On Thu, Oct 07, 2010 at 02:14:47PM -0400, Willie Wong wrote: > On Thu, Oct 07, 2010 at 06:45:49PM +0200, Momesso Andrea wrote: > > I need to set up a cron job to transfer a file every day from server A > > to server B. > > > > I'd like to do that via ssh and with no user assistance, completely > > automated. > > > > Setting up a public key, would do the job, but then, all the > > connections between the servers would be passwordless, so if server A > > gets compromised, also server B is screwed. > > > > Is there a way to allow only one single command from a single cronjob > > to operate passwordless, while keeping all the other connections > > secured by a password? > > In the authorized_keys file, you need to include a specification of > "command=<insert command here>". Which means that on log-in with the > public key, the sshd will execute that command, and any other commands > sent from the machine which originated the connection will not > execute. > > So I'd imagine you can untar with the command at the target, and > instead of scp, use something like > > tar <file> | ssh -i <identity file> u...@host >
These two links may also be helpful: http://www.debian-administration.org/articles/438 http://sial.org/howto/rsync/ W -- Willie W. Wong ww...@math.princeton.edu Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire et vice versa ~~~ I. Newton
