Rsync and SSH

This Rsync and ssh is to automatically backup files from one server to another.

for more doc follow this link

We generate a key

$ ssh-keygen -t dsa -b 2048 -f /home/thisuser/cron/thishost-rsync-key
Generating public/private dsa key pair.
Enter passphrase (empty for no passphrase): [press enter here]
Enter same passphrase again: [press enter here]
Your identification has been saved in /home/thisuser/cron/thishost-rsync-key.
Your public key has been saved in /home/thisuser/cron/thishost-rsync-key.pub.
The key fingerprint is:
2e:28:d9:ec:85:21:e7:ff:73:df:2e:07:78:f0:d0:a0 thisuser@thishost

Copy the public key to remove PC

$ scp /home/thisuser/cron/thishost-rsync-key.pub remoteuser@remotehost:/home/remoteuser/

Configuring remotehost

$ ssh remoteuser@remotehost remoteuser@remotehost’s password: [type correct password here]

need to make sure we have the directory and files we need to authorize connections with this key

$ if [ ! -d .ssh ]; then mkdir .ssh ; chmod 700 .ssh ; fi
$ mv thishost-rsync-key.pub .ssh/
$ cd .ssh/
$ if [ ! -f authorized_keys ]; then touch authorized_keys ; chmod 600 authorized_keys ; fi
$ cat thishost-rsync-key.pub >> authorized_keys

we edit the ‘authorized_keys’ file (with vi)

before edit

ssh-dss AAAAB3NzaC1kc3MAAAEBAKYJenaYvMG3nHwWxKwlWLjHb77CT2hXwmC8Ap+ fG8wjlaY/9t4uA+2j2yBgN5cy8arlZ80q1Mcy763RjYGkR/FkLJ611HWIA= thisuser@thishost

we made the following change

from=”10.1.1.1″,command=”/home/remoteuser/cron/validate-rsync” ssh-dss AAAAB3Nza
C1kc3MAAAEBAKYBgN5cy8arlZ80q1Mcy763RjYGkR/FkLJ611HWIA= thisuser@thishost

your can omit the ‘from=”10.1.1.1″,’ part of the line (including the comma), then ‘rsync’ will be possible using this key from anywhere.

create a script /home/remoteuser/cron/validate-rsync

#!/bin/sh

case “$SSH_ORIGINAL_COMMAND” in
*&*)
echo “Rejected”
;;
*(*)
echo “Rejected”
;;
*{*)
echo “Rejected”
;;
*;*)
echo “Rejected”
;;
*

Leave a Reply

Your email address will not be published.