account key and path

Create Account on Server

Create user account you are going to use:
adduser rscp

Make sure user has a .ssh directory to send public key to:

  • TIP: If logged in as root for permissions reasons you may want to run as user: su - <username> -c "<command>"

mkdir /home/rscp/.ssh

Make a Directory to transfer files to:
mkdir /home/rscp/media

Note: If you see error scp: /home/rscp/media/test.txt: Permission denied If you created directory media when logged in as root then check directory permissions and if need assign ownership to user account.
Example:chown rscp:rscp /home/rscp/media


Send your public key to server

After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> 

command="/usr/bin/scp -t /home/rscp/media/"  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...

If from remote server you are sending a Directory include the -r flag in command:

After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> 

command="/usr/bin/scp -t -r /home/rscp/media/"  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...


This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the /home/rscp/media/ directory on the server.

Here's a breakdown of the entry:

  • command="/usr/bin/scp -t /home/rscp/": This specifies that the scp command should be used as the SSH command for this key, with the -t option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server.
  • ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...: This is the public key associated with the private key that is used for authentication.

By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command.

  • Full example authorized_keys:
command="/usr/bin/scp -t -r /home/rscp/media" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvDsXsJJwp065xHBD01+HpIwmENxruZQpecTzKAhIt+OkHxrvG4v1gxaW9WxSD78yE0gyrgJ+DHz5jEn/z0ERuTSIEVAmPWl15k4Wa1kLwUA+Vg+rgtDSGr6oIYwqj2LmK+6kXwW5iUZdM1QvzpQHa868XRabEpMAEzK1o3wARzhffz4qZRhpUj8asBvnDF5SgoOMAqtuWjjvYXjfL8g42trmsQi+0ADd2KxroB7ggYC31WP4Y+14zGlW2LHC0Po7XbM+2t4peFpyl0nSejMeVuyZB7V6FIzJs6gBN9fdLAPYgv74Ihhb2+VDevnS+t874ZQHwAlUf2bjo3zS4i4QEJSCM2TtJuUIc64LqMwvHX05BMUjc1WHyzGomDjtOuQdejf3gMcyXufIYWfBhMIa03xtC/J4M1ECJDlQqqgouHoZh+3z19LjvXr+3xU14E2DxCWkK9e/mo8gacviapZZCEye6nNq+89LL9LQhJyzG0gSYyUnMNwfrqd4fkUY16s4w/yMF4hKnMvEIUmsgXKl3rvhHUpWxGQHBZMI3hk11gcD7maEsuXW+2U+dvcK6bC/eRjg2Lk6wiBEF6XAfWE9p72jmALbS6wHqGsg6gA81bqB/Od0kOzCDl5nsIVVidSoSOru+QISwQ2byxvQAsldMTMQfxRyjBbPytHhkDJM5UQ== XML_Server

Tip - transfer file to a path your USER does not have permissions for

You can write a shell script to check the /home/rscp/media directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the /var/www/media directory using the mv command. Here's an example script: 

#!/bin/bash

while true
do
  if [ "$(ls -A /home/rscp/media/)" ]; then
    mv /home/rscp/media/* /var/www/media/
  fi
  sleep 60
done

In this script, the while loop runs indefinitely (while true) and sleeps for 60 seconds at the end of each iteration (sleep 60).

The if statement checks if the /home/rscp/media directory is not empty ([ "$(ls -A /home/rscp/media/)" ]). If it is not empty, the mv command is used to move all files and directories from the /home/rscp/media/ directory to the /var/www/media/ directory.

Save this script to a file (e.g. move-files.sh) and make it executable using the chmod +x move-files.sh command. You can then run the script using ./move-files.sh & to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal.

Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using cron) to run the script at a specific interval instead of running it indefinitely.

Retrieved from "https://www.completenoobs.com/noobs/index.php?title=Scp_only&oldid=495"