Hi, 1) you must do a first login between the servers by hand or add the servers hostkey to known_hosts, otherwise you get a prompt to accept the new host and the command fails
2) it depends on what user you are runnig openca - the export process is run by the daemon and thus has its userrights. The most recommended way is simply putting the keys in a directory and reference it inside the comamnd (-i oprion of scp) Oliver 子威 刘 wrote: > Hello: > I have installed CA and RA on two servers. CA and RA are connected on local > network. I want to build a temporarily online CA. There comes a problem with > the "scp" command. Scp need password prompt, so it is hard to apply to the > ca-node.conf. I have used the "ssh-keygen" function to avoid the two > servers' password authentication. But I found that it doesn't really work. ( > I use ssh-keygen to both root users on the two servers). What's the problem? > Shall I need to apply the ssh-keygen method to the "apache" users but not the > "root"users? (but apache is not a shell users) > > > --------------------------------- > 雅虎免费G邮箱-中国第一绝无垃圾邮件骚扰超大邮箱 > 雅虎助手¨D搜索、杀毒、防骚扰 -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
