I have debian sid on my home box, and debian etch on my vps.

I followed the directions in this tutorial, as closely as I could:

http://troy.jdmz.net/rsync/index.html

I am trying to get my home box to sync certian files with my VPS. It seems to work, except it is asking for a passord, when is should not. It seems to me I had this problem with rsync before.

I am logging in as root. Because I want to make sure I reach all of my files. I have been very careful about the permissions.

On my home box, I used

<code>
# ssh-keygen -t dsa -b 1024 -f /root/cron/mylocalhost-rsync-key
</code>

to create:

/root/cron/mylocalhost-rsync-key
/root/cron/mylocalhost-rsync-key.pub
/root/.ssh/known_hosts

Then I copied the mylocalhost-rsync-key.pub file to

/myremotehost/.ssh/authorized_keys

I made sure all .ssh and cron directories have permmisions of 700, and the key files have permissions of 600.

But I keep getting prompted for a password. It works after I put in the password.

What is your rsync command? you have to make sure it's trying to use the key.

It seems to me that you have your permissions backwards. You are sshing to the remote machine, but NOT as root, you are sshing as your remote user. Root looses all root powers, and comes in as simply 'myremotelogin'. That's fine if you don't have root level access to the VPS box, but there is no need to run as root on your home box, as your permissions will be no greater than whatever the myremoteuser has.

Your abbreviations also make it look like something is screwed up. You say that you put the key from your home machine in, "/myremotehost/.ssh/authorized_keys", but it needs to be in /$HOME/myremoteuser/.ssh/authorized_keys. I suspect that is where your problem lies, as I have setup password-free authentication plenty of times, and the directions on the site you linked to in the first post are right on the money.

Peace,
JimBass

Thank you for your help.

> You are sshing to the remote machine, but NOT as root, you are sshing as your remote user.

But my remote user *is* root. I am logged in as root on both the local and remote machines. Replace "myremotelogin" with "root" in the above. I suppose I should have just said:

rsync -avz -e "ssh -i /root/cron/mylocalhost-rsync-key" root@myremotehost:/remote/dir /this/dir/

That does not work either, same problem.

Your abbreviations also make it look like something is screwed up. You say that you put the key from your home machine in, "/myremotehost/.ssh/authorized_keys", but it needs to be in /$HOME/myremoteuser/.ssh/authorized_keys.

Here again, myremotehost == root. I have the key in "/root/.ssh/authorized_keys" because there is no /home/root. I should have been more clear about that.

Maybe using root on both machines is part of the problem? Maybe I start over and try this as a reqular user?

You can be root or not. If you check this site out, you'll see how to set up password free keys for root access. The beauty of ssh keys make it possible for a low level account to become root on another machine.

http://backuppc.sourceforge.net/faq/..._setup_openssh

Obviously the user backuppc won't apply in your case, but where they have user backuppc, you can replace that with root, or a non-root account. The only place you'll need to be root to grab everything is on the remote machine.

It doesn't matter if you do it as root on both sides. I like being a regular user on the local side, just to limit root access, but you do either need to be root on the VPS side, or a user with full access to what you need backed up.

Peace,
JimBass

Still does not work. Here is exactly what I did:

1. Test rsync to make sure it works:

2. Create keys on local machine:

3. Copy keys from local machine to remote machine:

4. Create and run the following script on the remote machine:

5. Made sure all .ssh and cron directories (dirs that contain keys) have permissions set to 700. And all the files that contain keys have permissions of 600.

6. Test it out:

I get the following:

But I should not get that

When you generated the keys did you enter a passphrase? If you did, this is what it is asking for.

If you just pressed [Enter] twice when it asked Enter passphrase (empty for no passphrase): then you will not be asked for the passphrase.

Ah ha.

I thought a passphrase was needed to generate the key. I thought the key was an encrypted form of the passphrase.

I take it I was entirely wrong in these assumptions - unless a lot of people have the same passphase.

No, as I understand it, the key is random.
If you supply a passphrase, that is also required, but it stops automatic-logins as the user is prompted for the passphrase (as you have found out).
Different people can have the same passphrase, but different keys.
A single user can have a single passphrase, but different keys [Edit: On different machines or accounts /Edit]. Clever.
The passphrase adds an extra level of security, in case your key is compromised.
So, is it working for you now?

Whoo-Hoo! It worked. Thank you.