[opensuse] rsync with password?
All, I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working. My simple test script is: == #!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD echo RP = $RSYNC_PASSWORD rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ == Am I missing something? the echo is working fine. FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works. Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
----- Original Message ----- From: "Greg Freemyer" <greg.freemyer@gmail.com> To: "SUSE Linux" <opensuse@opensuse.org> Sent: Thursday, March 05, 2009 5:29 PM Subject: [opensuse] rsync with password?
All,
I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working.
My simple test script is:
==
#!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD
echo RP = $RSYNC_PASSWORD
rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ ==
Am I missing something? the echo is working fine.
FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works.
Since the remote path only uses one colon, that means you are using either ssh or rsh as the communication layer, not rsync itself (aka native rsync). RSYNC_PASSWORD only applies to native rsync. To authenticate non-interactively, you need to do so using whatever methods are available with the communication layer being used. Since the above command is not using rsync natively (there is only one colon), And since the above command does not explicitly specify the communication means (there is no "-e foo" command line argument), then the above command is communicating by whatever is the compile-time default for "-e". These days almost everywhere, and definitely for all opensuse packages, this is ssh. So, you need to set up ssh keys for user b291007. Similarly, the user specification above: "b291007" needs to be a real user in the OS on the remote machine, not an "rsync user" in /etc/rsyncd.secrets. It is not necessary for there to be a user b291007 on the local (client) machine. Similarly, the remote path specification above: "mach1/" means a directory named "mach1" in user b291007's home directory. NOT an rsync module defined in /etc/rsyncd.conf You are simply logging in via ssh as user b291007 to host backup.abc.com, just like if you did it manually to get a login prompt and then an interactive shell or if you used sftp. -- Brian K. White brian@aljex.com http://profile.to/KEYofR +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++. filePro BBx Linux SCO FreeBSD #callahans Satriani Filk! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, Mar 5, 2009 at 5:55 PM, Brian K. White <brian@aljex.com> wrote:
----- Original Message ----- From: "Greg Freemyer" <greg.freemyer@gmail.com> To: "SUSE Linux" <opensuse@opensuse.org> Sent: Thursday, March 05, 2009 5:29 PM Subject: [opensuse] rsync with password?
All,
I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working.
My simple test script is:
==
#!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD
echo RP = $RSYNC_PASSWORD
rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ ==
Am I missing something? the echo is working fine.
FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works.
Since the remote path only uses one colon, that means you are using either ssh or rsh as the communication layer, not rsync itself (aka native rsync).
RSYNC_PASSWORD only applies to native rsync.
To authenticate non-interactively, you need to do so using whatever methods are available with the communication layer being used.
Since the above command is not using rsync natively (there is only one colon), And since the above command does not explicitly specify the communication means (there is no "-e foo" command line argument), then the above command is communicating by whatever is the compile-time default for "-e". These days almost everywhere, and definitely for all opensuse packages, this is ssh.
So, you need to set up ssh keys for user b291007.
Similarly, the user specification above: "b291007" needs to be a real user in the OS on the remote machine, not an "rsync user" in /etc/rsyncd.secrets. It is not necessary for there to be a user b291007 on the local (client) machine.
Similarly, the remote path specification above: "mach1/" means a directory named "mach1" in user b291007's home directory. NOT an rsync module defined in /etc/rsyncd.conf
You are simply logging in via ssh as user b291007 to host backup.abc.com, just like if you did it manually to get a login prompt and then an interactive shell or if you used sftp.
-- Brian K. White brian@aljex.com http://profile.to/KEYofR
You are a fount of little known knowledge!! Unfortunately I am paying for a remote backup server that gives me very limited access. I'm just setting things up, so I'm not sure how this will work out. Getting a ssh connection via a key is unlikely to happen, but I should be able to get them to run rsync as a daemon. Thanks Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, Mar 5, 2009 at 6:58 PM, Greg Freemyer <greg.freemyer@gmail.com> wrote:
On Thu, Mar 5, 2009 at 5:55 PM, Brian K. White <brian@aljex.com> wrote:
----- Original Message ----- From: "Greg Freemyer" <greg.freemyer@gmail.com> To: "SUSE Linux" <opensuse@opensuse.org> Sent: Thursday, March 05, 2009 5:29 PM Subject: [opensuse] rsync with password?
All,
I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working.
My simple test script is:
==
#!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD
echo RP = $RSYNC_PASSWORD
rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ ==
Am I missing something? the echo is working fine.
FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works.
Since the remote path only uses one colon, that means you are using either ssh or rsh as the communication layer, not rsync itself (aka native rsync).
RSYNC_PASSWORD only applies to native rsync.
To authenticate non-interactively, you need to do so using whatever methods are available with the communication layer being used.
Since the above command is not using rsync natively (there is only one colon), And since the above command does not explicitly specify the communication means (there is no "-e foo" command line argument), then the above command is communicating by whatever is the compile-time default for "-e". These days almost everywhere, and definitely for all opensuse packages, this is ssh.
