Ok. Thanks
On Wed, Mar 17, 2010 at 1:37 AM, Carl Wilhelm Soderstrom <
chr...@real-time.com> wrote:
> On 03/17 01:07 , Luis Paulo wrote:
> > Regarding the previous talk, you still need to allow the backup user to
> sudo
> > with visudo, right? If you want automated backups, that is.
>
> correct. s
On 03/17 01:07 , Luis Paulo wrote:
> Regarding the previous talk, you still need to allow the backup user to sudo
> with visudo, right? If you want automated backups, that is.
correct. something like this in your /etc/sudoers:
rsyncbakup ALL= NOPASSWD: /usr/bin/rsync
> And phraseless keys if you
First, thank you again for showing how to restrict commands with ssh.
It's a very tight solution. you just do ssh and the command runs. Ok.
Regarding the previous talk, you still need to allow the backup user to sudo
with visudo, right? If you want automated backups, that is.
And phraseless keys
On 03/16 09:31 , Luis Paulo wrote:
> Note: This may seem a bit off topic, but we are still talking about ssh and
> key generation on BackupPC, now mostly about security options, right?
It's related to ssh keys certainly. Are you wondering if it's time to change the
message subject?
--
Carl Sode
Thanks, Carl
I'll have to look a little better to it.
I kind of undestand the
no-port-forwarding,no-X11-forwarding,no-agent-forwarding part, the rsync
command, the key (not sure about what is dss), and at the end the backuppc
server name, I think
I'm looking again to the sshd man, and I'll try it
On 03/16 02:18 , Luis Paulo wrote:
> I don't know how to restrict with ssh what commands backuppc user can run as
> root, that's why I use visudo/sudoers
Here's an example authorized_keys file with restrictions on what command may be
run. This is how I invoke sudo; by putting this in the .ssh dire
Hi, Les
I don't know how to restrict with ssh what commands backuppc user can run as
root, that's why I use visudo/sudoers
I use backuppc user with sudo to do the backup so I may have keys with
passphrase for ssh as root (or not allow ssh as root at all).
As I understood it, this way, even if yo
On 3/13/2010 9:47 AM, Luis Paulo wrote:
>
> * the link I sent uses a different approach. You ssh as backuppc user
> and then you sudo to do the backup - $Conf{RsyncClientCmd}. Your rsa
> keys for backuppc user on both machines don't have password, but the
> root keys may now have passwords.
>
> * I
Why not just log in as a non-root user, (then "su -" to root), from either
one of the machines, or a machine on the same network as both?
> Hi Luis (and others),
>
> Since I must run back and forth between the machines, is there any way
> to use a sneaker-LAN (e.g. USB memory stick) to transport
Sure, ken. Learn and share.
A few points to make your reading easier
* backuppc server needs to log to the client as root without the need of
human intervention (to insert a password, for example)
* That's why you now connect with ssh as root with empty password keys.
* empty password keys are
Hi Luis,
Just as I thought, it now works!!! Thanks to you for sticking with me
to find my mistake. Only on a computer can you find twenty ways to make
the same mistake! -- ken
>>> PROBLEM SOLVED <<<
== previous reply ==
Hi Luis,
I did a line by line compare o
Hi, ken
Sorry for the delay.
I can't understand why the root password is not accepted.
You may try the -v switch, as in
scp -v ~/.ssh/BackupPC_id_rsa.pub r...@192.168.1.101:/root/.ssh/
Next is my sshd_config. See if it helps
-
# cat /etc/ssh/sshd_c
Hi Luis (and others),
Since I must run back and forth between the machines, is there any way
to use a sneaker-LAN (e.g. USB memory stick) to transport the keys?
-- ken
On Thu, 2010-03-11 at 16:52 -0500, Kenneth L. Owen wrote:
> Hi Luis,
>
> I really appreciate your help. I've tried the key gene
On Thu, 11 Mar 2010, Kenneth L. Owen wrote:
> Again, no error and prompted for root password which is not accepted.
>
> I have root passwords for both of these machines and have no problem
> elevating to root to execute all other functions.
Are root logins disabled? check /etc/ssh/sshd_config, i
Hi Luis,
I really appreciate your help. I've tried the key generation multiple
times and can't believe that every time I mistype the password! The
keys are phrase-less. /root/.ssh and /var/lib/backuppc/.ssh have 700
permissions. The authorized_keys file has 600 permission. The newly
created k
:)
So,
you may tell us exactly the scp command you are trying (or use ssh-copy-id
command instead, which I recommend).
I would still try to connect between two non root users to see if it also
doesn't work
Are you creating rsa files with or without password?
Wrong permissions for the .ssh dir ma
Look at your /etc/ssh/sshd_config
You may have, for example, PermitRootLogin set to no (I think it is now the
default)
Any way, for ssh backups you only need ssh between backupc users on both
machines if you follow
http://backuppc.sourceforge.net/faq/ssh.html#how_can_client_access_as_root_be_avoi
try to gen new keys in ubuntu server, probaly your keys still in package
openssh-blacklist (sorry i dont remember the name of packet)
try to search for ssh keys blacklist probaly this is the probleman
sorry i dont speak english but the probleman is that.
2010/3/10 Kenneth L. Owen
> Hi Guys and G
Hi Guys and Gals,
I've been running BackupPC for a couple of years now. I started when I
first moved my computing to Linux. It was really tough getting it up
the first time because I was dumber than a newbie! But once up and
running, it works great.
Anyway, I am faced with having to rebuild th
19 matches
Mail list logo
