Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] rsync password -- revisit



Dan,
You may have to use another key format. DSA or other. I know ssh obsoleted a format a few years ago and I had to issue new key pairs for my devices.

Jim KR

nt from?

On Dec 31, 2018, 10:41 AM, at 10:41 AM, dan moylan <jdm at moylan.us> wrote:
>
>
>On Fri, Sep 14, 2012 at 09:55:04, Dan Ritter wrote:
>> On Fri, Sep 14, 2012 at 08:40:44AM -0400, dan moylan wrote:
>
>>> i have a script to rsync a number of directories between two
>>> computers on my local net and would like to avoid having to
>>> enter my password for each one.  i thought i could do this
>>> using hosts.equiv, but it's not working for me.  i solved
>>> this once before a number of years ago, but i'm undoubtedly
>>> forgetting something now.  any help would be appreciated.
>
>> Create an ssh key:
>
>> ssh-keygen -t rsa -b 2048
>
>> Change the filename to "rsync.key"
>
>> Don't put in a passphrase.
>
>> man sshd. Read the section on Authorized_Keys file format.
>
>> Add restrictions to rsync.key.pub: no-agent-forwarding,
>> no-port-forwarding, no-pty, no-X11-forwarding, perhaps a from
>> restriction. Make it tight. command = rsync?
>
>> Copy rsync.key.pub with the restrictions to your remote machine,
>> and cat it to the end of ~/.ssh/authorized_keys
>
>> When you run rsync, pass it "-e ssh -i /home/jdm/.ssh/rsync.key"
>
>> You should have a fairly safe passwordless rsync.
>
>after a couple of wrong turns, that worked fine, and for a
>long time, but i have lost track of when i used it last.
>now, i have gone through all the steps again and can't get
>it to work.
>
>authorized_keys on the remote machine (aldeberon):
># authorized_keys
># rsync.key.pub
>#
>no-agent-forwarding
>no-port-forwarding
>no-pty
>no-X11-forwarding
>command = rsync
>#
>ssh-rsa
>AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF
>moylan at arcturas
>
>rsync.key on the local machine (arcturas):
>ssh-rsa
>AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF
>moylan at arcturas
>
>permissions on both are 600.
>
>the command (from arcturas):
>rsync -avz -e "ssh -p22 -i /home/moylan/.ssh/rsync.key"
>/home/moylan/rsy aldeberon:
>
>the result:
>moylan at aldeberon's password:
>
>i must have missed something -- any suggestions?
>
>tia,
>ole dan
>
>j. daniel moylan
>84 harvard ave
>brookline, ma 02446-6202
>617-777-0207 (cel)
>jdm at moylan.us
>www.moylan.us
>[no html pls]
>_______________________________________________
>Discuss mailing list
>Discuss at blu.org
>http://lists.blu.org/mailman/listinfo/discuss



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org