Hi, I am trying to mirror a server every night using rsync. I have to backup multiple directories and multiple individual files. I also want to use ssh as transport. The problem is that I cannot get ssh to work without asking password for each step. I tried the public key thing but it doesnt work. Can some one give instructions for a layman like me. Also I want to know how to pass argument to sync multiple files and directories by running rsyn just once. I am running Redhat linux 7.2. Thanks
Here's the procedure. the mv and rm steps are just what i did preserving
my existing config.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@atlas
/users/tconway>mv .ssh .ssh.saved
tconway@atlas
/users/tconway>ssh-keygen
Generating public/private rsa1 key pair.
Enter file in which to save the key (/users/tconway/.ssh/identity):
Created directory '/users/tconway/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /users/tconway/.ssh/identity.
Your public key has been saved in /users/tconway/.ssh/identity.pub.
The key fingerprint is:
47:f9:c2:28:66:ee:4b:a9:c8:ce:46:c3:80:d4:04:69 tconway@atlas
tconway@atlas
/users/tconway>rm -rf .ssh
tconway@atlas
/users/tconway>mv .ssh.saved .ssh
tconway@atlas
/users/tconway>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On the cygwin side:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@FLATUSWIN ~
$ ssh atlas uname -a
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0644) for '/home/tconway/.ssh/identity'.
It is recommended that your private key files are NOT accessible by
others.
Enter passphrase for RSA key 'tconway@atlas':
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw-r--r-- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ chmod go-r .ssh/identity
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw------- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ ssh atlas uname -a
SunOS atlas 5.7 Generic_106541-18 sun4u sparc SUNW,Ultra-5_10
tconway@FLATUSWIN ~
$
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
Sent by: rsync-admin@lists.samba.org
02/11/2002 09:50 AM
To: <rsync@lists.samba.org>
cc: (bcc: Tim Conway/LMT/SC/PHILIPS)
Subject: Rsync with script
Classification:
Hi,
I am trying to mirror a server every night using rsync. I have to backup
multiple directories and multiple individual files. I also want to use ssh
as transport.
The problem is that I cannot get ssh to work without asking password for
each step. I tried the public key thing but it doesnt work.
Can some one give instructions for a layman like me.
Also I want to know how to pass argument to sync multiple files and
directories by running rsyn just once.
I am running Redhat linux 7.2.
Thanks
There you go. You're using the keys backwards. identity.pub is the
PUBlic key, and which you keep in ~/.ssh on the system you want to ssh
into, not from. It's the lock, and having a copy of a lock doesn't let
you open others just like it. You just don't want to let others write on
it, as they can add their own authorized keys to your lock and open your
account with their own keys.
identity is the non-public key. If somebody can read it, they can use it
to open your lock.
In your scenario, server should have identity.pub in authorized_keys and
backup should use identity to access server.
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
02/11/2002 12:03 PM
To: Tim Conway/LMT/SC/PHILIPS@AMEC
cc: <rsync@lists.samba.org>
Subject: RE: Rsync with script
Classification:
I am sorry, its not working.
I have a server, lets call it 'server'
I have a backup, lets call it 'backup'
I run ssh-keygen on backup and then copy idendity.pub to
server:~/.ssh/authorized_keys
then I try to run ssh from server to backup but it asks me for password. I
dont know what I am doing wrong.
Please explain what to do after generating the key on backup.
Thanks
-----Original Message-----
From: rsync-admin@lists.samba.org [mailto:rsync-admin@lists.samba.org]On
Behalf Of tim.conway@philips.com
Sent: Monday, February 11, 2002 1:28 PM
To: Sarabjit Singh
Cc: rsync@lists.samba.org; rsync-admin@lists.samba.org
Subject: Re: Rsync with script
Here's the procedure. the mv and rm steps are just what i did preserving
my existing config.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@atlas
/users/tconway>mv .ssh .ssh.saved
tconway@atlas
/users/tconway>ssh-keygen
Generating public/private rsa1 key pair.
