Looking for how to set
up RSync over SSH so that you can run it in a cron job, or without
entering a password?
It’s actually very simple. Just follow these few steps:
—- 1 —-
As the user you are going to be running rsync as, and on the machine you will be running rsync on, type: ssh-keygen -t rsa
Follow the prompts and use the defaults for the filenames it gives you.
Don’t enter in a passphrase, otherwise you will still be prompted for a
password when trying to connect.
You should then have two new files in ~/.ssh, id_rsa and id_rsa.pub.
—- 2 —-
Open ~/.ssh/id_rsa.pub and copy the line in it to the
~/.ssh/authorized_keys file on the host you will be connecting to as
the user you will be logging in as.
—- 3 —-
Now try it out. Try ssh’ing from the host you created the id_rsa* files
on to the one you added a line to the authorized_keys file. You won’t
be prompted for a password any more.
—- 4 —-
Voila!
Thanks to http://freebsd.peon.net/quickies/21/
Related posts:
Of course this is terribly insecure, allowing full shell access without a password. Fortunately there is a way to mitigate this somewhat by prefixing the public key in your authorized_keys file to restrict a particular key to only running certain commands. Here’s mine:
command=”/home/laney/.ssh/check_command”,from=”my.i.p”,no-port-forwarding,no-X11-forwarding,no-pty
Which validates the command (ssh user@host ), restricts to a single IP, and disables port forwarding and many other things. Much more secure, although obviously only as secure as those commands which you allow.
check_command is here: http://orangesquash.org.uk/~laney/check_command
Step 2 can be simplified by using the ssh-copy-id command.
Hello,
You should permit people to copy the contain of your solution. Not to reply them like Get ‘Orf My Laaaaand