So, you need to set up ssh keys for user b291007.
Similarly, the user specification above: "b291007" needs to be a real user in the OS on the remote machine, not an "rsync user" in /etc/rsyncd.secrets. It is not necessary for there to be a user b291007 on the local (client) machine.
Similarly, the remote path specification above: "mach1/" means a directory named "mach1" in user b291007's home directory. NOT an rsync module defined in /etc/rsyncd.conf
You are simply logging in via ssh as user b291007 to host backup.abc.com, just like if you did it manually to get a login prompt and then an interactive shell or if you used sftp.
-- Brian K. White brian@aljex.com http://profile.to/KEYofR
You are a fount of little known knowledge!!
Unfortunately I am paying for a remote backup server that gives me very limited access. I'm just setting things up, so I'm not sure how this will work out.
Getting a ssh connection via a key is unlikely to happen, but I should be able to get them to run rsync as a daemon.
Thanks Greg
To my surprise they have a help page that explains how to upload a .ssh directory and authorized key file to enable ssh access without a password. Easy enough, I just had no idea. I'm too used to ssh'ing in and had not thought about it being done this way. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Greg Freemyer wrote:
To my surprise they have a help page that explains how to upload a .ssh directory and authorized key file to enable ssh access without a password. Easy enough, I just had no idea. I'm too used to ssh'ing in and had not thought about it being done this way.
Aha very nice. So disregard my last post since you have already obsoleted it ;) -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Greg Freemyer wrote:
To my surprise they have a help page that explains how to upload a .ssh directory and authorized key file to enable ssh access without a password. Easy enough, I just had no idea. I'm too used to ssh'ing in and had not thought about it being done this way.
IIRC, one gotcha to look out for is that rsync will get confused if the ssh login produces a prompt/motd or suchlike. Make sure it's quiet. Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Greg Freemyer pecked at the keyboard and wrote:
On Thu, Mar 5, 2009 at 5:55 PM, Brian K. White <brian@aljex.com> wrote:
----- Original Message ----- From: "Greg Freemyer" <greg.freemyer@gmail.com> To: "SUSE Linux" <opensuse@opensuse.org> Sent: Thursday, March 05, 2009 5:29 PM Subject: [opensuse] rsync with password?
All,
I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working.
My simple test script is:
==
#!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD
echo RP = $RSYNC_PASSWORD
rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ ==
Am I missing something? the echo is working fine.
FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works. Since the remote path only uses one colon, that means you are using either ssh or rsh as the communication layer, not rsync itself (aka native rsync).
RSYNC_PASSWORD only applies to native rsync.
To authenticate non-interactively, you need to do so using whatever methods are available with the communication layer being used.
Since the above command is not using rsync natively (there is only one colon), And since the above command does not explicitly specify the communication means (there is no "-e foo" command line argument), then the above command is communicating by whatever is the compile-time default for "-e". These days almost everywhere, and definitely for all opensuse packages, this is ssh.
So, you need to set up ssh keys for user b291007.
Similarly, the user specification above: "b291007" needs to be a real user in the OS on the remote machine, not an "rsync user" in /etc/rsyncd.secrets. It is not necessary for there to be a user b291007 on the local (client) machine.
Similarly, the remote path specification above: "mach1/" means a directory named "mach1" in user b291007's home directory. NOT an rsync module defined in /etc/rsyncd.conf
You are simply logging in via ssh as user b291007 to host backup.abc.com, just like if you did it manually to get a login prompt and then an interactive shell or if you used sftp.
-- Brian K. White brian@aljex.com http://profile.to/KEYofR
You are a fount of little known knowledge!!
Unfortunately I am paying for a remote backup server that gives me very limited access. I'm just setting things up, so I'm not sure how this will work out.
Getting a ssh connection via a key is unlikely to happen, but I should be able to get them to run rsync as a daemon.
Thanks Greg
Why don't you use expect for this as that is what it was designed for. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ken Schneider - openSUSE wrote:
Greg Freemyer pecked at the keyboard and wrote:
On Thu, Mar 5, 2009 at 5:55 PM, Brian K. White <brian@aljex.com> wrote:
----- Original Message ----- From: "Greg Freemyer" <greg.freemyer@gmail.com> To: "SUSE Linux" <opensuse@opensuse.org> Sent: Thursday, March 05, 2009 5:29 PM Subject: [opensuse] rsync with password?
All,
I'm trying to connect to a remote rsync server. ie. It is running rssh as the shell and rsync is one of the few allowed programs to run.
From my local machine I can invoke rsync and it connects and rsync asks me for a password. I provide it an all proceeds fine.
I need this to work from a script. So I'm trying to use the RSYNC_PASSWORD environment variable to pass in the password but it is not working.