Enter file in which to save the key (/users/tconway/.ssh/identity):
Created directory '/users/tconway/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /users/tconway/.ssh/identity.
Your public key has been saved in /users/tconway/.ssh/identity.pub.
The key fingerprint is:
47:f9:c2:28:66:ee:4b:a9:c8:ce:46:c3:80:d4:04:69 tconway@atlas
tconway@atlas
/users/tconway>rm -rf .ssh
tconway@atlas
/users/tconway>mv .ssh.saved .ssh
tconway@atlas
/users/tconway>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On the cygwin side:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@FLATUSWIN ~
$ ssh atlas uname -a
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0644) for '/home/tconway/.ssh/identity'.
It is recommended that your private key files are NOT accessible by
others.
Enter passphrase for RSA key 'tconway@atlas':
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw-r--r-- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ chmod go-r .ssh/identity
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw------- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ ssh atlas uname -a
SunOS atlas 5.7 Generic_106541-18 sun4u sparc SUNW,Ultra-5_10
tconway@FLATUSWIN ~
$
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
Sent by: rsync-admin@lists.samba.org
02/11/2002 09:50 AM
To: <rsync@lists.samba.org>
cc: (bcc: Tim Conway/LMT/SC/PHILIPS)
Subject: Rsync with script
Classification:
Hi,
I am trying to mirror a server every night using rsync. I have to backup
multiple directories and multiple individual files. I also want to use ssh
as transport.
The problem is that I cannot get ssh to work without asking password for
each step. I tried the public key thing but it doesnt work.
Can some one give instructions for a layman like me.
Also I want to know how to pass argument to sync multiple files and
directories by running rsyn just once.
I am running Redhat linux 7.2.
Thanks
Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.samba.org/archive/rsync/attachments/20020211/c6d0952c/attachment.bin
Glad you're going... I hope you don't mind my ccing the list, just so
they know you're out of the woods.
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
02/15/2002 08:27 AM
To: Tim Conway/LMT/SC/PHILIPS@AMEC
cc:
Subject: RE: Rsync with script
Classification:
Tim,
I got it to work. I was using wrong keys I think.
I did
#ssh-keygen -t rsa
and then put id_rsa.pub to the server
it works :)
Thanks for all your help.
Sarab
-----Original Message-----
From: tim.conway@philips.com [mailto:tim.conway@philips.com]
Sent: Monday, February 11, 2002 7:19 PM
To: Sarabjit Singh
Subject: RE: Rsync with script
Ok, now it looks like you're putting the right keys in the right places.
Now, your problem is beyond me. You're doing the client setup right.
Maybe its in your sshd_config. Do you control that? There's a lot of doc
on it, and there are mail lists for it like there are for rsync. Your
problem is not rsync-related, but ssh-related. Good luck.
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
02/11/2002 01:03 PM
To: Tim Conway/LMT/SC/PHILIPS@AMEC
cc:
Subject: RE: Rsync with script
Classification:
Sorry not working.
Let me clarify again.
Lets say I have to login to server from client
sarab@server>ssh-keygen
sarab@server>ftp identity.pub to /home/sarab@client
sarab@client>cat identity.pub > /home/sarab/.ssh/authorized_keys
sarab@client>ssh sarab@server
Is this wrong?
Can you please let me know if my modelling is wrong because I am very
confused.
Thanks again
Sarab
-----Original Message-----
From: rsync-admin@lists.samba.org [mailto:rsync-admin@lists.samba.org]On
Behalf Of tim.conway@philips.com
Sent: Monday, February 11, 2002 2:48 PM
To: Sarabjit Singh
Cc: rsync@lists.samba.org
Subject: RE: Rsync with script
There you go. You're using the keys backwards. identity.pub is the
PUBlic key, and which you keep in ~/.ssh on the system you want to ssh
into, not from. It's the lock, and having a copy of a lock doesn't let
you open others just like it. You just don't want to let others write on
it, as they can add their own authorized keys to your lock and open your
account with their own keys.
identity is the non-public key. If somebody can read it, they can use it
to open your lock.
