On Sat, Feb 22, 2003 at 10:03:43PM +0100, dick hoogendijk wrote:
> On 22 Feb Matthew Seaman wrote:
> > # dump -0f - /usr | ssh linuxbox "cat > /foo/fbsd-usr.dump"
> It seemed easy enough, but it wasn't. "ssh linuxbox" won't work because
> I need a password. Guess I have to alter things to have an automatic ssh
> session. Don't exactly know how :-((

Hmmm... Usually you can just type in the password and everything
proceeds as planned. However, knowing how to use key based auth with
ssh is handy so here's a potted summary.

Generate an ssh key in the usual way:

    # ssh-keygen -b 1024 -t rsa 

which will prompt you for a passphrase.  Enter one.  The command will
create two files:

    id_rsa (the private key) and 

    id_rsa.pub (the public key)

Move 'id_rsa' in /root/.ssh and make sure it has the right ownership
and fairly restrictive access permissions:

    # mv id_rsa /root/.ssh/
    # chmod 0600 /root/.ssh/id_rsa
    # chown root:wheel /root/.ssh/id_rsa

Now copy the public key over to the linux box and add it to root's[*]
authourised keys file:

    # scp id_rsa.pub linuxbox:/root/.ssh/
    # slogin linuxbox
    bash# cd /root/.ssh
    bash# cat id_rsa.pub >> authorized_keys

Logout of the linux box.  Start up the ssh-agent and load the key into it:

    # eval `ssh-agent`
    # ssh-add /root/.ssh/id_rsa

You'll be prompted for the passphrase.  Enter it.

Now test that you can access the linux box using the key based

    # ssh -v linuxbox

---  you should see something like this in the output 

    debug1: next auth method to try is publickey
    debug1: userauth_pubkey_agent: testing agent key /root/.ssh/id_rsa
    debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x87654321 hint -1
    debug1: ssh-userauth2 successful: method publickey

You might need to take a few goes at this, and try connecting from
the linux box to the FreeBSD machine so that each host gets the
other's host key into the /root/.ssh/known_hosts files.

Eventually you should end up logged in without having to give the
password again.  You should now be able to do your backups.

When you're done, remember to shut down the ssh-agent:

    # eval `ssh-agent -k`



[*] Actually, it's probably better to use some other UID than root on
the linux box.  

Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to