RSYNC - SSL or daemon??
Thanks
6 Replies
First things first: make it so that you can log in, via plain old SSH, to the other machine. That's exactly the same mechanism as rsync will use, so get that working first.
I don't know of any vulnerabilities with running rsync as a daemon, but in my mind it's simpler just to go via ssh (assuming the machine is going to be running sshd anyway).
@Vance:
A random article I found about setting up public-key SSH authentication:
. Keep in mind that the machine he calls the "server" is your rsync destination machine. Just hit Enter when prompted for a password during key generation, and you will not need a password to connect to the "server." http://tombuntu.com/index.php/2008/02/2 … made-easy/">http://tombuntu.com/index.php/2008/02/20/public-key-authentication-for-ssh-made-easy/ I don't know of any vulnerabilities with running rsync as a daemon, but in my mind it's simpler just to go via ssh (assuming the machine is going to be running sshd anyway).
Thanks for the link. It is very similar to the tutorials I've been reading over… Unfortunately, I'm getting the same results… I get asked for the password after following the instructions.
@Xan:
Setting up rsync to use keys rather than passwords should work just fine. My guess is that it's either some general confusion on which file goes where on which machine (which is quite easy to fumble!), or an issue with your script being run by a different user than you've set up your key for.
First things first: make it so that you can log in, via plain old SSH, to the other machine. That's exactly the same mechanism as rsync will use, so get that working first.
I can run the script manually, but, I, when I do so, I'm asked to enter a password. So connecting is not a problem… just getting the ssl cert to work so I don't have to enter a password…
on the web server, after running "ssh-keygen -t rsa" I'm asked for a file name, which I give as "idrsarsync" then hit enter twice to accept blanks for pass phrase… then I'm asked to try to ssh in, and I'm asked for a pssword… BUT, i just now tried again, but this time I didn't change the default file name, just accepted the default, and this time it worked. Not sure why that would be, but, now my backup should run on its own.
Thanks
/path/to/user's/home/directory/.ssh/authorized_keys ?
2) Did you uncomment the line in your sshd_config file that says
AuthorizedKeysFile %h/.ssh/authorized_keys ?
@hybinet:
1) Is the public key saved as a file named
/path/to/user's/home/directory/.ssh/authorized_keys ?
2) Did you uncomment the line in your sshd_config file that says
AuthorizedKeysFile %h/.ssh/authorized_keys ?
ahhh… the public key was in place, the AuthorizedKeysFile line was not un-commented out.
Thanks