Kenneth L. Owen wrote at about 00:20:41 -0500 on Friday, January 9, 2009: > Tino, > > Having gotten accustomed to Fedora, I prefer working as root when required > instead of having to enter lines twice -- once without sudo, error, then > retype it with sudo. I consider that a *feature* rather than a bug -- many times it has prevented me from doing some bone-headed damaging things (and by the way I use sudo all the time on Fedora, only using root when I need a full root shell environment or when I need to park myself in a directory that is only root-readable)
Also, you don't need to retype -- use bash to recall the previous line and just add sudo... Type: sudo !! Also, root can navigate to some directories that > normal user can't go. Once I get more used to using sudo, I may put root > back as it was. This was the ONLY reason for setting a root password. > > The backuppc password is only used initially to start BackupPC CGI for > setup, I think. I haven't gotten that far as yet. BackupPC is installed, > config.pl has been edited, but backuppc is currently halted until I get the > keys set. I have my LVM drive to house the backup files mounted and ready. > > The Archiver machine will also be my daytime workstation in the workshop. > Therefore, I want to be able to do more than just run BackupPC at night. > Some software not pertaining to BackupPC will be needed. > > Tino, in the original transcript, I didn't show work done on Winserver. > > Maybe I see the problem. On the winserver end, I put the public key in > authorized_keys2. Maybe Ubuntu version uses a different name from Fedora. > Maybe I should have put the key in authorized_keys. Shouldn't make a difference. Listen, I think it would save you time and hassle if you invested some time in reading up on ssh rather than trying to get spoon-fed step-by-step. SSH is a pretty basic utility that has many uses and you might as well lean how to use it right now since it can be very helpful in many machine-to-machine communication and admin activities. Plus, getting it right is critical to your machine security, so you might as well understand what you are doing. It's not rocket science -- it just requires a little stepping back and understanding what public key encryption is all about. > > I tried using authorized_keys and got the same result. The transcript > follows. (showing work on both ends) -- ken > > >>> On Archiver: ip: 192.168.1.106 > k...@archiver:~$ su - > Password: > r...@archiver:~# su backuppc > $ whoami > backuppc > $ ssh-keygen -t rsa > Generating public/private rsa key pair. > Enter file in which to save the key (/var/lib/backuppc/.ssh/id_rsa): > Enter passphrase (empty for no passphrase): > Enter same passphrase again: > Your identification has been saved in /var/lib/backuppc/.ssh/id_rsa. > Your public key has been saved in /var/lib/backuppc/.ssh/id_rsa.pub. > The key fingerprint is: > 08:2c:0f:a6:10:c6:6f:8a:0b:e9:1c:a9:1a:e3:30:39 backu...@archiver > > $ scp BackupPC_id_rsa.pub r...@192.168.1.101:/root/.ssh/ > The authenticity of host '192.168.1.101 (192.168.1.101)' can't be > established. > RSA key fingerprint is 71:a1:03:7d:fb:b9:87:1f:32:c7:a3:46:d0:81:2d:af. > Are you sure you want to continue connecting (yes/no)? yes > Warning: Permanently added '192.168.1.101' (RSA) to the list of known hosts. > r...@192.168.1.101's password: > BackupPC_id_rsa.pub > 100% 399 0.4KB/s 00:00 > > >>> On Winserver: ip: 192.168.1.101 (Also running Ubuntu) > k...@winserver:~$ su - > Password: > r...@winserver:~# cd /root/.ssh > r...@winserver:~/.ssh# ls -al > total 12 > drwx------ 2 root root 4096 2009-01-08 22:58 . > drwxr-xr-x 10 root root 4096 2009-01-08 22:39 .. > -rw-r--r-- 1 root root 399 2009-01-08 22:58 BackupPC_id_rsa.pub > > r...@winserver:~/.ssh# exit > logout > >>> root account can't run gedit in Ubuntu <<< > k...@winserver:~$ sudo gedit /root/.ssh/BackupPC_id_rsa.pub > sudo: unable to resolve host Winserver > [sudo] password for ken: > Added: from="Archiver" at beginning of BackupPC_id_rsa.pub > > k...@winserver:~$ su - > Password: > r...@winserver:~# cd /root/.ssh > r...@winserver:~/.ssh# cat BackupPC_id_rsa.pub >> authorized_keys > r...@winserver:~/.ssh# cat authorized_keys > from="Archiver" ssh-rsa AAAAB...//...CzFk8lw== backu...@archiver > r...@winserver:~/.ssh# > > >>> On Archiver: > $ chmod -R go-rwx * > $ ls -al > total 24 > drwx------ 2 backuppc backuppc 4096 2009-01-08 22:58 . > drwxr-xr-x 9 backuppc backuppc 4096 2009-01-08 12:46 .. > -rw------- 1 backuppc backuppc 399 2009-01-08 22:57 BackupPC_id_rsa.pub > -rw------- 1 backuppc backuppc 1675 2009-01-08 22:33 id_rsa > -rw------- 1 backuppc backuppc 399 2009-01-08 22:33 id_rsa.pub > -rw------- 1 backuppc backuppc 442 2009-01-08 22:58 known_hosts > $ ssh -l root 192.168.1.101 whoami > r...@192.168.1.101's password: <---Here it is asking for root password on > Winserver > root > $ > > -----Original Message----- > From: Tino Schwarze [mailto:backuppc.li...@tisc.de] > Sent: Thursday, January 08, 2009 6:19 PM > To: backuppc-users@lists.sourceforge.net > Subject: Re: [BackupPC-users] It's me again, Margret! - ssh-keygen > > > > ------------------------------------------------------------------------------ > Check out the new SourceForge.net Marketplace. > It is the best place to buy or sell services for > just about anything Open Source. > http://p.sf.net/sfu/Xq1LFB > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/ > ------------------------------------------------------------------------------ Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/