Copy a file over SSH without SCP

June 30, 2023 Leave a comment

Problem:

/usr/bin/scp binary was removed from the system. Which has caused the Oracle Patching process to fail.

scp binary is provided by openssh-clients rpm, which was present on the system, but scp binary was missing.

Troubleshooting/Testing:

The workaround is to copy scp binary from a similar healthy server (keep the same version). However, transferring a file to a location where it doesn’t exist can be a bit challenging. Let’s try:

[fg@rac1 ~]$ scp /usr/bin/scp racq:/tmp/scp
bash: scp: command not found
lost connection

We got lost connection, because scp is not on racq node.

Solution:

Need to use ssh and cat commands. For most systems root user login is not enabled, so you need to place the file under /tmp and then relocate to the correct location.

In my example, I have already set up fg user equivalency, so in my case, the format will be the following:

[fg@rac1 ~]$ ssh racq cat < /usr/bin/scp ">" /tmp/scp

Connect to the remote server and copy /tmp/scp to the correct location. Reset permissions.

[root@racq tmp]# cp /tmp/scp /usr/bin/scp
[root@racq tmp]# chmod 755 /usr/bin/scp
[root@racq tmp]# chown root:root /usr/bin/scp

The transfer should be working now:

[fg@rac1 ~]$ scp /usr/bin/scp racq:/tmp/scp
scp      100%   89KB  44.0MB/s   00:00

The process worked for a binary file, so it will work for a text file too.

Filed under DB, Linux, Patching Tagged with , , , , , ,

Azure CLI install ssh extension

June 5, 2023 Leave a comment

Problem:

To enable AD authentication on a Linux OS Azure VM, you must install Azure CLI and have the SSH extension. However, the SSH extension is not installed automatically after installing Azure CLI.

I can guide you through the simple steps to add this extension.

Solution:

Ensure that the extension is not present:

~ az version
{
  "azure-cli": "2.49.0",
  "azure-cli-core": "2.49.0",
  "azure-cli-telemetry": "1.0.8",
  "extensions": {}
}

List available extensions:

~ az extension list-available --output table

Name    Version    Summary  Preview  Experimental  Installed
------- --------   -------  -------  ------------  --------------------------
...
ssh     1.1.6      SSH...   False    False         False
...

Add extension:

~ az extension add --name ssh

Ensure that the extension has been added:

~ az version
{
  "azure-cli": "2.49.0",
  "azure-cli-core": "2.49.0",
  "azure-cli-telemetry": "1.0.8",
  "extensions": {
    "ssh": "1.1.6"
  }
}

Filed under Azure, Linux Tagged with , , , , , , ,

REMOTE HOST IDENTIFICATION HAS CHANGED!

December 8, 2021 Leave a comment

Problem:

Connecting via ssh to the newly created host causes error:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:AxfpHOVc8NP2OYPGce92HMa5LADDQj2V98ZKgoQHFGU.
Please contact your system administrator.
Add correct host key in /Users/mari/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/mari/.ssh/known_hosts:315
ECDSA host key for 52.1.130.91 has changed and you have requested strict checking.
Host key verification failed.

Reason:

I had another server with the same Public IP, so when I connected to the old saver the host identification has been saved in known_hosts. After a while I have removed old server and created a new one and assigned the PIP. The host identification has changed, but old entries were still saved in known_hosts.

Solution:

Open /Users/mari/.ssh/known_hosts and delete only the line containing mentioned IP (52.1.130.91 in my case), save file and retry the connection.
It should work now.

Filed under DB, Linux Tagged with , , ,

Create shortcuts for frequently accessed servers

January 19, 2021 Leave a comment

Life is too short, that’s why it’s mandatory to use shortcuts… Instead of typing frequently used ssh client options such as port, user, hostname, identity-file and so on, you can save that information in sshd config file and then access it with defined alias.

  • System wide config file location is /etc/ssh/ssh_config
  • User specific config file location is ~/.ssh/config same as $HOME/.ssh/config

Instead of connecting to the server everytime using the following command:

# ssh root@95.80.12.10 -i ~/.ssh/my_id_rsa

Save the following entries in ~/.ssh/config file:

# vim ~/.ssh/config
Host my_db
     HostName 95.80.12.10
     IdentityFile ~/.ssh/my_id_rsa
     User root

And connect to the server using this simple way:

# ssh my_db

For other options check https://linuxize.com/post/using-the-ssh-config-file/

Filed under Linux, Oracle Enterprise Linux, OS Tagged with , , ,