Re: [BackupPC-users] It's me again, Margret! - ssh-keygen
2009-01-09 01:08:25
Kenneth L. Owen wrote at about 00:20:41 -0500 on Friday, January 9, 2009:
> Tino,
>
> Having gotten accustomed to Fedora, I prefer working as root when required
> instead of having to enter lines twice -- once without sudo, error, then
> retype it with sudo.
I consider that a *feature* rather than a bug -- many times it has
prevented me from doing some bone-headed damaging things (and by the
way I use sudo all the time on Fedora, only using root when I need a
full root shell environment or when I need to park myself in a
directory that is only root-readable)
Also, you don't need to retype -- use bash to recall the previous line
and just add sudo...
Type: sudo !!
Also, root can navigate to some directories that
> normal user can't go. Once I get more used to using sudo, I may put root
> back as it was. This was the ONLY reason for setting a root password.
>
> The backuppc password is only used initially to start BackupPC CGI for
> setup, I think. I haven't gotten that far as yet. BackupPC is installed,
> config.pl has been edited, but backuppc is currently halted until I get the
> keys set. I have my LVM drive to house the backup files mounted and ready.
>
> The Archiver machine will also be my daytime workstation in the workshop.
> Therefore, I want to be able to do more than just run BackupPC at night.
> Some software not pertaining to BackupPC will be needed.
>
> Tino, in the original transcript, I didn't show work done on Winserver.
>
> Maybe I see the problem. On the winserver end, I put the public key in
> authorized_keys2. Maybe Ubuntu version uses a different name from Fedora.
> Maybe I should have put the key in authorized_keys.
Shouldn't make a difference.
Listen, I think it would save you time and hassle if you invested some
time in reading up on ssh rather than trying to get spoon-fed
step-by-step. SSH is a pretty basic utility that has many uses and you
might as well lean how to use it right now since it can be very
helpful in many machine-to-machine communication and admin
activities. Plus, getting it right is critical to your machine
security, so you might as well understand what you are doing. It's not
rocket science -- it just requires a little stepping back and
understanding what public key encryption is all about.
>
> I tried using authorized_keys and got the same result. The transcript
> follows. (showing work on both ends) -- ken
>
> >>> On Archiver: ip: 192.168.1.106
> ken@Archiver:~$ su -
> Password:
> root@Archiver:~# su backuppc
> $ whoami
> backuppc
> $ ssh-keygen -t rsa
> Generating public/private rsa key pair.
> Enter file in which to save the key (/var/lib/backuppc/.ssh/id_rsa):
> Enter passphrase (empty for no passphrase):
> Enter same passphrase again:
> Your identification has been saved in /var/lib/backuppc/.ssh/id_rsa.
> Your public key has been saved in /var/lib/backuppc/.ssh/id_rsa.pub.
> The key fingerprint is:
> 08:2c:0f:a6:10:c6:6f:8a:0b:e9:1c:a9:1a:e3:30:39 backuppc@Archiver
>
> $ scp BackupPC_id_rsa.pub [email protected]:/root/.ssh/
> The authenticity of host '192.168.1.101 (192.168.1.101)' can't be
> established.
> RSA key fingerprint is 71:a1:03:7d:fb:b9:87:1f:32:c7:a3:46:d0:81:2d:af.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '192.168.1.101' (RSA) to the list of known hosts.
> [email protected]'s password:
> BackupPC_id_rsa.pub
> 100% 399 0.4KB/s 00:00
>
> >>> On Winserver: ip: 192.168.1.101 (Also running Ubuntu)
> ken@Winserver:~$ su -
> Password:
> root@Winserver:~# cd /root/.ssh
> root@Winserver:~/.ssh# ls -al
> total 12
> drwx------ 2 root root 4096 2009-01-08 22:58 .
> drwxr-xr-x 10 root root 4096 2009-01-08 22:39 ..
> -rw-r--r-- 1 root root 399 2009-01-08 22:58 BackupPC_id_rsa.pub
>
> root@Winserver:~/.ssh# exit
> logout
> >>> root account can't run gedit in Ubuntu <<<
> ken@Winserver:~$ sudo gedit /root/.ssh/BackupPC_id_rsa.pub
> sudo: unable to resolve host Winserver
> [sudo] password for ken:
> Added: from="Archiver" at beginning of BackupPC_id_rsa.pub
>
> ken@Winserver:~$ su -
> Password:
> root@Winserver:~# cd /root/.ssh
> root@Winserver:~/.ssh# cat BackupPC_id_rsa.pub >> authorized_keys
> root@Winserver:~/.ssh# cat authorized_keys
> from="Archiver" ssh-rsa AAAAB...//...CzFk8lw== backuppc@Archiver
> root@Winserver:~/.ssh#
>
> >>> On Archiver:
> $ chmod -R go-rwx *
> $ ls -al
> total 24
> drwx------ 2 backuppc backuppc 4096 2009-01-08 22:58 .
> drwxr-xr-x 9 backuppc backuppc 4096 2009-01-08 12:46 ..
> -rw------- 1 backuppc backuppc 399 2009-01-08 22:57 BackupPC_id_rsa.pub
> -rw------- 1 backuppc backuppc 1675 2009-01-08 22:33 id_rsa
> -rw------- 1 backuppc backuppc 399 2009-01-08 22:33 id_rsa.pub
> -rw------- 1 backuppc backuppc 442 2009-01-08 22:58 known_hosts
> $ ssh -l root 192.168.1.101 whoami
> [email protected]'s password: <---Here it is asking for root password on
> Winserver
> root
> $
>
> -----Original Message-----
> From: Tino Schwarze [mailto:backuppc.lists AT tisc DOT de]
> Sent: Thursday, January 08, 2009 6:19 PM
> To: backuppc-users AT lists.sourceforge DOT net
> Subject: Re: [BackupPC-users] It's me again, Margret! - ssh-keygen
>
>
>
> ------------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It is the best place to buy or sell services for
> just about anything Open Source.
> http://p.sf.net/sfu/Xq1LFB
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users AT lists.sourceforge DOT net
> List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki: http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
>
------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|
|
|