I have obtained some experience on ssh recently; I hope that can give some help. Please correct me if I were wrong. If there are two remote machines ( A and B ) to be accessed by the local machine via ssh and the private keys are stored as "A.id_rsa" and "B.id_rsa" respectively, then we must change "A.id_rsa" to "id_rsa" before we try to ssh the remote host A. In other words, the name of the private key must be "id_rsa" so that we can use it for authentication. Micahel redhat-list-request@xxxxxxxxxx 提到: > 主題(Subject): > Re: rsync with public/private keys/no passwords > 寄信人(From): > James Pifer <jamesredhatlist@xxxxxxxxxxxxxxxx> > 日期: > 25 Nov 2003 13:26:10 -0500 > 收信人(To): > RedHat List <redhat-list@xxxxxxxxxx> > > >Hardy, > >Thanks a bunch. I still have no idea what my problem was, but removing >all the old stuff in .ssh and redoing it worked. > >Thanks, >James > >On Tue, 2003-11-25 at 12:30, Hardy Merrill wrote: > > >>Ok, I don't know what you problem is, but I would recommend >>starting over: >> on the local machine >> -------------------- >> 1. log in as 'root' >> 2. regenerate the rsa key using ssh-keygen, and give >> the '-f identity', which will create the public >> key named /root/.ssh/identity.pub >> 3. scp the identity.pub file to the remote machine's >> /tmp directory >> >> on the remote machine >> --------------------- >> 4. log in as 'root' >> 5. cat /tmp/identity.pub >> /root/.ssh/authorized_keys >> >> on the local machine >> -------------------- >> 6. while logged in as the 'root' user, do >> >> ssh [remote machine] >> >> and it should work, and should NOT prompt you >> for a password. >> >>Gotta get that working first. Post back your results. >> >>-- >>Hardy Merrill >>Red Hat, Inc. >> >>This works fine on my machine. >>James Pifer [jamesredhatlist@xxxxxxxxxxxxxxxx] wrote: >> >> >>>Yes, even though it's a big no-no I'm doing this all as root. What you >>>said is correct, created the rsa key, copied it and cat'ed it to >>>authorized_keys for root on the remote machine. >>> >>>I added the root@ to the rsync command and it's still prompting for >>>password. >>> >>>The most frustrating thing is that I had this working once before and >>>documented it when I did it the first time. I'm following the same steps >>>and I can't get it. The machine I had it working on is unrecoverable, so >>>I can't do any comparison. >>> >>>UGH! >>> >>>Thanks, >>>James >>> >>>On Tue, 2003-11-25 at 11:32, Hardy Merrill wrote: >>> >>> >>>>As Michael Wu suggested, get ssh to work without >>>>prompting for a password first. >>>> >>>>As I understand it from the thread below, you generated >>>>the rsa key for some(?) user on the local machine. Then >>>>you copied that ~/.ssh/identity.pub over to the remote >>>>machine and added that key to the *root* user's >>>>/root/.ssh/authorized_keys file. And you still can't get >>>>the ssh to work without prompting for a password. >>>> >>>>First of all, what user did you create the ssh rsa key for >>>>on the local machine? Was it the 'root' user? >>>> >>>>I think(?) what you need to do to get ssh to work is >>>> 1. sign on to the local machine as the user you created >>>> the ssh rsa key for >>>> 2. do this command >>>> >>>> ssh root@[remote machine] >>>> >>>> and if it's all set up right, you should NOT be >>>> prompted for a password, since the ssh rsa key you >>>> generated for the local user has been loaded into >>>> the root users authorized keys file on the remote >>>> machine. >>>> >>>>According to this example in the rsync manpage: >>>> >>>> rsync -az -e ssh --delete ~ftp/pub/samba/ nim- >>>> bus:"~ftp/pub/tridge/samba" >>>> >>>> >>>>I think your rsync might look