My simple test script is:
==
#!/bin/sh RSYNC_PASSWORD=<my_password> export RSYNC_PASSWORD
echo RP = $RSYNC_PASSWORD
rsync -avh --delete --stats --max-size=100M --links --timeout=600 /$BACKUP_PATH/config-enc-raw /$BACKUP_PATH/srv-enc-raw b291007@backup.abc.com:mach1/ ==
Am I missing something? the echo is working fine.
FYI: by chance the password I'm trying starts with a shell special char, but I can't see why that would be an issue since the echo works.
Since the remote path only uses one colon, that means you are using either ssh or rsh as the communication layer, not rsync itself (aka native rsync).
RSYNC_PASSWORD only applies to native rsync.
To authenticate non-interactively, you need to do so using whatever methods are available with the communication layer being used.
Since the above command is not using rsync natively (there is only one colon), And since the above command does not explicitly specify the communication means (there is no "-e foo" command line argument), then the above command is communicating by whatever is the compile-time default for "-e". These days almost everywhere, and definitely for all opensuse packages, this is ssh.
So, you need to set up ssh keys for user b291007.
Similarly, the user specification above: "b291007" needs to be a real user in the OS on the remote machine, not an "rsync user" in /etc/rsyncd.secrets. It is not necessary for there to be a user b291007 on the local (client) machine.
Similarly, the remote path specification above: "mach1/" means a directory named "mach1" in user b291007's home directory. NOT an rsync module defined in /etc/rsyncd.conf
You are simply logging in via ssh as user b291007 to host backup.abc.com, just like if you did it manually to get a login prompt and then an interactive shell or if you used sftp.
-- Brian K. White brian@aljex.com http://profile.to/KEYofR
You are a fount of little known knowledge!!
Unfortunately I am paying for a remote backup server that gives me very limited access. I'm just setting things up, so I'm not sure how this will work out.
Getting a ssh connection via a key is unlikely to happen, but I should be able to get them to run rsync as a daemon.
Thanks Greg
Why don't you use expect for this as that is what it was designed for.
Good god no that's like saying why use a shell script when you could just make an array of solenoids to press the keyboard keys by reading a player piano roll. Expect was designed for cases where no other or no better way exists. Expect was designed to automate things which were not originally designed to be automated, and it should really only be used as a last resort when that is exactly the case, when you need to automate something that has no facility already for doing so. As a system, it's never very robust, merely, .. lucky. As long as the program you are interacting with always behaves exactly the same way (such as the dialup login prompt of a remote system originally), and as long as your expect script has enough complexity to handle any unexpected output (or lack of), then things will work ok. But ultimately, no matter what, no mater how good expect itself is or how well you wrote your expect script (which can be quite non-trivial and subtle!) you still have a system where 1/2 of the system was not designed to be automated. ssh on the other hand was designed to be automated from the get go and has it's own robust, and _simpler_ means built-in. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2009-03-05 at 22:21 -0500, Brian K. White wrote:
Why don't you use expect for this as that is what it was designed for.
Good god no that's like saying why use a shell script when you could just make an array of solenoids to press the keyboard keys by reading a player piano roll. Expect was designed for cases where no other or no better way exists. Expect was designed to automate things which were not originally designed to be automated, and it should really only be used as a last resort when that is exactly the case, when you need to automate something that has no facility already for doing so. As a system, it's never very robust, merely, .. lucky. As long as the program you are interacting with always behaves exactly the same way (such as the dialup login prompt of a remote system originally), and as long as your expect script has enough complexity to handle any unexpected output (or lack of), then things will work ok. But ultimately, no matter what, no mater how good expect itself is or how well you wrote your expect script (which can be quite non-trivial and subtle!) you still have a system where 1/2 of the system was not designed to be automated.
ssh on the other hand was designed to be automated from the get go and has it's own robust, and _simpler_ means built-in.
Mmm... I have to use expect to automate ssh into my router, as there is no way to put the key file into its "filesystem". No other way round. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmwmUAACgkQtTMYHG2NR9VsswCfWr+5VBo2LanxyHbhKQd40DQR DOcAmgMjUrkTDN8VwwtAQwCfQd1qD1ac =Vs/b -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Greg Freemyer wrote:
Unfortunately I am paying for a remote backup server that gives me very limited access. I'm just setting things up, so I'm not sure how this will work out.
Getting a ssh connection via a key is unlikely to happen, but I should be able to get them to run rsync as a daemon.
If you have any sort of ssh access at all then you can install keys. You don't need them to do anything. If you don't have any sort of ssh access, even just file-transfer, well, then that is an entirely different problem. But since rsync works manually, that proves you have ssh access and so you can install ssh keys. You generate a key pair yourself on your own box, use your working file transfer ability (you said you can rsync successfully manually, this is all you need) to create a .ssh directory in your own home directory on their box and upload the public key into it. http://www.sshkeychain.org/mirrors/SSH-with-Keys-HOWTO/SSH-with-Keys-HOWTO-4... -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (5)
-
Brian K. White -
Carlos E. R. -
Dave Howorth -
Greg Freemyer -
Ken Schneider - openSUSE