Les Mikesell wrote:

>> This seems to me rather important.
>> Are you saying that my setup is wrong?
> 
> Yes, although it wouldn't work if you didn't also do it right.  You can
> have as many different keypairs as you like.

I'm not sure what you are saying.
I tried the instructions I gave on a laptop which hadn't been used
with BackupPC, and they seem to work,
ie after running them I can backup a directory on the client OK.
I didn't give any other relevant instructions on client or server.

>> I find your account with "orginator" and "target" difficult to follow,
>> like most of the BackupPC documentation and tutorials.
> 
> There are two machines involved.  The command originates where the ssh
> command is executed - in this case the backuppc server.  The account
> originating the command must have read access to the private part of the
> key pair - in this case the backuppc user.

My humble suggestion is that you consider using the terms
"BackupPC server" and "BackupPC client", which to my mind are unambiguous.
I find when reading documentation on applications involving
more than one computer
that I often do not know which computer the author is referring to.

> No other account or machine
> should be able to read or have a copy of the private part of the key.
> Therefore, the key pair should have been created by running ssh-keygen
> as the backuppc user on the backuppc server.  The remote side or target
> is the one accepting the command via sshd, in this case the client of
> backuppc.  As sshd accepts the connection, it will look for the public
> part of the key under .ssh in the home directory of the user you
> specified for the connection, in this case root.  Sshd will use the
> public key it finds there to verify the identity of the connecting user
> by asking it to do something only possible if the connecting user has
> read access to the private part of the key.  Therefore the relevant
> public key (made as the backuppc user on the backuppc server) needs to
> be in root's home directory on the clients, appended to
> .ssh/authorized_keys or .ssh/authorized_keys2.   Again, this doesn't
> have much to do with backuppc.  It is the way ssh works with any remote
> command.

Is it not possible that running "ssh -l root <client>" on the server
actually sets up the connection appropriately for BackupPC?


-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland


------------------------------------------------------------------------------
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/