SSH/SCP with no password
Hello all,
I'm trying to get my webserver to regularly SCP some files into a back up server at my house. The problem is that it requires a password and I don't want that in my cron script. I have read a plethora of material of RSA authentication and I can't seem to make this happen. Here are some things I'd like clarified. To do password-less SSH connections I understand there is a two keys made. One for the server, and one for the clients that I wish to allow to SSH in password free. Which key goes to which machine and in which directory does which key sit? My home server is Ubuntu 6.04 Server edition. My webserver is Fedora Core 4 (its dedicated, i have full root). Please tell me what I need to do make this happen. Thanks so much. |
Quote:
Code:
$ pwd |
And what needs to be enabled on my client ssh_config and my sshd_config on my server?
I swear I've already tried to do exactly what you just said, except I never appended the file. I just renamed my rsa_id.pub file to authorized_keys in my ~/.ssh/ directory on my webserver instead of cat >>. |
Quote:
You might also want to make sure the permissions of the "~/.ssh" directory and the "~/.ssh/authorized_keys" file are set correctly. They should be set "drwx------" and "-rw-r--r--", respectively. |
Why does permissions matter if I'm root on both sides and trying to scp a file as root? Could you please post a dump of your servers /etc/ssh/sshd_config for me. Obviously change any values that might be a security issue./
|
Quote:
Here's the dump of my /etc/ssh/sshd_config. Code:
Protocol 2 |
Quote:
|
Yes. I understand there are security risks. But if someone really wants to hack either of my machines I'm sure they're getting in. I have chosen to use SCP/SSH instead of ftp as my security practice. Furthermore, Linux can be great but I find it is always sucking away countless hours of my time that I could spend a lot more efficiently. I can't afford to not get this system going and finish the project. Every delay costs me more time and money. When everything is finished and the system seems stable, I will have an expert go in and clean up any unnecessary risks I may have created.
**Edit** I forgot to say I have chosen root users because I felt it would take less setup than figuring out which of my distro's require which permissions on which authorized_keys file etc. Speaking of which... can anyone clear up what those permissions need to be and a handy command to set them? I still cannot for the life of me get this to work. I did notice however that at one point I could ssh to my webserver from my backup machine with out a password... however that is the process reversed lol, which is what I don't want. I tried everything in opposites too... *sigh* |
Quote:
|
Ok I finally got it working. I think some of the guides I was reading confused me, or perhaps the people who wrote them are confused themselves. Apparently the PUB key file goes to the server you are sshing into as the authorized key... I thought it was the other way around. PUBLIC would go to the public machines... maybe I think differently lol. Thanks all who offered their advice. I appreciate it.
|
Quote:
|
LOL well I appreciate the effort. I also messed around with my ubuntu config so much i wasn't sure what was going on. So I reinstalled it and tried it backwards and voila!
|
All times are GMT -5. The time now is 01:48 AM. |