[Discuss] rsync password -- revisit
Betsy Schwartz
betsys at gmail.com
Mon Dec 31 10:55:24 EST 2018
Make sure you're pointing to the private key at this end and have the
public key at the other end. it looks from here as though you've got
the public key in your rsync.key file
check the permissions on ~/.ssh/ at the far end, it needs to be 600
Not sure all that other stuff that is not keys belongs in the
authorized_keys file
you can run ssh -vv to get an idea of what exactly is happening
(also you might not want to be emailing entire keys to a newsgroup)
On Mon, Dec 31, 2018 at 10:41 AM dan moylan <jdm at moylan.us> wrote:
>
>
>
> On Fri, Sep 14, 2012 at 09:55:04, Dan Ritter wrote:
> > On Fri, Sep 14, 2012 at 08:40:44AM -0400, dan moylan wrote:
>
> >> i have a script to rsync a number of directories between two
> >> computers on my local net and would like to avoid having to
> >> enter my password for each one. i thought i could do this
> >> using hosts.equiv, but it's not working for me. i solved
> >> this once before a number of years ago, but i'm undoubtedly
> >> forgetting something now. any help would be appreciated.
>
> > Create an ssh key:
>
> > ssh-keygen -t rsa -b 2048
>
> > Change the filename to "rsync.key"
>
> > Don't put in a passphrase.
>
> > man sshd. Read the section on Authorized_Keys file format.
>
> > Add restrictions to rsync.key.pub: no-agent-forwarding,
> > no-port-forwarding, no-pty, no-X11-forwarding, perhaps a from
> > restriction. Make it tight. command = rsync?
>
> > Copy rsync.key.pub with the restrictions to your remote machine,
> > and cat it to the end of ~/.ssh/authorized_keys
>
> > When you run rsync, pass it "-e ssh -i /home/jdm/.ssh/rsync.key"
>
> > You should have a fairly safe passwordless rsync.
>
> after a couple of wrong turns, that worked fine, and for a
> long time, but i have lost track of when i used it last.
> now, i have gone through all the steps again and can't get
> it to work.
>
> authorized_keys on the remote machine (aldeberon):
> # authorized_keys
> # rsync.key.pub
> #
> no-agent-forwarding
> no-port-forwarding
> no-pty
> no-X11-forwarding
> command = rsync
> #
> ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF moylan at arcturas
>
> rsync.key on the local machine (arcturas):
> ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDzTeJ/nRpWTnjbsEWypLt1/rbdpU5ABAkPqUzX6ug0pCnvKpRKga63RlIi03rGQb0d1dkosKtVnhodageA6PRGuAQ3zdJDDdw1OScH8sZsdtGd44/fsBVCQlYlJP2i8RCc20dBnxiujvjv4iuvk5CPzZPCbjfxyFvEBES5nMsZY/mLilqX4xlDx9PJlkUJ28Gm0vaIEZ9BzGCDll7C4Quph4WXKgvVZdMrAfuAceE8DPcFacIvjOBDOGWxdqaaQgsYIXHSdgE72duDcNnAnDAV59nhtDEaYTAN5kba/uWqHujJ8p7Qff1vaYbkEUrUEhl/8GBptVI2i3tCsb0Q9aOF moylan at arcturas
>
> permissions on both are 600.
>
> the command (from arcturas):
> rsync -avz -e "ssh -p22 -i /home/moylan/.ssh/rsync.key" /home/moylan/rsy aldeberon:
>
> the result:
> moylan at aldeberon's password:
>
> i must have missed something -- any suggestions?
>
> tia,
> ole dan
>
> j. daniel moylan
> 84 harvard ave
> brookline, ma 02446-6202
> 617-777-0207 (cel)
> jdm at moylan.us
> www.moylan.us
> [no html pls]
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
More information about the Discuss
mailing list