On Sat, Feb 22, 2003 at 10:03:43PM +0100, dick hoogendijk wrote:
> On 22 Feb Matthew Seaman wrote:
> > # dump -0f - /usr | ssh linuxbox "cat > /foo/fbsd-usr.dump"
>
> It seemed easy enough, but it wasn't. "ssh linuxbox" won't work because
> I need a password. Guess I have to alter things to have an automatic ssh
> session. Don't exactly know how :-((
Hmmm... Usually you can just type in the password and everything
proceeds as planned. However, knowing how to use key based auth with
ssh is handy so here's a potted summary.
Generate an ssh key in the usual way:
# ssh-keygen -b 1024 -t rsa
which will prompt you for a passphrase. Enter one. The command will
create two files:
id_rsa (the private key) and
id_rsa.pub (the public key)
Move 'id_rsa' in /root/.ssh and make sure it has the right ownership
and fairly restrictive access permissions:
# mv id_rsa /root/.ssh/
# chmod 0600 /root/.ssh/id_rsa
# chown root:wheel /root/.ssh/id_rsa
Now copy the public key over to the linux box and add it to root's[*]
authourised keys file:
# scp id_rsa.pub linuxbox:/root/.ssh/
# slogin linuxbox
bash# cd /root/.ssh
bash# cat id_rsa.pub >> authorized_keys
Logout of the linux box. Start up the ssh-agent and load the key into it:
# eval `ssh-agent`
# ssh-add /root/.ssh/id_rsa
You'll be prompted for the passphrase. Enter it.
Now test that you can access the linux box using the key based
authorization:
# ssh -v linuxbox
--- you should see something like this in the output
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /root/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x87654321 hint -1
debug1: ssh-userauth2 successful: method publickey
You might need to take a few goes at this, and try connecting from
the linux box to the FreeBSD machine so that each host gets the
other's host key into the /root/.ssh/known_hosts files.
Eventually you should end up logged in without having to give the
password again. You should now be able to do your backups.
When you're done, remember to shut down the ssh-agent:
# eval `ssh-agent -k`
Cheers,
Matthew
[*] Actually, it's probably better to use some other UID than root on
the linux box.
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
