On Friday 10 October 2003 14:48, Bill Tangren wrote: > MKlinke wrote: > > On Friday 10 October 2003 13:35, Bill Tangren wrote: > >>MKlinke wrote: > >>>On Thursday 09 October 2003 10:41, Aly Dharshi wrote: > >>>>Hello, > >>>> > >>>> So how do you sort out the passwd when ssh asks for one, do you > >>>>have it in some secret file ? > >>> > >>>'ssh-agent' is one option for this.. > >>> > >>>%eval `ssh-agent` > >>>%ssh-add > >>> > >>>This will store and apply the key when required. > >>> > >>>Regards, Mike Klinke > >> > >>Mike, > >> > >>I tried this on both the backup machine, and the machine to be > >> backed up. I still get prompted for a password. Could you (or > >> someone else) provide an example of how you would use this in a > >> script that uses rsync and ssh to backup files from one machine to > >> another? I read the man pages for ssh-agent and ssh-add, and it > >> was not clear to me. The eval function provides ssh-agent's pid, > >> but I'm not sure how to use it in this case. > >> > >>TIA, > >>Bill > > > > My notes: > > > > Machine A has the batch file that is used to drive rsync. > > Machine B is the machine to back up. > > > > On machine A create your public/private keys via ssh-keygen > > Copy the generated public key to Machine B > > (append the key to the appropriate "authorized_keys2" file) > > > > On machine A run: eval `ssh-agent` > > (make sure these are both back-tics `` ) > > On machine A run: ssh-add (You'll have to re-enter the keyphrase) > > On machine A you can now run: ssh <machine_B_IP> > > (and you should not be asked for a password.) > > > > For batch use change the line for BatchMode in /etc/ssh/ssh_config > > to: BatchMode yes > > > > You should now be able to run a script containing ssh commands: > > (note that the ssh-agent should be only viable for the current > > login session but that doesn't pose a problem for my use. I have > > run across a site that where someone created a utility to allow the > > ssh-agent to be accessible from a cron task or a shell other than > > the login shell but can't remember it right now.) > > > > Regards, Mike Klinke > > Hmmm... not working. This is what I did: > > [bjt@mach2 bjt]$ ssh-keygen -t dsa > Generating public/private dsa key pair. > Enter file in which to save the key (/home/bjt/.ssh/id_dsa): > Enter passphrase (empty for no passphrase): > Enter same passphrase again: > Your identification has been saved in /home/bjt/.ssh/id_dsa. > Your public key has been saved in /home/bjt/.ssh/id_dsa.pub. > [bjt@mach2 bjt]$ cd .ssh > [bjt@mach2 .ssh]$ sftp aa > Connecting to aa... > bjt@aa's password: > sftp> cd .ssh > sftp> put id_dsa authorized_keys2 > Uploading id_dsa to /home/bjt/.ssh/authorized_keys2 > sftp> bye Did you put id_dsa or id_dsa.pub into the authorized_keys2 file above. It should be the public key that is inserted. > [bjt@mach2 .ssh]$ cd > [bjt@mach2 bjt]$ eval `ssh-agent` > Agent pid 3587 > [bjt@mach2 bjt]$ ssh-add > Enter passphrase for /home/bjt/.ssh/id_dsa: > Identity added: /home/bjt/.ssh/id_dsa (/home/bjt/.ssh/id_dsa) > [bjt@mach2 bjt]$ ssh aa > bjt@aa's password: > > As you can see, it asked for the password. > > I'm not sure what the purpose of the "eval `ssh-agent`" does. Does it > put my private key in ram? Whether it's RAM or somewhere on disk I'm not sure but RAM would be my best guess. > > Bill Regards, Mike Klinke -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
