>
> You got it, you are getting the unexpected EOF in read_timeout cause ssh is
> terminating early. You can copy keys of regular users however, run the key
> generation that came with your ssh package as the user, have that user copy
> the file to a floppy, give the floppy to you, and you copy it to the server
> they have to rsync to. You could automate that slightly by giving them a
> disk and a command to run to mount and further execute a script on the disk
> doing the above.
>
> You could also create an "expect" script, but then you have the password part
> in clear text on thier local machines.
>
> Or if you're extremely security consious (SecurID PIN leads me to believe
> that), setup your own PKI, have users request certificates, use those for the
> ssh authentication. It's considered by many to be as secure as SecurID's.
> But takes some mighty investment and time.
The problem:
o These machines are "managed" - ie, hosted elsewhere.
o There is no security policy outside of this double login which is
enforced by the outsourced managed service provider.
o I don't have physical access to the machines.
o I don't have root. And generating tickets for root required activities
is a several turn-around, at best.
o I'm not likely to get expect installed any time soon.
My options so far:
1) Wrap rsync in a setuid script which is then manageable via sudo and
requires the users to exercise discretion when running it.
2) Hack rsync to allow for the dual password scenario.
3) Write a detailed set of instructions and hand hold the users with key
setup. (If that actually works - I guess I should try it.)
It looks like option 3. :-(
>
> Rick Otten wrote:
>
> > Hello rsync gurus,
> >
> > Quick question:
> >
> > I am trying to rsync onto a machine which requires two passwords (using
> > ssh as the transport).
> > First is a regular password, the second is a SecurID PIN.
> >
> > I suspect this is why my rsync isn't working. Is this a good suspicion?
> >
> > Error message: "unexpected EOF in read_timeout"
> >
> > Is there an easy fix?
> >
> > I know I can copy ssh key files over to possibly eliminate one of the
> > passwords - however once I get this working I have a bunch of users who
> > do not have the technical skill to do that step who will need to run
> > rsync and I can't do it for them since I don't have root on either box.
> >
> > I'd rather not copy the key files over anyhow...
> >
> > Ideas?
> >
> > --
> > Rick Otten
> > [EMAIL PROTECTED]
> > O=='=++
>
> --
> Jason Hammerschmidt - MacLaren McCann Interactive - 416.643.8560
> "He who can no longer pause to wonder and stand rapt in awe, is as good as dead; his
>eyes are closed", Albert Einstein
>
>
>
>
--
Rick Otten
[EMAIL PROTECTED]
O=='=++
