Les Mikesell wrote: >> This seems to me rather important. >> Are you saying that my setup is wrong? > > Yes, although it wouldn't work if you didn't also do it right. You can > have as many different keypairs as you like.
I'm not sure what you are saying. I tried the instructions I gave on a laptop which hadn't been used with BackupPC, and they seem to work, ie after running them I can backup a directory on the client OK. I didn't give any other relevant instructions on client or server. >> I find your account with "orginator" and "target" difficult to follow, >> like most of the BackupPC documentation and tutorials. > > There are two machines involved. The command originates where the ssh > command is executed - in this case the backuppc server. The account > originating the command must have read access to the private part of the > key pair - in this case the backuppc user. My humble suggestion is that you consider using the terms "BackupPC server" and "BackupPC client", which to my mind are unambiguous. I find when reading documentation on applications involving more than one computer that I often do not know which computer the author is referring to. > No other account or machine > should be able to read or have a copy of the private part of the key. > Therefore, the key pair should have been created by running ssh-keygen > as the backuppc user on the backuppc server. The remote side or target > is the one accepting the command via sshd, in this case the client of > backuppc. As sshd accepts the connection, it will look for the public > part of the key under .ssh in the home directory of the user you > specified for the connection, in this case root. Sshd will use the > public key it finds there to verify the identity of the connecting user > by asking it to do something only possible if the connecting user has > read access to the private part of the key. Therefore the relevant > public key (made as the backuppc user on the backuppc server) needs to > be in root's home directory on the clients, appended to > .ssh/authorized_keys or .ssh/authorized_keys2. Again, this doesn't > have much to do with backuppc. It is the way ssh works with any remote > command. Is it not possible that running "ssh -l root <client>" on the server actually sets up the connection appropriately for BackupPC? -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ------------------------------------------------------------------------------ _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
