Scp w/ key authentication: why password for target host needed?

,

At workstation, I am running scp to copy a file from host-a to host-b
ssh-copy-id done to both host-a & host-b
ssh-agent and ssh-add done correctly as I do not need to enter private key passphrase doing ssh host-a and ssh host-b

Now, when running:
scp host-a:~/file host-b:~/, I am being asked for the password for host-b .

Why ssh-agent do not take care for the password to access host-b ?

Normally, it should “just work”.

Are you being asked for the password for the key or the password for the remote account?

You could try using scp -i /path/to/key to ensure it is using the correct key.

1 Like

Update2:
use scp -A host-a:~/file host-b:~/

==
Update:

I find out the problems:
A: host-b is a clone of host-a, even the ssh keys are the same
B: by default, scp host-a:/file host-b:/, copy will be direct from host-a to host-b without passing through workstation. Using scp -3 source:/file target:/ will force copy from source->workstation->target .

Before generating new keys, scp -3 works.

After generating new keys for host-b, the original scp command also works.

===
Same result.

It did not ask for the passphrase of id_rsa .

It is asking for the password for host-b, but not host-a.

If copy a local file to host-b, then no password nor passphrase are being asked - scp ~/.file host-b:~/

1 Like

What type of key is it? DSA, RSA (1024 or 2048). You might check that the key type is permitted. (I’ve been stung by this where I had to explicitly enable DSA key with PubkeyAcceptedKeyTypes +ssh-dss in the config file)

1 Like

I find out the reason for my problem. Please see the updates of https://discussion.fedoraproject.org/t/scp-w-key-authentication-why-password-for-target-host-needed/75269/3?u=sampsonf .

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.