From owner-freebsd-questions Sat Feb 22 13:46:35 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3A0C137B401 for ; Sat, 22 Feb 2003 13:46:33 -0800 (PST) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id E778A43F75 for ; Sat, 22 Feb 2003 13:46:31 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) by smtp.infracaninophile.co.uk (8.12.7/8.12.7) with ESMTP id h1MLkS5U008389 for ; Sat, 22 Feb 2003 21:46:28 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.7/8.12.7/Submit) id h1MLkSnL008388 for freebsd-questions@freebsd.org; Sat, 22 Feb 2003 21:46:28 GMT Date: Sat, 22 Feb 2003 21:46:28 +0000 From: Matthew Seaman To: freebsd-questions Subject: Re: fbsd backup 2 remote Message-ID: <20030222214628.GB7546@happy-idiot-talk.infracaninophi> Mail-Followup-To: Matthew Seaman , freebsd-questions References: <20030222145404.GA251@pooh.nagual.st> <20030222160437.GA5430@happy-idiot-talk.infracaninophi> <20030222210343.GA18760@nagual.st> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030222210343.GA18760@nagual.st> User-Agent: Mutt/1.5.3i X-Spam-Status: No, hits=-3.3 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_02_03, TO_LOCALPART_EQ_REAL,USER_AGENT,USER_AGENT_MUTT version=2.44 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Feb 22, 2003 at 10:03:43PM +0100, dick hoogendijk wrote: > On 22 Feb Matthew Seaman wrote: > > # dump -0f - /usr | ssh linuxbox "cat > /foo/fbsd-usr.dump" > > It seemed easy enough, but it wasn't. "ssh linuxbox" won't work because > I need a password. Guess I have to alter things to have an automatic ssh > session. Don't exactly know how :-(( Hmmm... Usually you can just type in the password and everything proceeds as planned. However, knowing how to use key based auth with ssh is handy so here's a potted summary. Generate an ssh key in the usual way: # ssh-keygen -b 1024 -t rsa which will prompt you for a passphrase. Enter one. The command will create two files: id_rsa (the private key) and id_rsa.pub (the public key) Move 'id_rsa' in /root/.ssh and make sure it has the right ownership and fairly restrictive access permissions: # mv id_rsa /root/.ssh/ # chmod 0600 /root/.ssh/id_rsa # chown root:wheel /root/.ssh/id_rsa Now copy the public key over to the linux box and add it to root's[*] authourised keys file: # scp id_rsa.pub linuxbox:/root/.ssh/ # slogin linuxbox bash# cd /root/.ssh bash# cat id_rsa.pub >> authorized_keys Logout of the linux box. Start up the ssh-agent and load the key into it: # eval `ssh-agent` # ssh-add /root/.ssh/id_rsa You'll be prompted for the passphrase. Enter it. Now test that you can access the linux box using the key based authorization: # ssh -v linuxbox --- you should see something like this in the output debug1: next auth method to try is publickey debug1: userauth_pubkey_agent: testing agent key /root/.ssh/id_rsa debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x87654321 hint -1 debug1: ssh-userauth2 successful: method publickey You might need to take a few goes at this, and try connecting from the linux box to the FreeBSD machine so that each host gets the other's host key into the /root/.ssh/known_hosts files. Eventually you should end up logged in without having to give the password again. You should now be able to do your backups. When you're done, remember to shut down the ssh-agent: # eval `ssh-agent -k` Cheers, Matthew [*] Actually, it's probably better to use some other UID than root on the linux box. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message