[Mageia-dev] SSH PAM configuration
Anne Wilson
annew at kde.org
Tue Aug 14 16:56:33 CEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 14/08/12 10:01, Colin Guthrie wrote:
> 'Twas brillig, and Anne Wilson at 13/08/12 18:06 did gyre and
> gimble:
>> On 13/08/12 11:04, Olav Vitters wrote:
>>> On Mon, Aug 13, 2012 at 09:39:07AM +0100, Anne Wilson wrote:
>>>> Why would anyone need root login over ssh? I don't allow it
>>>> on my server and it has never caused me any problems. Su to
>>>> root works perfectly well and avoids the security risk, so I
>>>> don't understand this thread.
>>
>>> Remote backups. Quite easy to setup an SSH key which only runs
>>> rsync.
>>
>> I use rsync on the server for local backups, and I use SSH with
>> keys to access the server from laptops for maintenance tasks, but
>> I have never managed to make rsync over ssh with keys work.
>> People tell me to just use ssh without keys, but I'm reluctant to
>> do that. Maybe one day I'll find something that steps me through
>> it, so that I can find the missing link.
>
> In this case if you want a special key that can *only* run rsync
> you need to configure your authorized_keys correctly with
> appropriate command= definition.
>
> But even without specific setup if you can ssh between hosts
> happily, just do "rsync -e ssh" on the client side and just use
> foo at remote:/path/to/files syntax. Job done :)
>
Sure, but knowing how prone we all are to forget, my intention was to
do it by cron :-) As I said, I can manually do anything I need to,
but I want scheduled checks for changed files. Annoyingly, I have to
say that the only part I have working for that is the Windows 7 backup
of my embroidery project files. When I'm working there, changes are
backed up four times a day.
I'm guessing that Windows is using my local mount of the appropriate
drive on the server, and I tried doing that in Linux, thinking it
would solve it, but no matter what I do, I still get "denied". It has
to be something about the way the keys are passed to the server when
using cron, as I can use the local mount to move things around in
Dolphin with no problems whatsoever. If I ssh from konsole it is
clear that my keys are being passed. I don't think cron is doing that.
Anne
- --
Need KDE help? Try
http://userbase.kde.org or
http://forum.kde.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAqZx8ACgkQj93fyh4cnBdnowCgillA7xTkrC2YvQg5Et1gxT2k
wNMAn0a8hRmIkOWYd+iBJ75X6Xn1BgWN
=K4Z6
-----END PGP SIGNATURE-----
More information about the Mageia-dev
mailing list