In your scenario, server should have identity.pub in authorized_keys and
backup should use identity to access server.
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
02/11/2002 12:03 PM
To: Tim Conway/LMT/SC/PHILIPS@AMEC
cc: <rsync@lists.samba.org>
Subject: RE: Rsync with script
Classification:
I am sorry, its not working.
I have a server, lets call it 'server'
I have a backup, lets call it 'backup'
I run ssh-keygen on backup and then copy idendity.pub to
server:~/.ssh/authorized_keys
then I try to run ssh from server to backup but it asks me for password. I
dont know what I am doing wrong.
Please explain what to do after generating the key on backup.
Thanks
-----Original Message-----
From: rsync-admin@lists.samba.org [mailto:rsync-admin@lists.samba.org]On
Behalf Of tim.conway@philips.com
Sent: Monday, February 11, 2002 1:28 PM
To: Sarabjit Singh
Cc: rsync@lists.samba.org; rsync-admin@lists.samba.org
Subject: Re: Rsync with script
Here's the procedure. the mv and rm steps are just what i did preserving
my existing config.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@atlas
/users/tconway>mv .ssh .ssh.saved
tconway@atlas
/users/tconway>ssh-keygen
Generating public/private rsa1 key pair.
Enter file in which to save the key (/users/tconway/.ssh/identity):
Created directory '/users/tconway/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /users/tconway/.ssh/identity.
Your public key has been saved in /users/tconway/.ssh/identity.pub.
The key fingerprint is:
47:f9:c2:28:66:ee:4b:a9:c8:ce:46:c3:80:d4:04:69 tconway@atlas
tconway@atlas
/users/tconway>rm -rf .ssh
tconway@atlas
/users/tconway>mv .ssh.saved .ssh
tconway@atlas
/users/tconway>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On the cygwin side:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tconway@FLATUSWIN ~
$ ssh atlas uname -a
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0644) for '/home/tconway/.ssh/identity'.
It is recommended that your private key files are NOT accessible by
others.
Enter passphrase for RSA key 'tconway@atlas':
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw-r--r-- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ chmod go-r .ssh/identity
tconway@FLATUSWIN ~
$ ls -l .ssh
total 2
-rw-r--r-- 1 tconway None 332 Dec 11 14:27 authorized_keys
-rw------- 1 tconway None 528 Dec 11 14:24 identity
-rw-r--r-- 1 tconway None 332 Dec 11 14:24 identity.pub
-rw-r--r-- 1 tconway None 679 Jan 6 18:55 known_hosts
tconway@FLATUSWIN ~
$ ssh atlas uname -a
SunOS atlas 5.7 Generic_106541-18 sun4u sparc SUNW,Ultra-5_10
tconway@FLATUSWIN ~
$
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Tim Conway
tim.conway@philips.com
303.682.4917
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn,
19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970),
".\n" '
"There are some who call me.... Tim?"
"Sarabjit Singh" <sarab@transbeam.com>
Sent by: rsync-admin@lists.samba.org
02/11/2002 09:50 AM
To: <rsync@lists.samba.org>
cc: (bcc: Tim Conway/LMT/SC/PHILIPS)
Subject: Rsync with script
Classification:
Hi,
I am trying to mirror a server every night using rsync. I have to backup
multiple directories and multiple individual files. I also want to use ssh
as transport.
The problem is that I cannot get ssh to work without asking password for
each step. I tried the public key thing but it doesnt work.
Can some one give instructions for a layman like me.
Also I want to know how to pass argument to sync multiple files and
directories by running rsyn just once.
I am running Redhat linux 7.2.
Thanks