scp foo user@remote:bar
works fine
scp user@remote:foo bar
works fine
scp user@remote:foo user@remote:bar
fails with error:
Host key verification failed. lost connection
I am guessing this is because scp disallows remote to remote copy (between two different remote hosts or the same remote host) because it is inefficient to channel the data from point A
to point L
to point B
rather than directly from point A
to point B
.
Is that the right rationale for why it doesn't work? How come the command-line usage instructions in the manual does not document it? Or is it just that the specific scp on my Ubuntu distribution is trying to be paternal?
To fix this error, we need to delete the offending key from the “known_hosts” file present in our system in “. ssh” directory. The error gives you the remote server's IP address and the line number on which the key is stored in the “known_hosts” file.
You need to create a ~/. ssh/config file and disable strict host key checking by adding the content. This will disable host checking for all hosts you connect to. Rather than disabling host check for all Host “*”, it would be safer to specify a particular host.
This error occurs when the target server you are trying to SSH into has been rebuilt or had it's RSA key changed since the last time you connected to it.
In host key checking, ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/. ssh/known_hosts in the user's home directory. Additionally, the /etc/ssh/ssh_known_hosts file is automatically checked for known hosts.
Check out the option:
-3 : Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. Note that this option disables the progress meter.
This option became available in OpenSSH 5.7
It works. Your problem is the SSH authentication between user@remote and user@remote. If it's the same user on the same server and you are using RSA authentication, you have to append the public key (~/.ssh/id_rsa.pub) into ~/.ssh/authorized_keys of the user itself.
Pay attention to name resolution too. In your case "remote" can be a server name that make sense to your client, but could not make sense from the remote point of view. Use the server IP (if the server is not behind nat) or set a common server name into /etc/hosts on your client and server machine: "remote" should be resolvable from your client and your server machine.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With