The next job is to add a cron job to do the rsync at a regular schedule. Ssh-copy-id -i /mnt/user/Vault/bobby.pub -avz -stats -progress -rsh="ssh -l bobby -i /mnt/user/Vault/bobby" bobserver:/opt/photos /mnt/user/BobsBackup So, if my remote username is “bobby”, the server is called “bobserver”, the remote directory is “/opt/photos” and it is going be stored into /mnt/user/BobsBackup I would do the following: ssh-keygen -t rsa -f /mnt/user/Vault/bobby You want to reference your private key here All we need to do is tell rsync which key to use: rsync -avz -stats -progress -rsh="ssh -l -i /mnt/user/Vault/clientA" : Great, but what has this got to do with rsync? Well, rsync and many other things work over ssh. SSH using that keyĪ subsequent ssh -l -i /mnt/user/Vault/clientA.pub You are copying the =.pub=lic key, not the private one! Enter the password and that if it all goes well that is the last time you need to enter that password -). Simple as: ssh-copy-id -l -i /mnt/user/Vault/clientA.pub The permissions for both should be no more than 0600 (user read and write only), but ssh-keygen does that automatically. pub is your private one which you want to wrap in tinfoil and put in a locked box. pub is the public key you can throw around with abandon. This creates /mnt/user/Vault/clientA and /mnt/user/Value/clientA.pub. Make sure you don’t use a passkey for the SSH keys themselves Ssh-keygen -t RSA -f /mnt/user/Value/clientA Given unRAID is all about your shares, and those shares live on an XFS filesystem, why not choose a (very secure and not public!) share? I therefore created one share called “vault”, locked it down in unRAID and created the relevant keys: mkdir /mnt/user/Vault Specifically I am =rsync=ing, but let’s create the keys first. Generate a new SSH key pair onto that file system.ssh/id_rsa.pub but they can actually come from anywhere. Well, as I am sure you know, SSH is all about two files, a private one you own and protect and a public one which you can give out willy-nilly. The problem is that sshd is a pig about permissions and whilst unRAID does come with some persistent SSH keys, because of the underlying file system (exFAT or FAT32) the permissions are too strict. (And yes, the eagle eyed amongst you will remember I moved away from it previously. I wanted to rsync some data directly to and from my unRAID server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |