-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kenneth L. Owen wrote:
> The Archiver machine will also be my daytime workstation in the workshop.
> Therefore, I want to be able to do more than just run BackupPC at night.
> Some software not pertaining to BackupPC will be needed.

Nothing stops you from running other programs, daemons, etc on the
backuppc server...

> Tino, in the original transcript, I didn't show work done on Winserver.
> 
> Maybe I see the problem.  On the winserver end, I put the public key in
> authorized_keys2.  Maybe Ubuntu version uses a different name from Fedora.
> Maybe I should have put the key in authorized_keys.

I've seen authorised_keys2 in some documentation, but have never needed
to use it. I use debian, ubuntu, and a long time ago used redhat (before
RH9) and slackware and have always used ~/.ssh/authorized_keys

> I tried using authorized_keys and got the same result.  The transcript
> follows.  (showing work on both ends) -- ken
> 
>>>> On Archiver:  ip: 192.168.1.106
> ken@Archiver:~$ su -
> Password: 
> root@Archiver:~# su backuppc
> $ whoami
> backuppc
> $ ssh-keygen -t rsa
> Generating public/private rsa key pair.
> Enter file in which to save the key (/var/lib/backuppc/.ssh/id_rsa): 
> Enter passphrase (empty for no passphrase): 
> Enter same passphrase again: 

Did you enter an empty passphrase?

> Your identification has been saved in /var/lib/backuppc/.ssh/id_rsa.
> Your public key has been saved in /var/lib/backuppc/.ssh/id_rsa.pub.
> The key fingerprint is:
> 08:2c:0f:a6:10:c6:6f:8a:0b:e9:1c:a9:1a:e3:30:39 backuppc@Archiver
> 
> $ scp BackupPC_id_rsa.pub [email protected]:/root/.ssh/

You are copying a different file... the above command created
/var/lib/backuppc/.ssh/id_rsa.pub and you are copying BackupPC_id_rsa.pub...

> The authenticity of host '192.168.1.101 (192.168.1.101)' can't be
> established.
> RSA key fingerprint is 71:a1:03:7d:fb:b9:87:1f:32:c7:a3:46:d0:81:2d:af.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '192.168.1.101' (RSA) to the list of known hosts.

This will save you from doing this later, if you configure backuppc to
backup 192.168.1.101 as opposed to the host "someserver" or whatever
name you use.

> [email protected]'s password: 
> BackupPC_id_rsa.pub
> 100%  399     0.4KB/s   00:00    
> 
>>>> On Winserver:  ip:  192.168.1.101 (Also running Ubuntu)
> ken@Winserver:~$ su -
> Password: 
> root@Winserver:~# cd /root/.ssh
> root@Winserver:~/.ssh# ls -al
> total 12
> drwx------  2 root root 4096 2009-01-08 22:58 .
> drwxr-xr-x 10 root root 4096 2009-01-08 22:39 ..
> -rw-r--r--  1 root root  399 2009-01-08 22:58 BackupPC_id_rsa.pub
> 
> root@Winserver:~/.ssh# exit

You forgot to "mv BackupPC_id_rsa.pub authorized_keys"

> logout
>>>>  root account can't run gedit in Ubuntu  <<<
> ken@Winserver:~$ sudo gedit /root/.ssh/BackupPC_id_rsa.pub
> sudo: unable to resolve host Winserver
> [sudo] password for ken: 
> Added:  from="Archiver" at beginning of BackupPC_id_rsa.pub

I would suggest leaving out this restriction until after you get the
basic version working... Just don't forget to add it later.

> ken@Winserver:~$ su -
> Password: 
> root@Winserver:~# cd /root/.ssh
> root@Winserver:~/.ssh# cat BackupPC_id_rsa.pub >> authorized_keys
> root@Winserver:~/.ssh# cat authorized_keys
> from="Archiver" ssh-rsa AAAAB...//...CzFk8lw== backuppc@Archiver
> root@Winserver:~/.ssh# 

OK, so should work now.... assuming the from="Archiver" is satisfied...

BTW, what is "ls -la /root/.ssh" on winserver showing?

>>>> On Archiver:
> $ chmod -R go-rwx *
> $ ls -al
> total 24
> drwx------ 2 backuppc backuppc 4096 2009-01-08 22:58 .
> drwxr-xr-x 9 backuppc backuppc 4096 2009-01-08 12:46 ..
> -rw------- 1 backuppc backuppc  399 2009-01-08 22:57 BackupPC_id_rsa.pub
> -rw------- 1 backuppc backuppc 1675 2009-01-08 22:33 id_rsa
> -rw------- 1 backuppc backuppc  399 2009-01-08 22:33 id_rsa.pub
> -rw------- 1 backuppc backuppc  442 2009-01-08 22:58 known_hosts
> $ ssh -l root 192.168.1.101 whoami
> [email protected]'s password:    <---Here it is asking for root password on
> Winserver
> root
> $

Try ssh -v -l root 192.168.1.101 whoami

Also, on winserver, check /etc/ssh/sshd_conf, I am pretty sure no
changes are needed, but it might be worth checking it, or posting the
contents.

Regards,
Adam

- --
Adam Goryachev
Website Managers
www.websitemanagers.com.au
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklm5OYACgkQGyoxogrTyiXsUwCfQijKef2PBtoLvxnoays0XlKc
nEMAn0WpjMMtwWFDxMdscMAFRBxj+689
=waj0
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/