On Sat, Nov 8, 2014 at 10:20 AM, Holger Parplies <[email protected]> wrote:
>> Mauro Condarelli wrote on 2014-11-07 22:45:53 +0100 [Re: [BackupPC-users] >> Unable to read 4 bytes]: >> [...] >> What follows is what I use to setup a key exchange, > > I don't believe that's completely true ;-). > >> obviously there are zillions ways to do the same. >> >> backuppc@server:~$ scp .ssh/id_dsa mcon@mailgate:/tmp/[email protected] > > Actually, you need the *public* key on the client (".ssh/id_dsa.pub"), not the > private key. More than that, you *should not have* the private key on the > client machine. Conceptionally, possession of the private key is considered as > proof for being the legitimate BackupPC server. The client machine isn't the > legitimate BackupPC server, so it shouldn't be able to prove it is :-). > > Additionally, I would advise against temporarily storing the key - even the > public key - in /tmp. You are later going to do (and this only makes sense if > it actually was the public key you transferred) ... And probably even more to the point is that most systems have an 'ssh-copy-id' script that will do it for you and get it right. The RedHat/Centos versions even fix the SElinux contexts for you. -- Les Mikesell [email protected] ------------------------------------------------------------------------------ _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
