Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] rsync password -- revisit



Dan,
You may have to use another key format. DSA or other. I know ssh obsoleted a format a few years ago and I had to issue new key pairs for my devices.

Jim KR

nt from?

On Dec 31, 2018, 10:41 AM, at 10:41 AM, dan moylan <jdm at moylan.us> wrote:
>
>
>On Fri, Sep 14, 2012 at 09:55:04, Dan Ritter wrote:
>> On Fri, Sep 14, 2012 at 08:40:44AM -0400, dan moylan wrote:
>
>>> i have a script to rsync a number of directories between two
>>> computers on my local net and would like to avoid having to
>>> enter my password for each one.  i thought i could do this
>>> using hosts.equiv, but it's not working for me.  i solved
>>> this once before a number of years ago, but i'm undoubtedly
>>> forgetting something now.  any help would be appreciated.
>
>> Create an ssh key:
>
>> ssh-keygen -t rsa -b 2048
>
>> Change the filename to "rsync.key"
>
>> Don't put in a passphrase.
>
>> man sshd. Read the section on Authorized_Keys file format.
>
>> Add restrictions to rsync.key.pub: no-agent-forwarding,
>> no-port-forwarding, no-pty, no-X11-forwarding, perhaps a from
>> restriction. Make it tight. command = rsync?
>
>> Copy rsync.key.pub with the restrictions to your remote machine,
>> and cat it to the end of ~/.ssh/authorized_keys
>
>> When you run rsync, pass it "-e ssh -i /home/jdm/.ssh/rsync.key"
>
>> You should have a fairly safe passwordless rsync.
>
>after a couple of wrong turns, that worked fine, and for a
>long time, but i have lost track of when i used it last.
>now, i have gone through all the steps again and can't get
>it to work.
>
>authorized_keys on the remote machine (aldeberon):
># authorized_keys
># rsync.key.pub
>#
>no-agent-forwarding
>no-port-forwarding
>no-pty
>no-X11-forwarding
>command = rsync
>#
>ssh-rsa
>AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF
>moylan at arcturas
>
>rsync.key on the local machine (arcturas):
>ssh-rsa
>AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF
>moylan at arcturas
>
>permissions on both are 600.
>
>the command (from arcturas):
>rsync -avz -e "ssh -p22 -i /home/moylan/.ssh/rsync.key"
>/home/moylan/rsy aldeberon:
>
>the result:
>moylan at aldeberon's password:
>
>i must have missed something -- any suggestions?
>
>tia,
>ole dan
>
>j. daniel moylan
>84 harvard ave
>brookline, ma 02446-6202
>617-777-0207 (cel)
>jdm at moylan.us
>www.moylan.us
>[no html pls]
>_______________________________________________
>Discuss mailing list
>Discuss at blu.org
>http://lists.blu.org/mailman/listinfo/discuss



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org