Hi Guys...

I want to copy files from one machine to another machine using rsync.

However, I have changed the default ssh port to 1234 (example)on the receiving server.
I have also stopped root login to the receiving server.

I am using the command:
It then asks for password:
I put in the correct root password for the receiving server, and it returns:
Does anybody have any ideas what I am doing wrong ???

Thanks,

Hi, I think the issue is that - no matter what "port" you login from - you are still trying to login as root. The ssh port 22 does not indicate who you are... so, changing it to 1234 -- only changes the conduit you are using - not your identity.
I assume that the user name you are logged in as (on the calling machine) is root? One can always specify username@machine - it makes it clearer. ALso, one can be logged in as user "Fred" and do the ssh/rsync as someone else - eg Perhaps I have misread your intentions? If so, I apologise.
However, I would question why you believe you need to be root in order to achieve your goal. I am guessing it is because you believe the "all encompassing" permissions of root - will permit you to do stuff that you could not otherwise?
There are many ways to skin the linux/rsync cat without compromising the security.
But, if you insist on becoming root - then why not set up some rsa keys so that the "calling machine" will be automatically authenticated by the "server" machine. I do this regularly for machines that I have a "long term relationship " with.

Hi davemguru...

Thank you for taking the time to respond.

The reason that I need to be 'root'is that I want to transfer the whole of the /home directory.
There are around 40 web sites in there. Most are owned by me but a lot are owned by other users.
This means as me as user, I don't have enough permissions to copy and write to the receiving server.
I could only copy and write the directories and files that are owned my me.

On the server, find your "sshd_config" file. This will usually be in an "/etc/ssh" directory, although some systems use "/etc" instead. We need to check the following lines in the file:

"PermitRootLogin" should be set to either "yes", "without-password", or "forced-commands-only".

the option without-password is not what you think, this requires public keys to be active and installed for authorizerd_keys.

just uncommenting PermitRootLogin yes should do it.

You will need to do that on the computer you are trying to get to. after making that change you will need to restart your sshd service.

in the RH line (including fedora and centos) service sshd restart will do it.

1 members found this post helpful.

Hi lleb...

Many thanks for taking the time to respond

I edited to
I already had automatic login from server A to server B so I already had the authorizerd_keys.
This worked fine for me.
I still can't login ssh2 as 'root'. Which is what I want.

This allowed me to login as 'root' which is what I didn't want.

Thank you !!!

I understand. Surely, to be "in line" with security - "you" (as user) should not be copying files that are "owned by other users"? Would it not make more sense to have crontab entries - owned by those users - that did the requisite rsync on their behalf? "You" (as administrator) setup the crontabs of course.

I only suggest this because your last sentence to lleb said
So (somewhat confused) I think what you want is to
a) NOT be allowed to login as root on the remote server
AND
b) be permitted to transfer files (with the authority/permission of root) to the remote server.

Sort of ---- "root for the purposes of rsync transfer"??? Or more accurately - you want "rsync" to have permission to access any/all of the files you wish to transfer?
Am I close?
If so (and I can see why - from a security point of view) - then .... (if you don't like my suggestion of lots of individual users' crontabs) -- take a look at this thread.. http://www.linuxquestions.org/questi...s-root-340633/
Specifically "Dark Helmet"'s longer answer
Perhaps that is what you are chasing?
Dave

yes sorry the root access is what that line will do, but also read the link i provided it will discuss how to set the dsa/rsa key so that it can ONLY rsync and do nothing else.

Hi davemguru
Thanks for joining in...

Just to explain:
I have had my server compromised.
I have blocked root ssh access and changed all, except ftp users, to 'nologin'
I also changed my ssh port to 1234 (example)
Now I have to login as myself (user) and then su to get root access.
I am setting up a new server and need to transfer all the web sites from my current server to my new server.
It will be a few days before I switch over, but in the meantime I want to transfer the files and then keep them up to date.
I wanted to do this during the night automatically by setting up a cron job.

I setup 'automatic login' from my current server to my new server.
This works fine when root login is allowed, but not when it is blocked.

Hence the reason for my orignal post.

'leb' came up with the answer that solved my problem:
This is a 'one off' excersize, but in any event, as server administrator I have to backup all the web sites on a daily basis.
Therefore it wouldn't be practical to setup lots of cron jobs.

Hope this makes things clearer.

Thanks for all the help and advise that I have been given.

My problem is SOLVED