I am using a remote storage service for backing up our data - we want to have a script run as part of a cron job which would do the backups from our local Linux machine to the service's Linux machine.
I want to use tar and ssh to do this (rather than mounting the disk and using cp) . Therefore want to learn how to avoid having to type in a password with ssh. I am new to this feature so I went online and read the procedure, downloaded and built OpenSSH and did the following:
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key \(/homes/12/same/.ssh/id_rsa\):
/homes/12/same/.ssh/id_rsa already exists.
Overwrite \(y/n\)? y
Enter passphrase \(empty for no passphrase\):
Enter same passphrase again:
Your identification has been saved in /homes/12/same/.ssh/id_rsa.
Your public key has been saved in /homes/12/same/.ssh/id_rsa.pub.
The key fingerprint is:
27:a4:d4:63:35:62: ... same@dpdw
$ ssh-copy-id -i ~/.ssh/id_dsa.pub test3@remote.machine test3@remote.machine''s password:
Now try logging into the machine, with "ssh 'test3@remote.machine'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
So at this point I'm expecting to be able to ssh into the remote machine and not be prompted for a password. Is this what should happen? As can be below seen I'm still prompted.
Ok I started over: I ssh'ed into the remote machine, bricklayer, and deleted .ssh/authorized_keys. then exited to the local machine, meggi, and deleted id_rsa and id_rsa.pub. Then regenerated the key. Here's the whole sequence from scratch:
$ rm .ssh/authorized_keys
$ exit
logout
Connection to bricklayer.remotehost closed.
>
> rm .ssh/id_rsa*
>
> ls .ssh/
known_hosts
> uname -n
meggi
> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key \(/homes/12/same/.ssh/id_rsa\):
Enter passphrase \(empty for no passphrase\):
Enter same passphrase again:
Your identification has been saved in /homes/12/same/.ssh/id_rsa.
Your public key has been saved in /homes/12/same/.ssh/id_rsa.pub.
The key fingerprint is:
ff:1b:fa:c6:80:33:15:ae:9e:57:39:94:38:20:67:c1 same@meggi
>
> ssh-copy-id -i ~/.ssh/id_rsa.pub [email]test3@bricklayer.remo[/email]tehost
[email]test3@bricklayer.remo[/email]tehost's password:
Now try logging into the machine, with "ssh 'test3@bricklayer.remotehost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
> cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2E...WUXfilLCNywEmX0= same@meggi
>
>
> ssh [email]test3@bricklayer.remo[/email]tehost
[email]test3@bricklayer.remo[/email]tehost's password:
Last login: Fri Aug 1 12:13:58 2008 from meggi.localhost
$
$ uname -n
bricklayer
$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2E...WUXfilLCNywEmX0= same@meggi
$
So the two files ~/.ssh/id_rsa.pub and .ssh/authorized_keys are identical, I diff'ed them. Is that the way it should be? Also does the local machine's ~/.ssh/known_hosts file play a role in this?
What ID are you using on meggi to execute the ssh login to bricklayer?
It should be the same, 'test3'. It looks like you used the ID of 'same' to generate
the RSA key?