On Mon, 30 Sep 2013, John Tate wrote: > I want to be able to log in as root by SSH with a specific IP address. > This is so rsync can log in to the server easily and backup many files > owned by many different users and groups. Rather than a script on the > server logging into the server with the backups with many files and > many different users. > > Can it be done?
I assume you mean that you want the source to be from a specific IP address. That is, you have more than one address on the computer and you want the request to be from an alias. Is that right? If so, try this: ssh -b 192.168.1.201 [email protected] If you are connecting to a specific IP address, that is rather trivial. Unless, of course, you do not permit logins to root. Are you using RSA or DSA keys to do it? If so, you can set PermitRootLogin without-password in your /etc/ssh/sshd_config file. To make the connection automagically, you can either leave the pasword blank when running ssh-keygen or use the keychain program so that you only have to enter the password when you bring up the machine. There is a method whereby you can create a certificate signed with a key issued by a certificate authority that can restrict a connection to the server from one particular host. That way, if someone else manages to get a copy of your host key, they will not be able to use it to connect to the server from their machine if their machine is not on the address list. Disclaimer: I've never tried using ssh certificates so you might want something from someone who knows more about them. Eric Johnson
