Rsync password asked even after generating key (while ssh works passwordless)
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Rsync password asked even after generating key (while ssh works passwordless)
Hi,
I'm trying to setup a rsync between two servers, and want it to work without asking me for a password.
So I generated a ssh key and now I can ssh from one server to the other without being prompted for a key, that is perfect.
For example, if I do:
Code:
ssh IPofremoteserver
I am logged in into my remote server without ever getting prompted for a password.
Nope.
The thing I've noticed though is that I don't think asking for the password for root@remoteserver. It would usually say something like
Code:
root@remoteserver's password:
Instead, it just says
Code:
Password:
Is there any way it asks for the password of root on the source server? Or maybe rsync has a password (but then, why would it be the same as my root password...?)
show us the exact code output when you ssh v rsync (redact IP/host_names/etc) you are not confortable showing on screen. it should look something like the following:
Code:
(user@place) ~ $ ssh user@<public_IP>
Last login: Thu Jun 6 10:06:59 2013 from imac
[user@server ~]$ exit
logout
Connection to public_IP closed.
(user@place) ~ $
(user@place) ~/logs $ rsync -aviS 2013-05-22-Wednesday-rsync.log user@<public_IP>:/home/user/
sending incremental file list
<f+++++++++ 2013-05-22-Wednesday-rsync.log
sent 13876 bytes received 31 bytes 9271.33 bytes/sec
total size is 13767 speedup is 0.99
(user@place) ~/logs $
root@source:~# rsync -ave ssh --exclude /home/owncloud /home remote_IP::NetBackup/VPS_backup
Password:
sending incremental file list
sent 1904724 bytes received 7345 bytes 115882.97 bytes/sec
total size is 3837624443 speedup is 2007.05
and
Quote:
root@source:~# ssh remote_IP
BusyBox v1.16.1 (2012-08-30 00:05:33 CST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
I'm root on both.
The remote server is a Synology NAS (while the source is a VPS). Could it be that it's in fact asking for the password of rsync on the NAS?
Edit: in debug mode, here is what I get
Code:
root@source:~# rsync -r -e 'ssh -va' /test destination_IP::NetBackup/test
OpenSSH_5.5p1 Debian-6+squeeze3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to destination_IP port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1-hpn13v11
debug1: match: OpenSSH_5.8p1-hpn13v11 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'destination_IP' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: rsync --server --daemon .
Password:
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 7368, received 3008 bytes, in 3.9 seconds
Bytes per second: sent 1889.6, received 771.4
debug1: Exit status 0
Can you log in with ssh by itself using the keys you created? How about then with the agent? Make sure those are working before trying to add in rsync.
By agent, I mean specifically ssh-agent which you would give keys using ssh-add. An agent allows you to have a strong passphrase on your key, but still be able to log in automatically later. You can check to see if your system is running the agent and your environment is configured to use it.
Code:
set | grep SSH
What happens when you leave out the double colon in the rsync line and try the usual source: destination: syntax?
When I leave out the double colon, it gives me this:
Code:
sending incremental file list
rsync: mkdir "/root/NetBackup/VPS_backup" failed: No such file or directory (2)
rsync error: error in file IO (code 11) at main.c(615) [Receiver=3.0.8]
rsync: connection unexpectedly closed (9 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
I really think that this is a problem with an authorization rsync needs to get "inside" the remote server, not a problem with SSHing the remote server. From what I got there (in the longest code section), you can see that it does SSH passwordless with the RSA key but only asks for a password after the "rsync" command is prompted. So I think I have to configure something on my remote server (a synology NAS), not on the source (VPS running Debian). I may be wrong though...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.