On Fri, Aug 25, 2006 at 02:42:32PM -0700, Greg Thomas wrote: > On 8/25/06, Alexander Hall <[EMAIL PROTECTED]> wrote: > >Greg Thomas wrote: > >> On 8/25/06, Alexander Hall <[EMAIL PROTECTED]> wrote: > >>> Greg Thomas wrote: > > > >>> Here you are running the entire script as root (using sudo), and > >>> therefore ssh is run as root, which does not have your keys. > >> > >> Understood but how come the exact setup works from my system corn to > >> rice ( but not grits to rice)? corn is 3.8, grits is 3.9, and rice is > >> 4.0. Default ssh setup on all three except for: > >> > >> PermitRootLogin no > > > >One possibility could be that you have, on corn, copied the private key > >into /root/.ssh/, e.g. /root/.ssh/id_rsa. > > > > That's what I gathered from the earlier messages. But there is > nothing in any of my /root/.ssh directories except for known_hosts > left over from first login post-installation before I set > "PermitRootLogin no".
That's the problem. ssh behaves a little differently from the shell under sudo control. See, when you do sudo, you end up being just you with superuser powers. BUT, ssh sees this and assumes your identity to be root instead. You can see this with a -v option on the ssh command: $ sudo ssh -v [EMAIL PROTECTED] OpenSSH_4.3, OpenSSL 0.9.7g 11 Apr 2005 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to gehenna [192.168.1.2] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 <--- BOOM, you're root. debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* ... so, the fact that /root/.ssh is empty *is* the problem, and you can/should generate an appropriate keypair for this process and dump it into root's .ssh directory. Then the script will work as-is. The whole backup thing, to my mind, should be running as part of /etc/daily or whatever, which means it's root's responsibility in the first place. -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. [TOFU := text oben, Q: What is the most annoying thing on usenet? followup unten]