something like this: >>>> >>>> rsync -az -e ssh --delete ~ftp/pub/samba/ nim- >>>> bus:"~ftp/pub/tridge/samba" >>>> >>>> /usr/bin/rsync -azl -e ssh root@[remote machine]:/[remote path]/* /[local >>>> path] >>>> >>>> >>>>Look at this section from the rsync manpage on the >>>>-e, --rsh=COMMAND option: >>>>-------------------------------------------------- >>>> -e, --rsh=COMMAND >>>> This option allows you to choose an alternative remote shell >>>> program to use for communication between the local and remote >>>> copies of rsync. Typically, rsync is configured to use rsh by >>>> default, but you may prefer to use ssh because of its high secu- >>>> rity. >>>> >>>> If this option is used with [user@]host::module/path, then the >>>> remote shell COMMMAND will be used to run an rsync server on the >>>> remote host, and all data will be transmitted through that >>>> remote shell connection, rather than through a direct socket >>>> connection to a running rsync server on the remote host. See >>>> the section "CONNECTING TO AN RSYNC SERVER OVER A REMOTE SHELL >>>> PROGRAM" above. >>>> >>>> >>>>I think you were missing the [user@] part of the remote host. >>>> >>>>HTH. >>>> >>>>-- >>>>Hardy Merrill >>>>Red Hat, Inc. >>>> >>>>James Pifer [jamesredhatlist@xxxxxxxxxxxxxxxx] wrote: >>>> >>>> >>>>>ssh also prompts for a password, but can't figure out why. >>>>> >>>>>Thanks. >>>>>James >>>>> >>>>>On Mon, 2003-11-24 at 22:54, Michael Wu wrote: >>>>> >>>>> >>>>>> It is seemed that you use "root" to do rsync. Please make sure the >>>>>>ssh connection with public/private keys works first. >>>>>> >>>>>> Good luck. >>>>>> >>>>>> Michael >>>>>> >>>>>> >>>>>> >>>>>>>------------------------------------------------------------------------ >>>>>>> >>>>>>>主題(Subject): >>>>>>>Re: rsync with public/private keys/no passwords >>>>>>>寄信人(From): >>>>>>>James Pifer <jamesredhatlist@xxxxxxxxxxxxxxxx> >>>>>>>日期: >>>>>>>24 Nov 2003 11:05:38 -0500 >>>>>>>收信人(To): >>>>>>>RedHat List <redhat-list@xxxxxxxxxx> >>>>>>> >>>>>>> >>>>>>>Even when I run these commands first, I still get prompted for a >>>>>>>password. Any other suggestions? >>>>>>> >>>>>>>Thanks, >>>>>>>James >>>>>>> >>>>>>>On Thu, 2003-11-20 at 20:40, Harry Putnam wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>>>James Pifer <jamesredhatlist@xxxxxxxxxxxxxxxx> writes: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>>For some reason I cannot get rsync to work with public/private key >>>>>>>>>authentication with no passwords. >>>>>>>>> >>>>>>>>>My first try was this: >>>>>>>>>On the system that runs rsync: >>>>>>>>> ssh-keygen -C [hostname] -t "rsa" -f ~/.ssh/identity (no password) >>>>>>>>> >>>>>>>>>On the remote machine: >>>>>>>>> copy the identity.pub that you just created above to /root/.ssh >>>>>>>>> cat hostname.pub >> .ssh/authorized_keys >>>>>>>>> chmod 600 authorized_keys >>>>>>>>> >>>>>>>>>On the system that runs rsync: >>>>>>>>> /usr/bin/rsync -azl -e ssh [remote machine]:/[remote path]/* /[local >>>>>>>>>path] >>>>>>>>> >>>>>>>>>It's still prompting me for a password. I also tried it this way: >>>>>>>>> >>>>>>>>>On the system that runs rsync: >>>>>>>>> ssh-keygen -t rsa (no password) >>>>>>>>> rename id_rsa id_rsa_hostname.pub >>>>>>>>> copy file to remote machine /root/.ssh >>>>>>>>>On the remote machine: >>>>>>>>> cat id_rsa_hostname.pub >> .ssh/authorized_keys >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>I don't see you starting the agent anywhere. You must start the >>>>>>>>agent in the shell you run rsync in. >>>>>>>> >>>>>>>>ssh-agent bash >>>>>>>>shh-add >>>>>>>>now rsync >>>>>>>> >>>>>>>> -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
