DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to get my home box to sync certian files with my VPS. It seems to work, except it is asking for a passord, when is should not. It seems to me I had this problem with rsync before.
I am logging in as root. Because I want to make sure I reach all of my files. I have been very careful about the permissions.
It seems to me that you have your permissions backwards. You are sshing to the remote machine, but NOT as root, you are sshing as your remote user. Root looses all root powers, and comes in as simply 'myremotelogin'. That's fine if you don't have root level access to the VPS box, but there is no need to run as root on your home box, as your permissions will be no greater than whatever the myremoteuser has.
Your abbreviations also make it look like something is screwed up. You say that you put the key from your home machine in, "/myremotehost/.ssh/authorized_keys", but it needs to be in /$HOME/myremoteuser/.ssh/authorized_keys. I suspect that is where your problem lies, as I have setup password-free authentication plenty of times, and the directions on the site you linked to in the first post are right on the money.
> You are sshing to the remote machine, but NOT as root, you are sshing as your remote user.
But my remote user *is* root. I am logged in as root on both the local and remote machines. Replace "myremotelogin" with "root" in the above. I suppose I should have just said:
Your abbreviations also make it look like something is screwed up. You say that you put the key from your home machine in, "/myremotehost/.ssh/authorized_keys", but it needs to be in /$HOME/myremoteuser/.ssh/authorized_keys.
Here again, myremotehost == root. I have the key in "/root/.ssh/authorized_keys" because there is no /home/root. I should have been more clear about that.
Maybe using root on both machines is part of the problem? Maybe I start over and try this as a reqular user?
You can be root or not. If you check this site out, you'll see how to set up password free keys for root access. The beauty of ssh keys make it possible for a low level account to become root on another machine.
Obviously the user backuppc won't apply in your case, but where they have user backuppc, you can replace that with root, or a non-root account. The only place you'll need to be root to grab everything is on the remote machine.
It doesn't matter if you do it as root on both sides. I like being a regular user on the local side, just to limit root access, but you do either need to be root on the VPS side, or a user with full access to what you need backed up.
4. Create and run the following script on the remote machine:
Code:
#!/bin/sh
if [ ! -d .ssh ]; then mkdir .ssh ; chmod 700 .ssh ; fi
mv mylocalhost-rsync-key.pub .ssh/
cd .ssh/
if [ ! -f authorized_keys ]; then touch authorized_keys ; chmod 600 authorized_keys ; fi
cat mylocalhost-rsync-key.pub >> authorized_keys
5. Made sure all .ssh and cron directories (dirs that contain keys) have permissions set to 700. And all the files that contain keys have permissions of 600.
I thought a passphrase was needed to generate the key.
No, as I understand it, the key is random.
If you supply a passphrase, that is also required, but it stops automatic-logins as the user is prompted for the passphrase (as you have found out).
Different people can have the same passphrase, but different keys.
A single user can have a single passphrase, but different keys [Edit: On different machines or accounts /Edit]. Clever.
The passphrase adds an extra level of security, in case your key is compromised.
So, is it working for you now?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.